CVE-2025-31016 WordPress JetWooBuilder plugin <= 2.1.18 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Crocoblock JetWooBuilder jet-woo-builder allows PHP Local File Inclusion.This issue affects JetWooBuilder: from n/a through = 2.1.18...

CVE-2025-30871

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in WP Travel Engine WP Travel Engine allows PHP Local File Inclusion. This issue affects WP Travel Engine: from n/a through 6.3.5...

K000150336: Wireshark/tshark vulnerabilities CVE-2019-9214, CVE-2019-9208, CVE-2019-13619, CVE-2019-10903, and CVE-2019-10901

Security Advisory Description CVE-2019-9214 In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to 2.6.6, the RPCAP dissector could crash. This was addressed in epan/dissectors/packet-rpcap.c by avoiding an attempted dereference of a NULL conversation. CVE-2019-9208 In Wireshark 2.4.0 to 2.4.12 and 2.6.0 to...

CVE-2025-27433

The Manage Bank Statements in SAP S/4HANA allows authenticated attacker to bypass certain functionality restrictions of the application and upload files to a reversed bank statement. This vulnerability has a low impact on the application's integrity, with no effect on confidentiality and...

CVE-2025-27436

CVE-2025-27436 affects SAP S/4HANA: Manage Bank Statements allows an authenticated user to delete the attachment of a posted bank statement due to missing access-control checks. Impact is low on integrity with no confidentiality or availability impact. Root cause described as insufficient authori...

SAP S/4HANA 安全漏洞

SAP S/4HANA is an enterprise resource management software based on the SAP HANA in-memory database system from SAP, Germany. A security vulnerability exists in SAP S/4HANA that stems from bypassing a functionality restriction that could result in uploading files to a reverse bank statement...

Out-of-bounds Write

Vyper is vulnerable to Out-of-bounds Write. The vulnerability is due to improper bounds validation due to the caching of the target location in an AugAssign statement, which prevents re-evaluating the bounds check when modifying a DynArray...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from the misuse of the goto tag in PCI: endpoint, which could lead to a memory leak...

PT-2025-7609 · Full · Full

Name of the Vulnerable Software and Affected Versions: FULL Customer versions 3.1.26 and earlier Description: The issue is related to an Improper Control of Filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion' or PHP Local File Inclusion vulnerability...

CVE-2025-1149 GNU Binutils ld xmalloc.c xstrdup memory leak

A vulnerability was found in GNU Binutils 2.43. It has been classified as problematic. This affects the function xstrdup of the file libiberty/xmalloc.c of the component ld. The manipulation leads to memory leak. It is possible to initiate the attack remotely. The complexity of an attack is rathe...

CVE-2025-22552

Cross-Site Request Forgery CSRF vulnerability in bnielsen Affiliate Disclosure Statement affiliate-disclosure-statement allows Cross Site Request Forgery.This issue affects Affiliate Disclosure Statement: from n/a through = 0.3...

BIT-SUPERSET-2023-40610 Apache Superset: Privilege escalation with default examples database

Improper authorization check and possible privilege escalation on Apache Superset up to but excluding 2.1.2. Using the default examples database connection that allows access to both the examples schema and Apache Superset's metadata database, an attacker using a specially crafted CTE SQL stateme...

CVE-2024-32480

LibreNMS is an open-source, PHP/MySQL/SNMP-based network monitoring system. Versions prior to 24.4.0 are vulnerable to SQL injection. The order parameter is obtained from $request. After performing a string check, the value is directly incorporated into an SQL statement and concatenated, resultin...

CVE-2024-45307

SudoBot, a Discord moderation bot, is vulnerable to privilege escalation and exploit of the -config command in versions prior to 9.26.7. Anyone is theoretically able to update any configuration of the bot and potentially gain control over the bot's settings. Every version of v9 before v9.26.7 is...

CVE-2025-24782

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in wpWax Post Grid, Slider & Carousel Ultimate allows PHP Local File Inclusion. This issue affects Post Grid, Slider & Carousel Ultimate: from n/a through 1.6.10...

PT-2025-5225 · Unknown · Webarea Background Animation Blocks

Name of the Vulnerable Software and Affected Versions: WebArea Background animation blocks versions 2.1.5 and earlier Description: The issue is related to improper control of filename for Include/Require Statement in PHP Program, also known as 'PHP Remote File Inclusion', which allows PHP Local...

Selesta Visual Access Manager SQL Injection Vulnerability (CNVD-2025-22654)

Selesta Visual Access Manager is a visual access manager from Selesta. A SQL injection vulnerability exists in Selesta Visual Access Manager. The vulnerability stems from the application's lack of validation of externally entered SQL statements and is exploited by an attacker to perform SQL...

MonetDB 安全漏洞

MonetDB is an open source column-oriented relational database management system from MonetDB Open Source. A security vulnerability exists in MonetDB version v11.49.1, which stems from an issue contained in the dameraulevenshtein component. An attacker exploiting this vulnerability could cause a...

Virtuoso Open-Source Edition 安全漏洞

Virtuoso Open-Source Edition is a high-performance and scalable multi-model RDBMS, data integration middleware, linked data deployment, and HTTP application server platform open-sourced by OpenLink Software. A security vulnerability exists in Virtuoso Open-Source Edition version v7.2.11, which...

MonetDB 安全漏洞

MonetDB is an open source column-oriented relational database management system from MonetDB Open Source. A security vulnerability exists in MonetDB version v11.47.11, which stems from an issue contained in the BATcalcbetweenintern component. An attacker exploiting this vulnerability could cause ...