2120 matches found
MonetDB 安全漏洞
MonetDB is an open source column-oriented relational database management system from MonetDB Open Source. A security vulnerability exists in MonetDB version v11.47.11 that stems from an issue contained in the trimchars component. An attacker exploiting this vulnerability could cause a denial of...
MonetDB 安全漏洞
MonetDB is an open source column-oriented relational database management system from MonetDB Open Source. A security vulnerability exists in MonetDB version v11.49.1, which stems from an issue contained in the expatom component. An attacker exploiting this vulnerability could cause a denial of...
MonetDB 安全漏洞
MonetDB is an open source column-oriented relational database management system from MonetDB Open Source. A security vulnerability exists in MonetDB version v11.49.1, which stems from an issue contained in the matjoin2 component. An attacker exploiting this vulnerability could cause a denial of...
MonetDB 安全漏洞
MonetDB is an open source column-oriented relational database management system from MonetDB Open Source. A security vulnerability exists in MonetDB version v11.49.1, which stems from an issue contained in the mergetablepruneandunionize component. An attacker exploiting this vulnerability could...
SUSE: Security Advisory (SUSE-SU-2025:0055-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2025-22508 WordPress FAT Event Lite plugin <= 1.1 - Unauthenticated Non-Arbitrary Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Roninwp FAT Event Lite allows PHP Local File Inclusion.This issue affects FAT Event Lite: from n/a through 1.1...
CVE-2025-22552
Cross-Site Request Forgery CSRF vulnerability in bnielsen Affiliate Disclosure Statement affiliate-disclosure-statement allows Cross Site Request Forgery.This issue affects Affiliate Disclosure Statement: from n/a through = 0.3...
CVE-2025-22552 WordPress Affiliate Disclosure Statement plugin <= 0.3 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery CSRF vulnerability in bnielsen Affiliate Disclosure Statement affiliate-disclosure-statement allows Cross Site Request Forgery.This issue affects Affiliate Disclosure Statement: from n/a through = 0.3...
CVE-2025-22552 WordPress Affiliate Disclosure Statement plugin <= 0.3 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery CSRF vulnerability in Jason Keeley, Bryan Nielsen Affiliate Disclosure Statement allows Cross Site Request Forgery.This issue affects Affiliate Disclosure Statement: from n/a through 0.3...
WordPress Affiliate Disclosure Statement plugin <= 0.3 - CSRF to Stored XSS vulnerability
CSRF to Stored XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Affiliate Disclosure Statement versions = 0.3...
WordPress plugin Affiliate Disclosure Statement 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...
WordPress plugin WPMozo Addons Lite for Elementor 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability...
PT-2025-4543 · Unknown · Affiliate Disclosure Statement
Name of the Vulnerable Software and Affected Versions: Affiliate Disclosure Statement versions n/a through 0.3 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability that allows Cross Site Request Forgery. This is a type of attack where an attacker tricks a user into performing...
CVE-2024-56550
In the Linux kernel, the following vulnerability has been resolved: s390/stacktrace: Use break instead of return statement archstackwalkusercommon contains a return statement instead of a break statement in case storeip fails while trying to store a callchain entry of a user space process. This m...
CVE-2024-56550 s390/stacktrace: Use break instead of return statement
In the Linux kernel, the following vulnerability has been resolved: s390/stacktrace: Use break instead of return statement archstackwalkusercommon contains a return statement instead of a break statement in case storeip fails while trying to store a callchain entry of a user space process. This m...
CVE-2024-56550
The CVE-2024-56550 affects the Linux kernel (s390 architecture). The underlying issue was a return statement in arch_stack_walk_user_common() that could be executed when store_ip() fails, instead of a break. This could skip pagefault_enable(), causing subsequent page faults to be mishandled and p...
CVE-2024-55633
Improper Authorization vulnerability in Apache Superset. On Postgres analytic databases an attacker with SQLLab access can craft a specially designed SQL DML statement that is Incorrectly identified as a read-only query, enabling its execution. Non postgres analytics database connections and...
CVE-2024-55633
CVE-2024-55633 is an Improper Authorization vulnerability in Apache Superset. An attacker with SQLLab access to a PostgreSQL analytic database can craft a SQL DML statement that is incorrectly identified as a read-only query, allowing its execution. The issue does not affect non-PostgreSQL analyt...
CVE-2024-53739
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Cool Plugins Cryptocurrency Widgets For Elementor allows PHP Local File Inclusion.This issue affects Cryptocurrency Widgets For Elementor: from n/a through 1.6.4...
CVE-2024-9828 Taskbuilder < 3.0.5 - Admin+ SQL Injection
The Taskbuilder WordPress plugin before 3.0.5 does not sanitize user input into the 'loadorders' parameter and uses it in a SQL statement, allowing high privilege users such as admin to perform SQL Injection attacks...