EUVD-2025-209195

A type confusion issue was addressed with improved memory handling. This issue is fixed in macOS Sequoia 15.6, macOS Sonoma 14.7.7, macOS Ventura 13.7.7. An attacker may be able to cause unexpected app termination...

CVE-2026-25357 WordPress Ultimate Membership Pro plugin <= 13.7 - Account Takeover vulnerability

Authentication Bypass Using an Alternate Path or Channel vulnerability in azzaroco Ultimate Membership Pro indeed-membership-pro allows Authentication Abuse.This issue affects Ultimate Membership Pro: from n/a through = 13.7...

CVE-2026-25357

CVE-2026-25357 describes an authentication bypass in azzaroco Ultimate Membership Pro (indeed-membership-pro) for WordPress, allowing authentication abuse via an alternate path or channel. The issue affects versions n/a through 13.7; CVSSv3.1 base score 8.1 (HIGH) with NETWORK attack vector, LOW ...

PT-2026-27918

Name of the Vulnerable Software and Affected Versions azzaroco Ultimate Membership Pro versions n/a through 13.7 Description An authentication bypass issue exists in azzaroco Ultimate Membership Pro indeed-membership-pro, allowing for authentication abuse. The issue involves using an alternate pa...

CVE-2021-22166

An attacker could cause a Prometheus denial of service in GitLab 13.7+ by sending an HTTP request with a malformed method...

CVE-2025-34467 ZwiiCMS < 13.7.00 Lock Persistence Authenticated DoS Against Administrative Pages

ZwiiCMS versions prior to 13.7.00 contain a denial-of-service vulnerability in multiple administrative endpoints due to improper authorization checks combined with flawed resource state management. When an authenticated low-privilege user requests an administrative page, the application returns...

CVE-2025-67558 WordPress Rencontre plugin <= 3.13.7 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Jacques Malgrange Rencontre rencontre allows Stored XSS.This issue affects Rencontre: from n/a through = 3.13.7...

Brother iPrint&Scan 安全漏洞

Brother iPrint&Scan is a free application from Brother that allows you to print and scan from your Android device. A security vulnerability exists in Brother iPrint&Scan version 6.13.7 and earlier, which stems from improper use of the external cache directory and could result in files being...

CVE-2025-59693

The Chassis Management Board in Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allows a physically proximate attacker to obtain debug access and escalate privileges by bypassing the tamper label and opening the chassis without leaving evidence, and accessing th...

EUVD-2025-200257

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker to escalate privileges by editing the Legacy GRUB bootloader configuration to start a root shell upon boot of the host OS. This is called F06...

EUVD-2025-200255

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker to escalate privileges by booting from a USB device with a valid root filesystem. This occurs because of insecure default settings in the Legacy GRUB Bootloader...

EUVD-2025-200256

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, might allow a physically proximate attacker to gain access to the EOL legacy bootloader...

CVE-2025-59695

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a user with OS root access to alter firmware on the Chassis Management Board without Authentication. This is called F04...

CVE-2025-59700

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, allow a physically proximate attacker with root access to modify the Recovery Partition because of a lack of integrity protection...

PT-2025-48692

Name of the Vulnerable Software and Affected Versions Entrust nShield Connect XC versions through 13.6.11 Entrust nShield 5c versions through 13.6.11 Entrust nShield HSMi versions through 13.6.11 Entrust nShield Connect XC version 13.7 Entrust nShield 5c version 13.7 Entrust nShield HSMi version...

CVE-2025-59698

Entrust nShield Connect XC, nShield 5c, and nShield HSMi through 13.6.11, or 13.7, might allow a physically proximate attacker to gain access to the EOL legacy bootloader...

CVE-2025-59701

Summary: CVE-2025-59701 affects Entrust nShield Connect XC, nShield 5c, and nShield HSMi up to version 13.6.11 or 13.7. The vulnerability arises because the Appliance SSDs are unencrypted, allowing a physically proximate attacker with elevated privileges to read and modify SSD contents. The avail...

CVE-2025-11980 Quick Featured Images <= 13.7.3 - Authenticated (Editor+) SQL Injection via delete_orphaned

The Quick Featured Images plugin for WordPress is vulnerable to SQL Injection via the 'deleteorphaned' function in all versions up to, and including, 13.7.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...

WordPress plugin Quick Featured Images SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin.... A SQL injection...

CVE-2025-59579

Insertion of Sensitive Information Into Sent Data vulnerability in PressTigers Simple Job Board simple-job-board allows Retrieve Embedded Sensitive Data.This issue affects Simple Job Board: from n/a through = 2.13.7...