Oracle Linux 8 : libxml2 (ELSA-2026-11349)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-11349 advisory. - Fix CVE-2025-9714 RHEL-119279 - Fix CVE-2025-32415 RHEL-100177 - Fix CVE-2025-7425 RHEL-102797 - Fix CVE-2025-6021 RHEL-96498 - Fix CVE-2025-49794 RHEL-96398...

WordPress plugin ShopBuilder – Elementor WooCommerce Builder Addons 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application add-on. There is a...

EUVD-2026-9626

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeGoods Musico musico allows Reflected XSS.This issue affects Musico: from n/a through = 3.2.4...

WordPress MailChimp Campaigns plugin <= 3.2.4 - Missing Authorization to Authenticated (Subscriber+) MailChimp App Disconnection vulnerability

Missing Authorization to Authenticated Subscriber+ MailChimp App Disconnection vulnerability discovered by Nabil Irawan - Heroes Cyber Security in WordPress Plugin MailChimp Campaigns versions = 3.2.4...

CVE-2023-45806

Discourse is an open source platform for community discussion. Prior to version 3.1.3 of the stable branch and version 3.2.0.beta3 of the beta and tests-passed branches, if a user has been quoted and uses a | in their full name, they might be able to trigger a bug that generates a lot of duplicat...

PT-2026-25333

Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.24.0 Description FreeRDP is a free implementation of the Remote Desktop Protocol. A client-side heap out-of-bounds read/write issue exists in FreeRDP's bitmap cache subsystem. This is due to an incorrect boundary...

CVE-2025-11823

The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +21 Modules – All in One Solution plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'buttonexisttext' parameter in the 'wishsuitebutton' shortcode in all versions up to, and including, 3.2.4 due to insufficient...

CVE-2025-8141

The Redirection for Contact Form 7 plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the deleteassociatedfiles function in all versions up to, and including, 3.2.4. This makes it possible for unauthenticated attackers to delete arbitrary fil...

CVE-2025-8289

The Redirection for Contact Form 7 plugin for WordPress is vulnerable to PHP Object Injection in all versions up to, and including, 3.2.4 via deserialization of untrusted input in the deleteassociatedfiles function. This makes it possible for unauthenticated attackers to inject a PHP Object. This...

CVE-2014-1860

Contao CMS through 3.2.4 has PHP Object Injection Vulnerabilities...

WordPress Adsmonetizer plugin <= 3.2.4 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Dimas Maulana in WordPress Plugin Adsmonetizer versions = 3.2.4...

OpenHarmony Security Vulnerabilities

OpenHarmony is a kind of Hongmeng operating system open source project of China OpenAtom Foundation OpenAtom Foundation Foundation. A security vulnerability exists in OpenHarmony version v3.2.4 and earlier versions that originated from a vulnerability that allows a local attacker to cause an...

OpenHarmony Security Vulnerabilities

OpenHarmony is a kind of Hongmeng operating system open source project of China OpenAtom Foundation OpenAtom Foundation Foundation. A security vulnerability exists in OpenHarmony version v3.2.4 and earlier versions, which originated from a vulnerability that allows a local attacker to execute...

DEBIAN-CVE-2023-32324

OpenPrinting CUPS is an open source printing system. In versions 2.4.2 and prior, a heap buffer overflow vulnerability would allow a remote attacker to launch a denial of service DoS attack. A buffer overflow vulnerability in the function formatlogline could allow remote attackers to cause a DoS ...

SUSE CVE-2009-3704

ZoIPer 2.22, and possibly other versions before 2.24 Library 5324, allows remote attackers to cause a denial of service crash via a SIP INVITE request with an empty Call-Info header...

CVE-2022-3244

creationtimestamp| type| source ---|---|--- 2022-10-17 16:13:10+00:00| seen| https://t.me/cibsecurity/51565 2025-05-13 16:30:47+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/16165...

PT-2022-3981

Name of the Vulnerable Software and Affected Versions Apache Hadoop versions prior to 2.10.2 Apache Hadoop versions prior to 3.2.4 Apache Hadoop versions prior to 3.3.3 Description The issue is related to the FileUtil.unTarFile, File API in Apache Hadoop, which does not escape the input file name...

CVE-2022-2324

creationtimestamp| type| source ---|---|--- 2022-07-30 00:13:57+00:00| seen| https://t.me/cibsecurity/47300...

MOXA Moxa MXView 信任管理问题漏洞

MOXA Moxa MXView is a specialized software for managing networks from MOXA Taiwan, China. The software can be used to perform operations such as configuration processing for all devices within a network. Moxa MXView suffers from a trust management issue vulnerability that originates from an...

PT-2021-11711 · Mautic · Mautic

Name of the Vulnerable Software and Affected Versions: Mautic versions prior to 2.16.5 Mautic versions prior to 3.2.4 Description: A cross-site scripting XSS issue in the forms component allows remote attackers to inject executable JavaScript via mauticreturn. This could allow an attacker...