7 matches found
CVE-2026-24656
Deserialization of Untrusted Data vulnerability in Apache Karaf Decanter. The Decanter log socket collector exposes the port 4560, without authentication. If the collector exposes allowed classes property, this configuration can be bypassed. It means that the log socket collector is vulnerable to...
CVE-2026-24656 Apache Karaf: Decanter log-socket collector has deserialization vulnerability
Deserialization of Untrusted Data vulnerability in Apache Karaf Decanter. The Decanter log socket collector exposes the port 4560, without authentication. If the collector exposes allowed classes property, this configuration can be bypassed. It means that the log socket collector is vulnerable to...
WordPress bidorbuy Store Integrator plugin <= 2.12.0 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by Skalucy in WordPress Plugin bidorbuy Store Integrator versions = 2.12.0...
CVE-2025-48100 WordPress bidorbuy Store Integrator plugin <= 2.12.0 - Remote Code Execution (RCE) vulnerability
Improper Control of Generation of Code 'Code Injection' vulnerability in extremeidea bidorbuy Store Integrator allows Remote Code Inclusion. This issue affects bidorbuy Store Integrator: from n/a through 2.12.0...
CVE-2025-48100 WordPress bidorbuy Store Integrator plugin <= 2.12.0 - Remote Code Execution (RCE) vulnerability
Improper Control of Generation of Code 'Code Injection' vulnerability in extremeidea bidorbuy Store Integrator bidorbuystoreintegrator allows Remote Code Inclusion.This issue affects bidorbuy Store Integrator: from n/a through = 2.12.0...
PT-2025-1450 · Storeapps · Putler Connector For Woocommerce
Name of the Vulnerable Software and Affected Versions: Putler Connector for WooCommerce versions n/a through 2.12.0 Description: A Missing Authorization issue is present in the Putler / Storeapps Putler Connector for WooCommerce. This issue allows for unauthorized access. Recommendations: For...
Incorrect Calculation of Buffer Size
Overview Affected versions of this package are vulnerable to Incorrect Calculation of Buffer Size via tf.keras.losses.poisson which receives a ypred and ytrue that are passed through functor::mul in BinaryOp. If the resulting dimensions overflow an int32, TensorFlow will crash due to a size...