5 matches found
CVE-2025-14450
The Wallet System for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'changewalletfundrequeststatuscallback' function in all versions up to, and including, 2.7.2. This makes it possible for authenticated attackers, with...
CVE-2025-59375
libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing...
PT-2024-39838 · Contemporary Control System · Basrouter Bacnet Basrt-B
Name of the Vulnerable Software and Affected Versions: Contemporary Control System BASrouter BACnet BASRT-B version 2.7.2 Description: A problematic issue was found in the UDP Packet Handler component, leading to denial of service. The manipulation can be initiated remotely. The vendor was...
PT-2019-11539 · Kubernetes · Helm
Name of the Vulnerable Software and Affected Versions: helm versions prior to 2.7.2 Description: The issue concerns improper certificate validation, allowing unauthorized clients to connect to the server because self-signed client certificates were allowed. A malicious client could exploit this b...
DEBIAN-CVE-2018-9988
ARM mbed TLS before 2.1.11, before 2.7.2, and before 2.8.0 has a buffer over-read in sslparseserverkeyexchange that could cause a crash on invalid input...