WordPress Schema & Structured Data for WP & AMP plugin <= 1.54 - Authenticated (Contributor+) Stored Cross-Site Scripting via User Custom Schema vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via User Custom Schema vulnerability discovered by type5afe in WordPress Plugin Schema & Structured Data for WP & AMP versions = 1.54...

apache-avro: Schema parsing may trigger Remote Code Execution (RCE)

A vulnerability was found in Apache Avro. The project is affected and at risk if it accepts an org.apache.Avro/avroAvro schema for parsing provided by an end user. This flaw allows an attacker to trigger remote code execution by using the special "java-class" attribute...

apache-avro: Schema parsing may trigger Remote Code Execution (RCE)

A vulnerability was found in Apache Avro. The project is affected and at risk if it accepts an org.apache.Avro/avroAvro schema for parsing provided by an end user. This flaw allows an attacker to trigger remote code execution by using the special "java-class" attribute...

GHSA-XHQQ-554J-P4X8 phpMyAdmin Directory Traversal Vulnerability

Multiple directory traversal vulnerabilities in the relational schema implementation in phpMyAdmin 3.4.x before 3.4.3.2 allow remote authenticated users to include and execute arbitrary local files via directory traversal sequences in an export type field, related to 1...