CVE-2025-69297 WordPress Aardvark Plugin plugin <= 2.19 - Broken Access Control vulnerability

Missing Authorization vulnerability in GhostPool Aardvark Plugin aardvark-plugin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Aardvark Plugin: from n/a through = 2.19...

PT-2026-21125

Name of the Vulnerable Software and Affected Versions GhostPool Aardvark Plugin aardvark-plugin versions through 2.19 Description An authorization issue exists in the GhostPool Aardvark Plugin. The issue involves incorrectly configured access control security levels, potentially allowing...

Typemill security vulnerabilities

Typemill is a lightweight flat-file CMS developed by Typemill OpenSource, designed for micro-publishers. Versions of Typemill 2.19.1 and earlier contained security vulnerabilities. These vulnerabilities were caused by missing context encoding in the username field of the login view template, whic...

WordPress plugin ARK Related Posts 跨站请求伪造漏洞

...

EUVD-2000-0887

Malware in sbrugna...

CVE-2025-28041

Incorrect access control in the doFilter function of itranswarp up to 2.19 allows attackers to access sensitive components without authentication...

CVE-2025-28041

The CVE-2025-28041 entry concerns iTranswarp (CMS) versions up to 2.19 with a root cause of incorrect access control in the doFilter function. This allows unauthenticated actors to access sensitive components. Public reports from multiple sources (including Red Hat and CNNVD) confirm the same des...

Linux Distros Unpatched Vulnerability : CVE-2024-45160

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Incorrect credential validation in LemonLDAP::NG 2.18.x and 2.19.x before 2.19.2 allows attackers to bypass OAuth2 client authentication via an empty...

CVE-2024-54160

dashboards-reporting aka Dashboards Reports before 2.19.0.0, as shipped in OpenSearch before 2.19, allows XSS because Markdown is not sanitized when previewing a header or footer...

CVE-2024-54160

dashboards-reporting aka Dashboards Reports before 2.19.0.0, as shipped in OpenSearch before 2.19, allows XSS because Markdown is not sanitized when previewing a header or footer...

Cross site scripting

A vulnerability was found in meta4creations Post Duplicator Plugin 2.18 on WordPress. It has been classified as problematic. Affected is the function mtphrpostduplicatornotice of the file includes/notices.php. The manipulation of the argument post-duplicated leads to cross site scripting. It is...

PT-2022-19376 · Jenkins · Jenkins Cas Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins CVS Plugin versions 2.19 and earlier Description: The issue results in a stored cross-site scripting XSS vulnerability. This occurs because the name and description of CVS Symbolic Name parameters on views displaying parameters are no...

CloudBees Jenkins Active Directory Plugin Authorization Issue Vulnerability (CNVD-2020-62249)

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . Active Directory Plugin is used in one of th...

CloudBees Jenkins Active Directory Plugin Authorization Issue Vulnerability (CNVD-2020-61923)

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . Active Directory Plugin is used in which an...

CloudBees Jenkins Active Directory Plugin Cross-Site Request Forgery Vulnerability

CloudBees Jenkins Hudson Labs is the United States CloudBees company's set of Java-based development of continuous integration tools . The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . Active Directory Plugin is used in one of th...

PT-2018-13814

Name of the Vulnerable Software and Affected Versions stb image.h version 2.19 Description The issue is a heap-based buffer overflow in the stbi out gif code function. This problem affects products that use stb image.h, including catimg and Emscripten. Recommendations For stb image.h version 2.19...

IPFire &lt; 2.19 Update Core 110 - Remote Code Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'IPFire proxy.cgi RCE', 'Description' = %q IPFire, a free linux based open source firewall distribution, version 'h00die ', module '0x09AL'...

IPFire proxy.cgi Remote Command Execution

This module requires Metasploit: http://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class MetasploitModule 'IPFire proxy.cgi RCE', 'Description' = %q IPFire, a free linux based open source firewall distribution, version 'h00die ', modu...

update to SeaMonkey 2.19 (important)

Seamonkey was updated to version 2.19 MFSA 2013-49/CVE-2013-1682/CVE-2013-1683 Miscellaneous memory safety hazards MFSA 2013-50/CVE-2013-1684/CVE-2013-1685/CVE-2013-1686 Memory corruption found using Address Sanitizer MFSA 2013-51/CVE-2013-1687 bmo863933, bmo866823 Privileged content access and...

thttpd-219.txt

thttpd 2.19 and earlier server-side-includes CGI program ssi allows retrieval of arbitrary world-readable files Date: October 2, 2000 Application: thttpd 2.19 and before Author: ghandi Vendor Status: merged patches into thttpd 2.20 Fix: upgrade into thttpd 2.20 1. Description The included cgi-bin...