CVE-2026-25032

CVE-2026-25032 affects WordPress Ricky theme versions prior to 2.31. The issue is a Deserialization of Untrusted Data vulnerability that allows PHP Object Injection via the Ricky theme’s deserialization path. Current sources describe the affected component as the Ricky WordPress theme and indicat...

WordPress plugin Ricky 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Versions...

Arbitrary File Upload

Overview Affected versions of this package are vulnerable to Arbitrary File Upload via the media upload functionality. An attacker can execute arbitrary code on the server by uploading a specially crafted PHP file after authenticating. Remediation Upgrade dotclear/dotclear to version 2.31 or...

CVE-2021-38713

imgURL 2.31 allows XSS via an X-Forwarded-For HTTP header...

Debian: Security Advisory (DLA-4143-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

WordPress plugin Pure Chat – Live Chat & More! 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists i...

WordPress plugin Post Duplicator 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

CVE-2024-46453

A cross-site scripting XSS vulnerability in the component /test/ of iq3xcite v2.31 to v3.05 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

D-link DSL-2888A 安全漏洞

The D-link DSL-2888A is a Unified Services Router from China AUO D-link. An information disclosure vulnerability exists in D-Link DSL-2888A devices with firmware prior to AU2.31V1.1.47ae55, which originates from the disclosure of sensitive information in the response body, such as hashed admin...

CVE-2019-19126

On the x86-64 architecture, the GNU C Library aka glibc before 2.31 fails to ignore the LDPREFERMAP32BITEXEC environment variable during program execution after a security transition, allowing local attackers to restrict the possible mapping addresses for loaded libraries and thus bypass ASLR for...

DEBIAN-CVE-2018-20002

The bfdgenericreadminisymbols function in syms.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.31, has a memory leak via a crafted ELF file, leading to a denial of service memory consumption, as demonstrated by nm...

Security update for binutils (moderate)

This update for binutils to version 2.31 fixes the following issues: These security issues were fixed: - CVE-2017-15996: readelf allowed remote attackers to cause a denial of service excessive memory allocation or possibly have unspecified other impact via a crafted ELF file that triggered a buff...

openSUSE: Security Advisory for binutils (openSUSE-SU-2018:3223-1)

The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

GNU libiberty Denial of Service Vulnerability

GNU Binutils a.k.a. GNU Binary Utilities or binutils is a set of programming language utilities developed by the GNU Project to work with target files in a variety of formats, with connectors, assemblers, and other tools for working with target files and archives. libiberty is one of the librarie...

GNU Binutils GNU libiberty 'work_stuff_copy_to_from' function denial of service vulnerability

GNU Binutils also known as GNU Binary Utilities or binutils is a group of programming language utility programs developed by the GNU Project to work with target files in a variety of formats, with connectors, assemblers, and other tools for target files and archives.GNU libiberty is one of the GN...

GNU Binutils 'reloc.c' Denial of Service Vulnerability

GNU Binutils a.k.a. GNU Binary Utilities or binutils is a set of programming language utilities developed by the GNU Project to work with object files in a variety of formats, with connectors, assemblers, and other tools for object files and archives.The Binary File Descriptor BFD library a.k.a...

openSUSE Security Update : seamonkey (openSUSE-SU-2014:1656-1)

seamonkey was updated to version 2.31 to fix eight security issues. These security issues were fixed : - Miscellaneous memory safety hazards CVE-2014-1587, CVE-2014-1588. - XBL bindings accessible via improper CSS declarations CVE-2014-1589. - XMLHttpRequest crashes with some input streams...

openSUSE Security Update : seamonkey (openSUSE-SU-2014:1655-1)

seamonkey was updated to version 2.31 to fix 20 security issues. These security issues were fixed : - Miscellaneous memory safety hazards CVE-2014-1587, CVE-2014-1588. - XBL bindings accessible via improper CSS declarations CVE-2014-1589. - XMLHttpRequest crashes with some input streams...

PMOS Help Desk 2.3 ticketview.php Multiple Parameter XSS

No description provided by source. source: http://www.securityfocus.com/bid/21250/info InverseFlow Help Desk is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecting user in the context...

PMOS Help Desk 2.3 - 'ticket.php?email' Cross-Site Scripting

source: https://www.securityfocus.com/bid/21250/info InverseFlow Help Desk is prone to multiple cross-site scripting vulnerabilities. An attacker may leverage these issues to have arbitrary script code execute in the browser of an unsuspecting user in the context of the affected site. This may he...