CVE-2025-68521

Missing Authorization vulnerability in wpstream WpStream wpstream allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WpStream: from n/a through = 4.9.5...

CVE-2025-68521 WordPress WpStream plugin <= 4.9.5 - Broken Access Control vulnerability

Missing Authorization vulnerability in wpstream WpStream wpstream allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WpStream: from n/a through = 4.9.5...

CVE-2025-68522

The CVE-2025-68522 entry applies to the WordPress WpStream plugin, specifically versions ≤ 4.9.5. The underlying issue is a Missing Authorization / Broken Access Control caused by incorrectly configured access control security levels, which could allow an attacker to access resources or actions t...

CVE-2025-68522 WordPress WpStream plugin <= 4.9.5 - Broken Access Control vulnerability

Missing Authorization vulnerability in wpstream WpStream wpstream allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WpStream: from n/a through = 4.9.5...

EUVD-2018-2181

Malware in sbrugna...

EUVD-2024-30715

Malicious code in bioql PyPI...

EUVD-2023-3124

Malicious code in bioql PyPI...

EUVD-2025-13743

Malicious code in bioql PyPI...

EUVD-2024-30716

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2018-10102

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Before WordPress 4.9.5, the version string was not escaped in the getthegenerator function, and could lead to XSS in a generator tag. CVE-2018-10102 Note that...

CVE-2025-47649

Path Traversal: '.../...//' vulnerability in StackWC Open Close WooCommerce Store woc-open-close allows PHP Local File Inclusion.This issue affects Open Close WooCommerce Store: from n/a through = 4.9.9...

CVE-2024-35718

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Tribulant Newsletters allows Reflected XSS.This issue affects Newsletters: from n/a through 4.9.5...

SUSE-SU-2025:20013-1 Security update for podman

This update for podman fixes the following issues: - CVE-2024-6104: Fixed dependency issue with go-retryablehttp: url might write sensitive information to log file bsc1227052. - Update to version 4.9.5: Bump to v4.9.5 Update release notes for v4.9.5 fix "concurrent map writes" in network ls compa...

PT-2025-3084 · Hasleo · Hasleo Backup Suite Free

Name of the Vulnerable Software and Affected Versions: Hasleo Backup Suite Free versions prior to 4.9.5 Description: The issue concerns insecure permissions through the file recovery function. This allows for potential unauthorized access or manipulation of files. Recommendations: For versions...

WordPress plugin WooCommerce PDF Vouchers 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A path traversal...

PT-2024-28590

Name of the Vulnerable Software and Affected Versions WooCommerce PDF Vouchers versions prior to 4.9.5 Description The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Reflected XSS attacks. Recommendations Fo...

SUSE SLES15 Security Update : podman (SUSE-SU-2024:2050-2)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2050-2 advisory. - Update to version 4.9.5 - CVE-2024-3727: Fixed a flaw that allowed attackers to trigger unexpected authenticated registry accesse...

SUSE-SU-2024:2050-2 Security update for podman

This update for podman fixes the following issues: - Update to version 4.9.5 - CVE-2024-3727: Fixed a flaw that allowed attackers to trigger unexpected authenticated registry accesses on behalf of a victim user, causing resource exhaustion, local path traversal, and other attacks. bsc1224122 -...

CVE-2024-6465

CVE-2024-6465 : The WP Links Page plugin for WordPress allows unauthorized modification of data due to a missing capability check in wplf_ajax_update_screenshots. This affects all versions up to and including 4.9.5. Authenticated attackers with Subscriber-level access and above can regenerate the...

SUSE SLES15 Security Update : podman (SUSE-SU-2024:2090-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2024:2090-1 advisory. - Update to version 4.9.5 - CVE-2024-3727: Fixed a flaw that allowed attackers to trigger unexpected authenticated registry accesse...