16 matches found
CVE-2026-6227
The BackWPup plugin for WordPress is vulnerable to Local File Inclusion via the blockname parameter of the /wp-json/backwpup/v1/getblock REST endpoint in all versions up to, and including, 5.6.6 due to a non-recursive strreplace sanitization of path traversal sequences. This makes it possible for...
EUVD-2019-5548
Malware in sbrugna...
EUVD-2023-1739
Malicious code in bioql PyPI...
CVE-2023-34246
Doorkeeper is an OAuth 2 provider for Ruby on Rails / Grape. Prior to version 5.6.6, Doorkeeper automatically processes authorization requests without user consent for public clients that have been previous approved. Public clients are inherently vulnerable to impersonation, their identity cannot...
WordPress plugin DeBounce Email Validator 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin ... The WordPress plugin...
WolfSSL suffers from an unspecified vulnerability (CNVD-2024-37445)
wolfSSL CyaSSL is the United States wolfSSL company for embedded systems developers to use a small, portable embedded SSL programming library. A security vulnerability exists in WolfSSL version 5.6.6, which can be exploited by remote attackers to disclose information and elevate privileges via a...
CVE-2023-52117
Missing Authorization vulnerability in Metagauss ProfileGrid.This issue affects ProfileGrid: from n/a through 5.6.6...
PT-2024-14414 · Metagauss · Metagauss Profilegrid
Name of the Vulnerable Software and Affected Versions: Metagauss ProfileGrid versions 5.6.6 and earlier Description: A Missing Authorization issue has been identified. This issue affects Metagauss ProfileGrid, allowing potential unauthorized access. Recommendations: For Metagauss ProfileGrid...
Authorization
Doorkeeper is an OAuth 2 provider for Ruby on Rails / Grape. Prior to version 5.6.6, Doorkeeper automatically processes authorization requests without user consent for public clients that have been previous approved. Public clients are inherently vulnerable to impersonation, their identity cannot...
CVE-2023-34246 Doorkeeper Improper Authentication vulnerability
Doorkeeper is an OAuth 2 provider for Ruby on Rails / Grape. Prior to version 5.6.6, Doorkeeper automatically processes authorization requests without user consent for public clients that have been previous approved. Public clients are inherently vulnerable to impersonation, their identity cannot...
CVE-2022-41805
Cross-Site Request Forgery CSRF vulnerability in Booster for WooCommerce plugin = 5.6.6 on WordPress...
heap-buffer-overflow
Description Whilst experimenting with radare2, built from version 5.6.6, we are able to induce a vulnerability at bindyldcache.c:125 in function va2pa , using radare2 as a harness. 118: static ut64 va2pauint64t addr, ut32 nmaps, cachemapt maps, RBuffer cachebuf, ut64 slide, ut32 offset, ut32 left...
Radare2 post-release reuse vulnerability
Radare2 is a set of libraries and tools for working with binaries. a post-release reuse vulnerability exists in versions of Radare2 prior to 5.6.6, which stems from a confusion in the opissetbp directive responsible for freeing memory in radare2 5.6.6. An attacker could exploit this vulnerability...
CVE-2022-1031
Use After Free in opissetbp in GitHub repository radareorg/radare2 prior to 5.6.6...
Moderate: Red Hat Security Advisory: security update - Red Hat Ansible Tower 3.7 runner release (CVE-2019-18874)
Red Hat Ansible Tower 3.7 runner release CVE-2019-18874 Updated python-psutil version to 5.6.6 inside ansible-runner container CVE-2019-18874...
PHP < 5.4.38, 5.5.x < 5.5.22, 5.6.x < 5.6.6 XSS Vulnerability (Aug 2016) - Windows
PHP is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:php:php"; if descriptio...