CVE-2025-66489

Cal.com is open-source scheduling software. Prior to 5.9.8, A flaw in the login credentials provider allows an attacker to bypass password verification when a TOTP code is provided, potentially gaining unauthorized access to user accounts. This issue exists due to problematic conditional logic in...

CVE-2025-60359

radare2 v5.9.8 and before contains a memory leak in the function rbinobjectnew...

radare2 安全漏洞

Radare2 is a Libre reverse framework for Unix geeks open-sourced by Radare. A security vulnerability exists in radare2 version 5.9.8 and earlier, which stems from a memory leak in the bochsopen function...

CVE-2025-60361

radare2 v5.9.8 and before contains a memory leak in the function bochsopen...

CVE-2025-60358

radare2 v.5.9.8 and before contains a memory leak in the function loadrelocations...

EUVD-2024-17037

Malicious code in bioql PyPI...

CVE-2020-35037

The Events Manager WordPress plugin before 5.9.8 does not sanitise and escape some search parameter before outputing them in pages, which could lead to Cross-Site Scripting issues...

CVE-2025-26923

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Bastien Ho Event post event-post allows Stored XSS.This issue affects Event post: from n/a through = 5.9.8...

openSUSE Security Advisory (openSUSE-SU-2024:0396-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

OPENSUSE-SU-2024:0397-1 Security update for radare2

This update for radare2 fixes the following issues: Update to version 5.9.8: - CVE-2024-29645: buffer overflow vulnerability allows an attacker to execute arbitrary code via the parsedie function boo1234065. - For more details, check full release notes:...

OPENSUSE-SU-2024:0396-1 Security update for radare2

This update for radare2 fixes the following issues: Update to version 5.9.8: - CVE-2024-29645: buffer overflow vulnerability allows an attacker to execute arbitrary code via the parsedie function boo1234065. - For more details, check full release notes:...

WordPress Plugin Essential Addons for Elementor Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

PT-2024-17208 · WordPress · Essential Addons For Elementor

Name of the Vulnerable Software and Affected Versions: The Essential Addons for Elementor plugin for WordPress versions up to, and including, 5.9.8 Description: The issue is related to Stored Cross-Site Scripting via the plugin's Accordion widget due to insufficient input sanitization and output...

PT-2024-17199 · WordPress · Essential Addons For Elementor

Name of the Vulnerable Software and Affected Versions: The Essential Addons for Elementor plugin for WordPress versions up to, and including, 5.9.8 Description: The issue is related to Stored Cross-Site Scripting via the plugin's Filterable Gallery Widget due to insufficient input sanitization an...

PT-2024-17568 · WordPress · Essential Addons For Elementor

Name of the Vulnerable Software and Affected Versions: The Essential Addons for Elementor plugin for WordPress versions up to, and including, 5.9.8 Description: The issue is related to Stored Cross-Site Scripting due to insufficient input sanitization and output escaping in the label icon paramet...

WordPress Essential Addons for Elementor Plugin <= 5.9.8 is vulnerable to Cross Site Scripting (XSS)

Software Essential Addons for Elementor Type Plugin Vulnerable versions = 5.9.8 Fixed in 5.9.9 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1236 Patch priority Low CVSS severity Low 6.5 Developer WPDeveloper PSID d6ca33ddcb52 Credits Webbernaut...

WordPress Essential Addons for Elementor Plugin <= 5.9.8 is vulnerable to Cross Site Scripting (XSS)

Software Essential Addons for Elementor Type Plugin Vulnerable versions = 5.9.8 Fixed in 5.9.9 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1276 Patch priority Low CVSS severity Low 6.5 Developer WPDeveloper PSID b864b4f9f50d Credits RandomRoot...

PT-2021-11708 · WordPress · Events Manager

Name of the Vulnerable Software and Affected Versions: Events Manager WordPress plugin versions prior to 5.9.8 Description: The issue is related to an SQL Injection. The problem arises because a parameter is not properly sanitised and escaped before being used in a SQL statement. Recommendations:...

[SECURITY] Fedora 33 Update: kernel-5.9.8-200.fc33

The kernel meta package...