EUVD-2018-10854

Malware in sbrugna...

EUVD-2023-39845

Malicious code in bioql PyPI...

CVE-2025-57977

Cross-Site Request Forgery CSRF vulnerability in wpdesk Flexible PDF Invoices for WooCommerce & WordPress flexible-invoices allows Cross Site Request Forgery.This issue affects Flexible PDF Invoices for WooCommerce & WordPress: from n/a through = 6.0.13...

WordPress Flexible PDF Invoices for WooCommerce & WordPress Plugin <= 6.0.13 - Cross Site Request Forgery (CSRF) Vulnerability

Cross Site Request Forgery CSRF Vulnerability discovered by theviper17 in WordPress Plugin Flexible PDF Invoices for WooCommerce & WordPress versions = 6.0.13...

CVE-2025-57977

CVE-2025-57977 is a CSRF vulnerability in the WordPress plugin Flexible PDF Invoices for WooCommerce & WordPress (≤ 6.0.13). Affected component is the plugin’s CSRF handling in the invoice generation/related actions. CVSS metrics from Patchstack/NVD indicate: AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:H w...

varnish security update

varnish 6.0.13-1 - new version 6.0.13 - Resolves: RHEL-30378 - varnish:6/varnish: HTTP/2 Broken Window Attack may result in denial of service CVE-2024-30156 varnish-modules...

VMware Spring Framework 6.0.0 - 6.0.13 DoS Vulnerability

The VMware Spring Framework is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

CVE-2022-44720

An issue was discovered in Weblib Ucopia before 6.0.13. OS Command Injection injection can occur, related to chroot...

Ucopia 安全漏洞

Ucopia Express is a device used for Wifi management by the French company Ucopia. A security vulnerability exists in Ucopia versions prior to 6.0.13, which stems from an SSH server with insecure privileges...

CVE-2023-35852

In Suricata before 6.0.13 when there is an adversary who controls an external source of rules, a dataset filename, that comes from a rule, may trigger absolute or relative directory traversal, and lead to write access to a local filesystem. This is addressed in 6.0.13 by requiring...

UBUNTU-CVE-2023-35852

In Suricata before 6.0.13 when there is an adversary who controls an external source of rules, a dataset filename, that comes from a rule, may trigger absolute or relative directory traversal, and lead to write access to a local filesystem. This is addressed in 6.0.13 by requiring...

SUSE CVE-2021-29477

Redis is an open source BSD licensed, in-memory data structure store, used as a database, cache, and message broker. An integer overflow bug in Redis version 6.0 or newer could be exploited using the STRALGO LCS command to corrupt the heap and potentially result with remote code execution. The...

Arbitrary Code Execution

Overview Affected versions of this package are vulnerable to Arbitrary Code Execution in the way it reads debugging symbols, where reading a malicious symbols file may result in the exploitation of this vulnerability. Remediation Upgrade Microsoft.NETCore.App.Runtime.win-x86 to version 6.0.13,...

GSD-2023-1000048 media: v4l2-dv-timings.c: fix too strict blanking sanity checks

media: v4l2-dv-timings.c: fix too strict blanking sanity checks This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.13 by commit...

GSD-2023-1000047 mm/gup: fix gup_pud_range() for dax

mm/gup: fix guppudrange for dax This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.13 by commit e06d13c36ded750c72521b600293befebb4e56c5, it w...

PT-2023-33135 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.13 Description: The issue is related to the use of kzalloc in fbcon prepare logo. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prior to...

PT-2023-33090 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.13 Description: A memory leak issue exists in the tbnet open function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prior to v6.0.13, update...

PT-2023-33112 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.13 Description: The issue is related to the use of this cpu add in preemptible contexts within the netfilter conntrack component. The actual impact and potential for attacks have not been fully proven...

PT-2023-33133 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.13 Description: The issue is related to the invocation of MMU notifiers in shmem/file collapse paths in the Linux Kernel. The actual impact and attack plausibility have not yet been proven. Recommendations:...

PT-2023-33101 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.0.13 Description: The issue is related to a potential use-after-free in the ravb rx gbeth function. The actual impact and attack plausibility have not yet been proven. It was introduced in version v5.16 and...