EUVD-2025-200239

Directory traversal vulnerability in SOLIDserver IPAM v8.2.3. This vulnerability allows an authenticated user with administrator privileges to list directories other than those to which the have authorized access using the 'directory' parameter in '/mod/ajax.php?action=sections/list/list'.For...

openSUSE 16 Security Update : redis (openSUSE-SU-2025:20121-1)

The remote openSUSE 16 host has a package installed that is affected by multiple vulnerabilities as referenced in the openSUSE-SU-2025:20121-1 advisory. - Updated to 8.2.3 boo1252996 CVE-2025-62507 https://github.com/redis/redis/releases/tag/8.2.3 - Security fixes - CVE-2025-62507 Bug in XACKDEL...

Redis Buffer Overflow Vulnerability (GHSA-jhjx-x4cf-4vm8)

Redis is prone to a stack-based buffer overflow vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:redis:redis"; if...

UBUNTU-CVE-2025-62507

Redis is an open source, in-memory database that persists on disk. In versions 8.2.0 and above, a user can run the XACKDEL command with multiple ID's and trigger a stack buffer overflow, which may potentially lead to remote code execution. This issue is fixed in version 8.2.3. To workaround this...

CVE-2025-62507

Redis is an open source, in-memory database that persists on disk. In versions 8.2.0 and above, a user can run the XACKDEL command with multiple ID's and trigger a stack buffer overflow, which may potentially lead to remote code execution. This issue is fixed in version 8.2.3. To workaround this...

CVE-2025-62507 Redis: Bug in XACKDEL may lead to stack overflow and potential RCE

Redis is an open source, in-memory database that persists on disk. In versions 8.2.0 and above, a user can run the XACKDEL command with multiple ID's and trigger a stack buffer overflow, which may potentially lead to remote code execution. This issue is fixed in version 8.2.3. To workaround this...

GHSA-8XX5-H6M3-JR33 Presta Shop vulnerable to email enumeration

Impact An unauthenticated attacker with access to the back-office URL can manipulate the idemployee and resettoken parameters to enumerate valid back-office employee email addresses. Impacted parties: Store administrators and employees: their email addresses are exposed. Merchants: risk of...

BIT-LIBPHP-2023-0568 Array overrun in common path resolve code

In PHP 8.0.X before 8.0.28, 8.1.X before 8.1.16 and 8.2.X before 8.2.3, core path resolution function allocate buffer one byte too small. When resolving paths with lengths close to system MAXPATHLEN setting, this may lead to the byte after the allocated buffer being overwritten with NUL value,...

CVE-2025-6743

The Woodmart theme for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'multiplemarkers' attribute in all versions up to, and including, 8.2.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

WordPress plugin Woodmart 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

WordPress plugin WoodMart 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

WordPress Woodmart plugin <= 8.2.3 - Unauthenticated Arbitrary Shortcode Execution vulnerability

Unauthenticated Arbitrary Shortcode Execution vulnerability discovered by stealthcopter in WordPress Theme WoodMart versions = 8.2.3...

WordPress WoodMart plugin <= 8.2.3 - Authenticated (Contributor+) Local File Inclusion vulnerability

Authenticated Contributor+ Local File Inclusion vulnerability discovered by stealthcopter in WordPress Theme WoodMart versions = 8.2.3...

CVE-2021-32738

js-stellar-sdk is a Javascript library for communicating with a Stellar Horizon server. The Utils.readChallengeTx function used in SEP-10 Stellar Web Authentication states in its function documentation that it reads and validates the challenge transaction including verifying that the...

CVE-2025-21570

Vulnerability in the Oracle Life Sciences Argus Safety product of Oracle Health Sciences Applications component: Login. The supported version that is affected is 8.2.3. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Life Sciences...

WordPress Media Library Folders Plugin <= 8.2.3 is vulnerable to Broken Access Control

Software Media Library Folders Type Plugin Vulnerable versions = 8.2.3 Fixed in 8.2.4 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-7858 Patch priority Medium CVSS severity Medium 6.3 Developer Claim ownership PSID e34ed26523d9 Credits Lucio Sá Required...

WordPress plugin Media Library Folders 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress Quiz And Survey Master Plugin <= 8.2.2 is vulnerable to Cross Site Scripting (XSS)

Software Quiz And Survey Master Type Plugin Vulnerable versions = 8.2.2 Fixed in 8.2.3 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-27966 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID b39b4217a315 Credits Marzieh Hashemi Required...

NoMachine 安全漏洞

NoMachine is a remote desktop access tool from NoMachine Luxembourg. A security vulnerability exists in NoMachine versions prior to v8.2.3, which can be exploited by an attacker to execute arbitrary commands via a crafted .nxs file...

Grafana 8.0.0 - 8.2.3 Access Control Vulnerability (GHSA-mpwp-42x6-4wmx)

Grafana is prone to an access control vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...