273 matches found
CVE-2025-26691
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information leak through get permission...
Huawei HarmonyOS 安全漏洞
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. Huawei HarmonyOS version 5.0.0 suffers from a security vulnerability, no details of the vulnerability are provided at this time...
WordPress plugin Car Repair Services 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability exists in...
Huawei HarmonyOS 安全漏洞
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A security vulnerability exists in Huawei HarmonyOS version 5.0.0, which can be exploited by attackers to affect availability...
Huawei HarmonyOS 安全漏洞
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. Huawei HarmonyOS version 5.0.0 suffers from a security vulnerability, no details of the vulnerability are provided at this time...
DEBIAN-CVE-2025-46804
A minor information leak when running Screen with setuid-root privileges allows unprivileged users to deduce information about a path that would otherwise not be available. Affected are older Screen versions, as well as version 5.0.0...
CVE-2017-1000240
The application OpenEMR is affected by multiple reflected & stored Cross-Site Scripting XSS vulnerabilities affecting version 5.0.0 and prior versions. These vulnerabilities could allow remote authenticated attackers to inject arbitrary web script or HTML...
TYPO3 安全漏洞
TYPO3 is a free and open source content management system framework CMS/CMF from the Swiss TYPO3 Association. A security vulnerability exists in TYPO3 version 5.0.0 and earlier, which stems from the presence of an unsafe direct object reference...
SAMSUNG Galaxy Watch3 Plugin 信任管理问题漏洞
The SAMSUNG Galaxy Watch3 Plugin is a component of a Galaxy Wearable application from Samsung South Korea. A security vulnerability exists in SAMSUNG Galaxy Watch3 Plugin version 5.0.9 that stems from not properly validating TLS certificates, which could lead to a man-in-the-middle attack...
CVE-2025-47649
Path Traversal: '.../...//' vulnerability in StackWC Open Close WooCommerce Store woc-open-close allows PHP Local File Inclusion.This issue affects Open Close WooCommerce Store: from n/a through = 4.9.9...
Drupal Enterprise MFA - TFA for Drupal module < 4.7.0,5.0.0-5.1.0 - Unauthenticated Broken Access Control vulnerability
Drupal Enterprise MFA - TFA for Drupal module 4.7.0,5.0.0-5.1.0 - Unauthenticated Broken Access Control vulnerability discovered by Conrad Lara cmlara in WordPress Module Enterprise MFA - TFA for Drupal versions 4.7.0,5.0.0-5.1.0...
Demtec Graphytics 代码注入漏洞
Demtec Graphytics is an application from Demtec Corporation. A code injection vulnerability exists in Demtec Graphytics version 5.0.7 that stems from improper handling of the description parameter in the /visualization file, which could lead to a cross-site scripting attack...
WordPress plugin WP BASE Booking of Appointments, Services and Events 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A security vulnerability exists in the WordPress plugi...
MITRE Caldera 安全漏洞
MITRE Caldera is a MITRE open source automated adversarial simulation platform. A security vulnerability exists in MITRE Caldera versions 4.2.0 and earlier and 5.0.0 and earlier, which stems from remote code execution in the Dynamic Proxy Compilation feature and allows an attacker to execute...
WordPress LTL Freight Quotes – Worldwide Express Edition plugin <= 5.0.20 - Arbitrary Content Deletion vulnerability
Arbitrary Content Deletion vulnerability discovered by Mika Patchstack Alliance in WordPress Plugin LTL Freight Quotes – Worldwide Express Edition versions = 5.0.20...
PT-2025-4622 · Hakan Ozevin · Wp Base Booking
Name of the Vulnerable Software and Affected Versions: Hakan Ozevin WP BASE Booking versions prior to 5.0.0 Description: The issue is related to improper neutralization of input during web page generation, which allows for stored Cross-site Scripting XSS. This means that an attacker can inject...
Malicious code in grabathon-5.0 (npm)
The package communicates with a domain associated with malicious activity. --- -= Per source details. Do not edit below this line.=-...
IBM DevOps Velocity和IBM UrbanCode Velocity 加密问题漏洞
IBM DevOps Velocity and IBM UrbanCode Velocity are both products of International Business Machines IBM.IBM DevOps Velocity is an enterprise-class release management application that supports cloud-native and local deployments.IBM UrbanCode Velocity is an enterprise-class release management and...
IBM DevOps Velocity和IBM UrbanCode Velocity 安全漏洞
IBM DevOps Velocity and IBM UrbanCode Velocity are both products of International Business Machines IBM.IBM DevOps Velocity is an enterprise-class release management application that supports cloud-native and local deployments.IBM UrbanCode Velocity is an enterprise-class release management and...
WordPress WOOEXIM Plugin <= 5.0.0 - SQL Injection vulnerability
SQL Injection vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin WOOEXIM versions = 5.0.0...