8 matches found
CVE-2026-45154
Nextcloud Collectives vulnerability: from version 2.6.0 through before 4.3.0, if a collective page was deleted and the collective was shared view‑only, guests with access could directly retrieve the deleted pages from the trashbin. Root cause: improper access control. A fix is available in versio...
CVE-2026-41643
GoBGP is an open source Border Gateway Protocol BGP implementation in the Go Programming Language. Prior to version 4.3.0, a remote Denial of Service DoS vulnerability exists in GoBGP where a malformed BGP UPDATE message can trigger a runtime error: index out of range panic. This occurs during th...
WordPress plugin Jobify 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
CVE-2024-24023
A SQL injection vulnerability exists in Novel-Plus v4.3.0-RC1 and prior. An attacker can pass specially crafted offset, limit, and sort parameters to perform SQL injection via /novel/bookContent/list...
CVE-2023-5201
The OpenHook plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 4.3.0 via the 'php' shortcode. This allows authenticated attackers with subscriber-level permissions or above, to execute code on the server. This requires the php shortcode setting to be...
CVE-2019-19547
Symantec Endpoint Detection and Response SEDR, prior to 4.3.0, may be susceptible to a cross site scripting XSS issue. XSS is a type of issue that can enable attackers to inject client-side scripts into web pages viewed by other users. An XSS vulnerability may be used by attackers to potentially...
libtiff: heap buffer overflow in extractImageSection
A heap buffer overflow in ExtractImageSection function in tiffcrop.c in libtiff library Version 4.3.0 allows attacker to trigger unsafe or out of bounds memory access via crafted TIFF image file which could result into application crash, potential information disclosure or any other...
WordPress PressForward plugin cross-site scripting vulnerability
WordPress is the WordPress Software Foundation's set of blogging platform developed using the PHP language, the platform supports PHP and MySQL servers to set up a personal blog site.PressForward plugin is one of the workflow editing plugin. A cross-site scripting vulnerability exists in the...