WordPress Buzz Comments plugin <= 0.9.4 - Authenticated (Administrator+) Stored Cross-Site Scripting vulnerability

Authenticated Administrator+ Stored Cross-Site Scripting vulnerability discovered by Muhammad Nur Ibnu Hubab Ibnu - Pondok Teknologi in WordPress Plugin Buzz Comments versions = 0.9.4...

CVE-2025-66553 Nextcloud Tables app allowed users to view columns metadata information of any table

Nextcloud Tables allows you to create your own tables with individual columns. Prior to 0.8.7 and 0.9.4, authenticated users were able to view meta data of columns in other tables of the Tables app by modifying the numeric ID in a request. This vulnerability is fixed in 0.8.7 and 0.9.4...

CVE-2022-0664

Use of Hard-coded Cryptographic Key in Go github.com/gravitl/netmaker prior to 0.8.5,0.9.4,0.10.0,0.10.1...

Libbpg library integer overflow vulnerability

Libbpg library is a new image format library. An integer overflow vulnerability exists in the BPG image decoding process in Libbpg library versions 0.9.4 and 0.9.7. An attacker can exploit this vulnerability to execute code with specially crafted BPG images...

Casebook plugin cross-site request forgery vulnerability

Casebook plugin for baserCMS is a casebook plugin for baserCMS. A cross-site request forgery vulnerability exists in Casebook plugin for baserCMS versions prior to 0.9.4, which allows remote attackers to hijack administrars authentication...

PT-2005-3282 · Ethereal +1 · Ethereal +1

Name of the Vulnerable Software and Affected Versions: Ethereal versions 0.9.4 through 0.10.11 Description: The issue is related to a format string vulnerability in the proto item set text function, which is used in multiple dissectors. This vulnerability allows remote attackers to write to...