Apache MINA 代码问题漏洞

Apache MINA is a web application framework developed by the Apache Foundation in the United States. This product is primarily used for developing high-performance and highly scalable web applications. There were code vulnerabilities in versions of Apache MINA from 2.1.0 to 2.1.11, as well as in...

CVE-2026-6675

The CVE entry maps to a concrete vulnerability in the WordPress Responsive Blocks plugin (versions ≤ 2.2.0). It describes an unauthenticated open email relay via the REST API 'email_to' parameter, enabling abuse of email delivery functions without login. The source does not provide exploit steps ...

CVE-2025-13044 Multiple Vulnerabilities in IBM Concert Software

IBM Concert 1.0.0 through 2.2.0 creates temporary files with predictable names, which allows local users to overwrite arbitrary files via a symlink attack...

CVE-2025-12708

IBM Concert 1.0.0 through 2.2.0 contains hard-coded credentials that could be obtained by a local user...

CVE-2025-36440

IBM Concert 1.0.0 through 2.2.0 could allow a local user to obtain sensitive information due to missing function level access control...

CVE-2025-64647

IBM Concert 1.0.0 through 2.2.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...

CVE-2025-12708

CVE-2025-12708 affects IBM Concert 1.0.0 through 2.2.0 and is due to hard-coded credentials that could be obtained by a local user. The CVSSv3.1 base score is 6.2 (MEDIUM), with attack vector LOCAL and impact chain limited to Confidentiality (HIGH); no impact on Integrity or Availability is noted...

PT-2026-28119

IBM Concert 1.0.0 through 2.2.0 transmits data in clear text that could allow an attacker to obtain sensitive information using man in the middle techniques...

CVE-2026-28138

Deserialization of Untrusted Data vulnerability in Stylemix uListing ulisting allows Object Injection.This issue affects uListing: from n/a through = 2.2.0...

FastAPI Admin 访问控制错误漏洞

FastAPI Admin is an open-source management dashboard based on FastAPI and TortoiseORM. Versions of FastAPI Admin 2.2.0 and earlier contained a access control vulnerability. This vulnerability stemmed from incorrect handling of the filepath parameter in the downloadcontroller function of the...

WordPress plugin SIBS woocommerce payment gateway SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

WordPress SIBS - WooCommerce plugin <= 2.2.0 - Authenticated (Admin+) SQL Injection via 'referencedId' Parameter vulnerability

WordPress SIBS - WooCommerce plugin = 2.2.0 - Authenticated Admin+ SQL Injection via 'referencedId' Parameter vulnerability discovered by whizzu in WordPress Plugin SIBS woocommerce payment gateway versions = 2.2.0...

WordPress plugin KenthaRadio has a cross-site scripting vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

UBUNTU-CVE-2025-64329

containerd is an open-source container runtime. Versions 1.7.28 and below, 2.0.0-beta.0 through 2.0.6, 2.1.0-beta.0 through 2.1.4, and 2.2.0-beta.0 through 2.2.0-rc.1 contain a bug in the CRI Attach implementation where a user can exhaust memory on the host due to goroutine leaks. This issue is...

EUVD-2025-36997

Cross-Site Scripting XSS vulnerability in Checkmk's distributed monitoring allows a compromised remote site to inject malicious HTML code into service outputs in the central site. Affecting Checkmk before 2.4.0p14, 2.3.0p39, 2.2.0 and 2.1.0 eol...

CVE-2025-62513

OpenBao is an open source identity-based secrets management system. In versions 2.2.0 to 2.4.1, OpenBao's audit log experienced a regression wherein raw HTTP bodies used by few endpoints were not correctly redacted HMAC'd. This impacts those using the ACME functionality of PKI, resulting in...

EUVD-2018-20864

Malware in sbrugna...

WordPress Flynax Bridge 2.2.0 Privilege Escalation

WordPress Flynax Bridge plugin versions 2.2.0 and below suffer from an unauthenticated privilege escalation vulnerability...

WordPress plugin Flynax Bridge 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress plugin Flynax Bridge 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...