CVE-2025-54001

Deserialization of Untrusted Data vulnerability in ThemeREX Classter classter allows Object Injection.This issue affects Classter: from n/a through = 2.5...

PT-2026-23196

Name of the Vulnerable Software and Affected Versions ThemeREX Solaris versions n/a through 2.5 Description The software contains a flaw due to deserialization of untrusted data, which allows for object injection. Recommendations At the moment, there is no information about a newer version that...

WordPress plugin Savory 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...

Ubuntu: Security Advisory (USN-7840-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EUVD-2023-50394

Malicious code in bioql PyPI...

WordPress plugin WP Directorybox Manager 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

WordPress Scroll Top Advanced plugin <= 2.5 - Stored Cross Site Scripting (XSS) vulnerability

Stored Cross Site Scripting XSS vulnerability discovered by SOPROBRO in WordPress Plugin Scroll Top Advanced versions = 2.5...

WordPress plugin Category SEO Meta Tags Cross-site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

CVE-2023-40829

There is an interface unauthorized access vulnerability in the background of Tencent Enterprise Wechat Privatization 2.5.x and 2.6.930000...

CVE-2023-25982

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Eirudo Simple YouTube Responsive plugin = 2.5 versions...

SUSE CVE-2020-10933

An issue was discovered in Ruby 2.5.x through 2.5.7, 2.6.x through 2.6.5, and 2.7.0. If a victim calls BasicSocketreadnonblockrequestedsize, buffer, exception: false, the method resizes the buffer to fit the requested size, but no data is copied. Thus, the buffer string provides the previous valu...

GHSA-44HV-JJX7-QFJG Path Traversal in Apache Struts

In Apache Struts 2.3.x before 2.3.31, and 2.5.x before 2.5.5, it is possible to prepare a special URL which will be used for path traversal and execution of arbitrary code on server side. This vulnerability is only exploitable when using the Struts 2 Convention plugin in conjunction with Apache...

Joomla! 输入验证错误漏洞

Joomla! is a set of forum components used in the Joomla! content management system. versions 2.5.0 to 3.10.6 and 4.0.0 to 4.1.0 contain an input validation error vulnerability that can be exploited by attackers to invalidate the check of whether the redirected url is internal, possibly leading to...

Mirmay Secure Private Browser and File Manager 竞争条件问题漏洞

Mirmay Secure Private Browser and File Manager is an easy-to-use application from Mirmay that allows you to securely and privately access your favorite websites. A security vulnerability exists in Mirmay Secure Private Browser and File Manager version 2.5 and prior versions in the Auto Lock modul...

CVE-2021-40146

A Remote Code Execution RCE vulnerability was discovered in the Any23 YAMLExtractor.java file and is known to affect Any23 versions 2.5. RCE vulnerabilities allow a malicious actor to execute any code of their choice on a remote machine over LAN, WAN, or internet. RCE belongs to the broader class...

Remote code execution

A Remote Code Execution RCE vulnerability was discovered in the Any23 YAMLExtractor.java file and is known to affect Any23 versions 2.5. RCE vulnerabilities allow a malicious actor to execute any code of their choice on a remote machine over LAN, WAN, or internet. RCE belongs to the broader class...

CVE-2021-40146 A Remote Code Execution (RCE) vulnerability exists in Apache Any23 YAMLExtractor.java

A Remote Code Execution RCE vulnerability was discovered in the Any23 YAMLExtractor.java file and is known to affect Any23 versions 2.5. RCE vulnerabilities allow a malicious actor to execute any code of their choice on a remote machine over LAN, WAN, or internet. RCE belongs to the broader class...

PT-2021-18282 · Google · Tensorflow

Name of the Vulnerable Software and Affected Versions: TensorFlow versions prior to 2.5.0 TensorFlow versions 2.4.2 and earlier TensorFlow versions 2.3.3 and earlier TensorFlow versions 2.2.3 and earlier TensorFlow versions 2.1.4 and earlier Description: An attacker can trigger a CHECK fail in PN...

OpenLDAP Security Vulnerabilities

OpenLDAP is an open source implementation of the Lightweight Directory Access Protocol LDAP from the OpenLDAP Openldap Foundation in the United States. A security vulnerability exists in OpenLDAP through 2.4.57 and 2.5.x through 2.5.1alpha, which results in a denial of service daemon exit via a...

DEBIAN-CVE-2020-10933

An issue was discovered in Ruby 2.5.x through 2.5.7, 2.6.x through 2.6.5, and 2.7.0. If a victim calls BasicSocketreadnonblockrequestedsize, buffer, exception: false, the method resizes the buffer to fit the requested size, but no data is copied. Thus, the buffer string provides the previous valu...