8 matches found
EUVD-2023-38520
Malicious code in bioql PyPI...
SUSE CVE-2025-40779
If a DHCPv4 client sends a request with some specific options, and Kea fails to find an appropriate subnet for the client, the kea-dhcp4 process will abort with an assertion failure. This happens only if the client request is unicast directly to Kea; broadcast messages do not cause the problem...
WordPress plugin JetElements For Elementor 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
WordPress plugin DirectoryPress Frontend 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...
PT-2025-5502 · Unknown · Mikemmx Super Block Slider
Name of the Vulnerable Software and Affected Versions: mikemmx Super Block Slider versions through 2.7.9 Description: The issue is related to a Missing Authorization vulnerability, which allows exploiting incorrectly configured access control security levels. Recommendations: For versions through...
@chrismou/ember-cli-fullpage-js (>=1.0.0 <=1.0.4), @fullpage/angular-fullpage (>=0.0.1 <=0.1.9) +34 more potentially affected by CVE-2022-1330 via fullpage.js (>=2.7.9 <=4.0.41)
fullpage.js NPM version =2.7.9, =1.0.0, =0.0.1, =0.2.3, =0.0.1, =1.0.1, =0.0.14, =1.0.15, =0.2.1, =1.0.0, =1.0.7, =0.1.16, =0.1.18 - gatsby-theme-wild-child =1.2.10 - invertmode =1.0.0 and more Source cves: CVE-2022-1330 Source advisory: OSV:GHSA-H3CQ-J957-VHXG...
@chrismou/ember-cli-fullpage-js (>=1.0.0 <=1.0.4), @fullpage/angular-fullpage (>=0.0.1 <=0.0.16) +28 more potentially affected by CVE-2022-1295 via fullpage.js (>=2.7.9 <=3.1.2)
fullpage.js NPM version =2.7.9, =1.0.0, =0.0.1, =0.0.1, =1.0.1, =0.0.14, =1.0.15, =0.2.1, =1.0.0, =1.0.7, =0.1.16, =1.0.0, =1.0.0, =1.0.2 and more Source cves: CVE-2022-1295 Source advisory: OSV:GHSA-VPGW-FFH3-648H...
Apache Dubbo代码问题漏洞
Apache Dubbo is the United States Apache Apache Foundation of a lightweight Java-based RPC Remote Procedure Call framework. The product provides interface-based remote calling , fault tolerance and load balancing and automatic service registration and discovery. A deserialization vulnerability...