EUVD-2024-49886

Malicious code in bioql PyPI...

EUVD-2022-4419

Malicious code in bioql PyPI...

CVE-2025-6730

The Bonanza – WooCommerce Free Gifts Lite plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the xlooptincall function in all versions up to, and including, 1.0.0. This makes it possible for authenticated attackers, with Subscriber-level...

CVE-2025-3880

The Poll, Survey & Quiz Maker Plugin by Opinion Stage plugin for WordPress is vulnerable to unauthorized modification of data due to a misconfigured capability check on several functions in all versions up to, and including, 19.9.0. This makes it possible for authenticated attackers, with...

CVE-2020-13186

An Anti CSRF mechanism was discovered missing in the Teradici Cloud Access Connector v31 and earlier in a specific web form, which allowed an attacker with knowledge of both a machineID and user GUID to modify data if a user clicked a malicious link...

CVE-2025-2933

The CVE-2025-2933 entry concerns the Email Notifications for Updates WordPress plugin. Root cause: missing capability check in awun_import_settings(), affecting all versions up to 1.1.6. This allows authenticated attackers with Subscriber-level access and above to modify arbitrary WordPress optio...

CVE-2025-26660

SAP Fiori applications using the posting library fail to properly configure security settings during the setup process, leaving them at default or inadequately defined. This vulnerability allows an attacker with low privileges to bypass access controls within the application, enabling them to...

CVE-2024-13651

CVE-2024-13651 affects the RapidLoad – Optimize Web Vitals Automatically WordPress plugin (versions up to 2.4.4). The underlying issue is a missing capability check in ajax_deactivate(), enabling authenticated users with Subscriber+ privileges to modify plugin settings. Public details from multip...

CVE-2024-10855 Image Optimizer, Resizer and CDN – Sirv <= 7.3.0 - Missing Authorization to Authenticated (Contributor+) Arbitrary Option Deletion

The Image Optimizer, Resizer and CDN – Sirv plugin for WordPress is vulnerable to unauthorized modification of data that can lead to a denial of service due to insufficient validation on the filename parameter of the sirvuploadfilebychunks function and lack of in all versions up to, and including...

Oracle E-Business Suite 安全漏洞

Oracle E-Business Suite E-Business Suite is a fully integrated set of global business management software from Oracle. The software provides customer relationship management, service management, financial management and other functions. A security vulnerability exists in Oracle E-Business Suite...

CVE-2014-8242

librsync before 1.0.0 uses a truncated MD4 checksum to match blocks, which makes it easier for remote attackers to modify transmitted data via a birthday attack...