WordPress plugin Export WP Page to Static HTML/CSS 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to set up a personal blog site on a PHP and MySQL based server.WordPress plugin is an application plugin. WordPress plugin...

@acmekit/acmekit-oas-cli (>=2.13.1 <=2.13.94), @acmekit/cli (>=2.13.1 <=2.13.94) +136 more potentially affected by CVE-2026-44680 via @mikro-orm/knex (>=6.0.0-dev.110 <=6.6.14-dev.3)

@mikro-orm/knex NPM version =6.0.0-dev.110, =2.13.1, =2.13.1, =2.13.1, =2.13.1, =2.13.1, =2.13.1, =2.13.1, =2.13.1, =0.0.1, =0.5.0, =0.1.29, =0.6.8 and more Source cves: CVE-2026-44680 Source advisory: SNYK:JS-MIKROORMKNEX-16624725...

CVE-2026-4708 Incorrect boundary conditions in the Graphics component

Incorrect boundary conditions in the Graphics component. This vulnerability was fixed in Firefox 149, Firefox ESR 140.9, Thunderbird 149, and Thunderbird 140.9...

EUVD-2022-35000

Malicious code in bioql PyPI...

PT-2025-29504

Name of the Vulnerable Software and Affected Versions: ImageMagick versions prior to 7.1.2-0 ImageMagick versions prior to 6.9.13-26 Description: ImageMagick is free and open-source software used for editing and manipulating digital images. A heap buffer overflow exists in the...

CVE-2020-5573

Android App 'kintone mobile for Android' 1.0.0 to 2.5 allows an attacker to obtain credential information registered in the product via unspecified vectors...

CVE-2023-53048

In the Linux kernel, the following vulnerability has been resolved: usb: typec: tcpm: fix warning when handle discoveridentity message Since both source and sink device can send discoveridentity message in PD3, kernel may dump below warning: ------------ cut here ------------ WARNING: CPU: 0 PID:...

CVE-2022-49903

In the Linux kernel, the following vulnerability has been resolved: ipv6: fix WARNING in ip6routenetexitlate During the initialization of ip6routenetinitlate, if file ipv6route or rt6stats fails to be created, the initialization is successful by default. Therefore, the ipv6route or rt6stats file...

Important: libreoffice

Issue Overview: Certificate Validation user interface in LibreOffice allows potential vulnerability. Signed macros are scripts that have been digitally signed by the developer using a cryptographic signature. When a document with a signed macro is opened a warning is displayed by LibreOffice befo...

Access Restriction Bypass

Overview Affected versions of this package are vulnerable to Access Restriction Bypass by embedding non-network imports in data URLs. Exploiting this vulnerability allows an attacker to execute arbitrary code, compromising system security. Remediation Upgrade nodejs to version 20.16.0 or higher...

PT-2024-31574 · WordPress · Kkprogressbar2 Free

Name of the Vulnerable Software and Affected Versions: KKProgressbar2 Free WordPress plugin versions 1.1.4.2 and earlier Description: The issue allows admin users to perform SQL injection attacks due to the lack of sanitization and escaping of a parameter before using it in a SQL statement...

Warning issued over vulnerability in cardiac device monitoring software

The Cybersecurity and Infrastructure Security Agency CISA has issued a warning about a vulnerability that could result in remote code execution or a denial-of-service DoS condition impacting a healthcare delivery organizations Paceart Optima system. Paceart Optima is a software application that...

PT-2023-35496 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.14.306 Description: The issue is related to a wrong-direction WARNING in plusb.c. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prior to...

PT-2022-36518 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.19.265 Description: The issue is related to a WARNING in the ip vs app net cleanup function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prio...

PT-2022-34432 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v4.19.256 Description: The issue is related to a warning for CONFIG CPUMASK OFFSTACK in the cpuinfo area of the MIPS architecture. The actual impact and potential for attack have not been proven yet...

PT-2022-34175 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.137 Description: The issue is related to a warning in the isl29028 remove function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prior to...

CVE-2022-24376

All versions of package git-promise are vulnerable to Command Injection due to an inappropriate fix of a prior vulnerability in this package. Note: Please note that the vulnerability will not be fixed. The README file was updated with a warning regarding this issue...

PT-2022-16654 · Unknown · Git-Promise

Name of the Vulnerable Software and Affected Versions: git-promise versions all Description: The issue is related to Command Injection due to an inappropriate fix of a prior vulnerability in the git-promise package. The README file was updated with a warning regarding this issue. It is noted that...

hartverwarmendkoken.nl Improper Access Control vulnerability OBB-2241728

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Dell pre-installed SupportAssist components DLL hijacking vulnerability, worldwide more than 1 billion devices face a cyber-attack risk-vulnerability warning-the black bar safety net

SupportAssist is a powerful support application helps to ensure that the user of the system is always running optimally, take the initiative to find the problem and allows you to run the diagnostic program and the driver update scan. Recently, however, researchers have found that this tool softwa...