4 matches found
EUVD-2026-12610
Sipeed NanoKVM before 2.3.1 exposes a Wi-Fi configuration endpoint without proper security checks, allowing an unauthenticated attacker with network access to change the saved configured Wi-Fi network to one of the attacker's choosing, or craft a request to exhaust the system memory and terminate...
WordPress TablePress Plugin <= 2.3.1 is vulnerable to Server Side Request Forgery (SSRF)
Software TablePress Type Plugin Vulnerable versions = 2.3.1 Fixed in 2.3.2 OWASP Top 10 A1: Injection Classification Server Side Request Forgery SSRF CVE CVE-2024-4354 Patch priority Low CVSS severity Low 6.4 Developer TablePress PSID e683cfb42286 Credits Tobias Weißhaar kun19 Required privilege...
WordPress Ultimate Posts Widget Plugin < 2.3.1 is vulnerable to Cross Site Scripting (XSS)
Software Ultimate Posts Widget Type Plugin Vulnerable versions 2.3.1 Fixed in 2.3.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-0561 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 4601be1431bf Credits Dmitrii ignatyev...
c4v-py (>=0.1.0.dev1 <=0.1.0.dev202107081840) potentially affected by CVE-2021-29575 via tensorflow-cpu (=2.3.1)
tensorflow-cpu PYPI version =2.3.1 is affected by a known vulnerability. The following packages have a transitive dependency on tensorflow-cpu and may be impacted: - c4v-py =0.1.0.dev1, =0.1.0.dev202107081840 Source cves: CVE-2021-29575 Source advisory: OSV:GHSA-6QGM-FV6V-RFPV...