10 matches found
CVE-2026-35235
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: GIS. Supported versions that are affected are 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of thi...
WordPress WooMS Plugin <= 9.12 - Broken Access Control Vulnerability
Broken Access Control Vulnerability discovered by Nabil Irawan in WordPress Plugin WooMS versions = 9.12...
CVE-2025-8573 Concrete CMS 9 through 9.4.2 is vulnerable to Stored XSS from Home Folder on Members Dashboard page
Concrete CMS versions 9 through 9.4.2 are vulnerable to Stored XSS from Home Folder on Members Dashboard page. Version 8 was not affected. A rogue admin could set up a malicious folder containing XSS to which users could be directed upon login. The Concrete CMS security team gave this...
py-mysql-connector-python -- Vulnerability in the MySQL Connectors product of Oracle MySQL
Oracle reports: Vulnerability in the MySQL Connectors product of Oracle MySQL component: Connector/Python. Supported versions that are affected are 9.1.0 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL...
Vulnerability fixed in OpenSSH
The developers of OpenSSH have fixed a vulnerability in OpenSSH The vulnerability allows a malicious party to execute arbitrary code with privileges of the sshd process without prior authentication. It cannot be ruled out that the ssh process is running with elevated privileges, making it possibl...
PT-2024-23670 · Derbynet · Derbynet
Name of the Vulnerable Software and Affected Versions: DerbyNet versions 9.0 and below Description: A Cross Site Scripting issue allows a remote attacker to execute arbitrary code via the "render-document.php" component. This enables the attacker to perform unauthorized actions on the affected...
PT-2024-15151
Name of the Vulnerable Software and Affected Versions WP Recipe Maker plugin for WordPress versions up to, and including, 9.1.0 Description The issue is related to Reflected Cross-Site Scripting via the 'Referer' header due to insufficient input sanitization and output escaping. This allows...
PT-2023-9208 · Unknown +10 · Frrouting Frr +10
Name of the Vulnerable Software and Affected Versions: FRRouting FRR versions through 9.0.1 Description: An issue was discovered in FRRouting where a crash can occur when a malformed BGP UPDATE message with an EOR is processed. This happens because the presence of EOR does not lead to a...
IBM Security Guardium Database Activity Monitor Authorization Vulnerability
IBM Security Guardium Database Activity Monitor is a database activity monitor product from IBM USA. The product provides features such as automated controls for compliance and protection against internal and external threats. An authorization vulnerability exists in IBM Security Guardium Databas...
VMware Tools Local Elevation of Privilege Vulnerability (CNVD-2016-07808)
VMware Tools is a set of enhancements that come with VMware's VMWare virtual machines. It is a set of drivers provided by VMware to enhance the performance of virtual graphics cards and hard drives, as well as to synchronize the clocks of the virtual machines with those of the host computer. A...