Owl Cyber Defense OPDS 安全漏洞

Owl Cyber Defense OPDS is a network isolation device developed by Owl Cyber Defense Corporation in the United States. Version 2.2.0.4 of Owl Cyber Defense OPDS contains a security vulnerability, which stems from improper allocation of permissions for critical resources, potentially leading to fil...

Mozilla Firefox < 1.5.0.4

The version of Firefox installed on the remote macOS or Mac OS X host is prior to 1.5.0.4. It is, therefore, affected by a vulnerability as referenced in the mfsa2006-31 advisory. - EvalInSandbox in Mozilla Firefox and Thunderbird before 1.5.0.4 allows remote attackers to gain privileges via...

WordPress WP Filter & Combine RSS Feeds plugin <= 0.4 - Missing Authorization to Authenticated (Contributor+) Feed Deletion vulnerability

Missing Authorization to Authenticated Contributor+ Feed Deletion vulnerability discovered by ch4r0n in WordPress Plugin WP Filter & Combine RSS Feeds versions = 0.4...

CVE-2025-27337

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in kontur Fontsampler fontsampler allows Reflected XSS.This issue affects Fontsampler: from n/a through = 0.4.14...

CVE-2025-31558

TailPress (TailPress – Tailwind for WordPress) vulnerability CVE-2025-31558 affects TailPress versions up to and including 0.4.4. The issue is described as an Insertion of Sensitive Information into Externally-Accessible File or Directory, enabling retrieval of embedded sensitive data. The availa...

CVE-2024-10051 Unauthenticated Denial of Service in shaunwei/realchar

Realchar version v0.0.4 is vulnerable to an unauthenticated denial of service DoS attack. The vulnerability exists in the file upload request handling, where appending characters, such as dashes -, to the end of a multipart boundary in an HTTP request causes the server to continuously process eac...

WordPress plugin Sandbox 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site...

WordPress plugin Amazon Associate Filter 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forger...

Kerui HD 3MP 1080P Tuya Camera 安全漏洞

Kerui HD 3MP 1080P Tuya Camera is a high-definition surveillance camera from Kerui. A security vulnerability exists in Kerui HD 3MP 1080P Tuya Camera version 1.0.4, which stems from the presence of a command injection vulnerability that allows an attacker to create a customized, unauthenticated Q...

CVE-2022-30858

An issue was discovered in ngiflib 0.4. There is SEGV in SDLLoadAnimatedGif when use SDLaffgif. poc : ./SDLaffgif CAfile20...

SUSE CVE-2021-31155

Failure to normalize the umask in please before 0.4 allows a local attacker to gain full root privileges if they are allowed to execute at least one command...

Charm 加密问题漏洞

Charm is Charm is a framework for rapidly prototyping advanced cryptosystems. A cryptographic issue vulnerability exists in Charm version 0.43. Using this vulnerability any single user can decrypt DAC-MACS or MA-ABE-YJ14 data...

PT-2021-16809 · Cosmos +1 · Cosmos Network Ethermint +1

Name of the Vulnerable Software and Affected Versions: Cosmos Network Ethermint versions = v0.4.0 Description: The issue is related to a transaction replay vulnerability in the EVM module. If a victim sends a very large nonce transaction, an attacker can replay the transaction through the...