| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Cross-Site Request Forgery (CSRF) vulnerability in Webaholicson Epicwin Plugin allows SQL Injection. This issue affects Epicwin Plugin: from n/a through 1.5. |
| The SVG Case Study plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses the SVG file. |
| Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Kaedinger Audio Comparison Lite audio-comparison-lite allows Stored XSS.This issue affects Audio Comparison Lite: from n/a through 3.4. |
| Server Side Request Forgery (SSRF) vulnerability in Pixelcurve Edubin edubin.This issue affects Edubin: from n/a through 9.2.0. |
| NVIDIA GPU Display Driver for Linux contains a vulnerability where an attacker may access a memory location after the end of the buffer. A successful exploit of this vulnerability may lead to denial of service and data tampering. |
| Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in aaronfrey Nearby Locations allows SQL Injection. This issue affects Nearby Locations: from n/a through 1.1.1. |
| Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in N.O.U.S. Open Useful and Simple Event post allows PHP Local File Inclusion.This issue affects Event post: from n/a through 5.9.5. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NotFound WP Easy Post Mailer allows Reflected XSS. This issue affects WP Easy Post Mailer: from n/a through 0.64. |
| Cross-Site Request Forgery (CSRF) vulnerability in Vladimir Prelovac Plugin Central allows Path Traversal. This issue affects Plugin Central: from n/a through 2.5.1. |
| Missing Authorization vulnerability in Post Grid Team by RadiusTheme The Post Grid allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects The Post Grid: from n/a through 7.7.4. |
| Cross-Site Request Forgery (CSRF) vulnerability in NotFound Booknetic. This issue affects Booknetic: from n/a through 4.0.9. |
| eProsima Fast DDS (formerly Fast RTPS) is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Even with the application of SROS2, due to the issue where the data (`p[UD]`) and `guid` values used to disconnect between nodes are not encrypted, a vulnerability has been discovered where a malicious attacker can forcibly disconnect a Subscriber and can deny a Subscriber attempting to connect. Afterwards, if the attacker sends the packet for disconnecting, which is data (`p[UD]`), to the Global Data Space (`239.255.0.1:7400`) using the said Publisher ID, all the Subscribers (Listeners) connected to the Publisher (Talker) will not receive any data and their connection will be disconnected. Moreover, if this disconnection packet is sent continuously, the Subscribers (Listeners) trying to connect will not be able to do so. Since the initial commit of the `SecurityManager.cpp` code (`init`, `on_process_handshake`) on Nov 8, 2016, the Disconnect Vulnerability in RTPS Packets Used by SROS2 has been present prior to versions 2.13.0, 2.12.2, 2.11.3, 2.10.3, and 2.6.7. |
| Mailcow through 2024-11b has a session fixation vulnerability in the web panel. It allows remote attackers to set a session identifier when HSTS is disabled on a victim's browser. After a user logs in, they are authenticated and the session identifier is valid. Then, a remote attacker can access the victim's web panel with the same session identifier. |
| Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Unfoldwp Blogmine allows PHP Local File Inclusion. This issue affects Blogmine: from n/a through 1.1.7. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WP Lab WP-Lister Lite for Amazon allows Stored XSS.This issue affects WP-Lister Lite for Amazon: from n/a through 2.6.11.
|
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Detlef Stöver WPEX Replace DB Urls allows Reflected XSS.This issue affects WPEX Replace DB Urls: from n/a through 0.4.0. |
| Deserialization of Untrusted Data vulnerability in GiveWP.This issue affects GiveWP: from n/a through 3.4.2.
|
| Cross-Site Request Forgery (CSRF) vulnerability in Kreg Steppe Auphonic Importer allows Stored XSS.This issue affects Auphonic Importer: from n/a through 1.5.1. |
| The Sign In With Google plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 1.8.0. This is due to the 'authenticate_user' user function not implementing sufficient null value checks when setting the access token and user information. This makes it possible for unauthenticated attackers to log in as the first user who has signed in using Google OAuth, which could be the site administrator. |
| In the Linux kernel, the following vulnerability has been resolved:
riscv/kprobe: Fix instruction simulation of JALR
Set kprobe at 'jalr 1140(ra)' of vfs_write results in the following
crash:
[ 32.092235] Unable to handle kernel access to user memory without uaccess routines at virtual address 00aaaaaad77b1170
[ 32.093115] Oops [#1]
[ 32.093251] Modules linked in:
[ 32.093626] CPU: 0 PID: 135 Comm: ftracetest Not tainted 6.2.0-rc2-00013-gb0aa5e5df0cb-dirty #16
[ 32.093985] Hardware name: riscv-virtio,qemu (DT)
[ 32.094280] epc : ksys_read+0x88/0xd6
[ 32.094855] ra : ksys_read+0xc0/0xd6
[ 32.095016] epc : ffffffff801cda80 ra : ffffffff801cdab8 sp : ff20000000d7bdc0
[ 32.095227] gp : ffffffff80f14000 tp : ff60000080f9cb40 t0 : ffffffff80f13e80
[ 32.095500] t1 : ffffffff8000c29c t2 : ffffffff800dbc54 s0 : ff20000000d7be60
[ 32.095716] s1 : 0000000000000000 a0 : ffffffff805a64ae a1 : ffffffff80a83708
[ 32.095921] a2 : ffffffff80f160a0 a3 : 0000000000000000 a4 : f229b0afdb165300
[ 32.096171] a5 : f229b0afdb165300 a6 : ffffffff80eeebd0 a7 : 00000000000003ff
[ 32.096411] s2 : ff6000007ff76800 s3 : fffffffffffffff7 s4 : 00aaaaaad77b1170
[ 32.096638] s5 : ffffffff80f160a0 s6 : ff6000007ff76800 s7 : 0000000000000030
[ 32.096865] s8 : 00ffffffc3d97be0 s9 : 0000000000000007 s10: 00aaaaaad77c9410
[ 32.097092] s11: 0000000000000000 t3 : ffffffff80f13e48 t4 : ffffffff8000c29c
[ 32.097317] t5 : ffffffff8000c29c t6 : ffffffff800dbc54
[ 32.097505] status: 0000000200000120 badaddr: 00aaaaaad77b1170 cause: 000000000000000d
[ 32.098011] [<ffffffff801cdb72>] ksys_write+0x6c/0xd6
[ 32.098222] [<ffffffff801cdc06>] sys_write+0x2a/0x38
[ 32.098405] [<ffffffff80003c76>] ret_from_syscall+0x0/0x2
Since the rs1 and rd might be the same one, such as 'jalr 1140(ra)',
hence it requires obtaining the target address from rs1 followed by
updating rd.
[Palmer: Pick Guo's cleanup] |
