In certain Arm CPUs, a CPP RCTX instruction executed on one Processing Element (PE) may inhibit TLB invalidation when a TLBI is issued to the PE, either by the same PE or another PE in the shareability domain. In this case, the PE may retain stale TLB entries which should have been invalidated by th...
The Shipping Rate By Cities plugin for WordPress is vulnerable to SQL Injection via the 'city' parameter in all versions up to, and including, 2.0.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possi...
The AJS Footnotes plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'note_list_class' and 'popup_display_effect_in' parameters in all versions up to, and including, 1.0 due to missing authorization and nonce verification on settings save, as well as insuff...
The Name Directory plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'name_directory_name' and 'name_directory_description' parameters in all versions up to, and including, 1.30.3 due to insufficient input sanitization and output escaping. This makes it p...
The GeekyBot โ Generate AI Content Without Prompt, Chatbot and Lead Generation plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the chat message field in all versions up to, and including, 1.1.7 due to insufficient input sanitization and output escaping. This makes it possible f...
The DASHBOARD BUILDER โ WordPress plugin for Charts and Graphs plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5.7. This is due to missing nonce validation on the settings handler in dashboardbuilder-admin.php. This makes it possible for unaut...
The GetContentFromURL plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.0. This is due to the plugin using wp_remote_get() instead of wp_safe_remote_get() to fetch content from a user-supplied URL in the 'url' parameter of the [gcfu] ...
Double free vulnerability in the multi-mode input module. Impact: Successful exploitation of this vulnerability may affect the input function.
The drivers in the tool packages use RTL_QUERY_REGISTRY_DIRECT flag to read a registry value to which an untrusted user-mode application may be able to cause a buffer overflow.
The drivers in the tool packages use RTL_QUERY_REGISTRY_DIRECT flag to read a registry value to which an untrusted user-mode application may be able to cause a buffer overflow.
The drivers in the tool packages use RTL_QUERY_REGISTRY_DIRECT flag to read a registry value to which an untrusted user-mode application may be able to cause a buffer overflow.
The drivers in the tool packages use RTL_QUERY_REGISTRY_DIRECT flag to read a registry value to which an untrusted user-mode application may be able to cause a buffer overflow.
WorkOrder CMS 0.1.0 contains a SQL injection vulnerability that allows unauthenticated attackers to bypass login by manipulating username and password parameters. Attackers can inject malicious SQL queries using techniques like OR '1'='1' and stacked queries to access database in...
Tftpd32 SE 4.60 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated privileges. Attackers can exploit the unquoted path in the service configuration to inject malicious executables that will be run with system-level permissi...
Mediconta 3.7.27 contains an unquoted service path vulnerability in the servermedicontservice that allows local users to potentially execute code with elevated privileges. Attackers can exploit the unquoted path in C:\Program Files (x86)\medicont3\ to inject malicious code that would execute with Lo...
Social-Share-Buttons 2.2.3 contains a critical SQL injection vulnerability in the project_id parameter that allows attackers to manipulate database queries. Attackers can exploit this vulnerability by sending crafted POST requests with malicious SQL payloads to retrieve and potentially steal entire ...
Outline 1.6.0 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted service path in the OutlineService executable to inject malicious code that will be executed with LocalS...
Clevo HotKey Clipboard 2.1.0.6 contains an unquoted service path vulnerability in the HKClipSvc service that allows local non-privileged users to potentially execute code with system privileges. Attackers can exploit the misconfigured service path to inject and execute arbitrary code by placing mali...
e107 CMS version 3.2.1 contains a critical file upload vulnerability that allows authenticated administrators to override arbitrary server files through path traversal. The vulnerability exists in the Media Manager's remote URL upload functionality (image.php) where the upload_caption parameter...
CONTPAQi AdminPAQ 14.0.0 contains an unquoted service path vulnerability in the AppKeyLicenseServer service running with LocalSystem privileges. Attackers can exploit the unquoted path to inject malicious code in the service binary path, potentially executing arbitrary code with elevated system priv...