Apache Airflow Providers Edge3: Edge3 Worker RPC RCE on Airflow 2

Apache Software Foundation Apache Airflow Providers Edge3 apache apache-airflow-providers-edge3

Privilege boundary violation in Radiometer Products

Radiometer Medical Aps ABL90 FLEX and ABL90 FLEX PLUS Analyzers Radiometer Medical Aps ABL90 FLEX and ABL90 FLEX PLUS Analyzers +4个

IDOR in GG Soft's PaperWork

GG Soft Software Services Inc. PaperWork

Reflected XSS in Proliz's OBS

Proliz Software Ltd. OBS (Student Affairs Information System)0

Download Plugins and Themes from Dashboard <= 1.9.6 - Cross-Site Request Forgery to Bulk Plugin/Theme Archival

wpcodefactory Download Plugins and Themes in ZIP from Dashboard

Zephyr Project Manager <= 3.3.203 - Authenticated (Custom+) Arbitrary File Read And Server-Side Request Forgery

dylanjkotze Zephyr Project Manager

Ninja Forms – The Contact Form Builder That Grows With You <= 3.13.2 - Insecure Direct Object Reference to Unauthenticated Sensitive Information Exposure via Unscoped Bearer Token

kstover Ninja Forms – The Contact Form Builder That Grows With You ninjaforms ninja_forms

Converter for Media <= 6.3.2 - Missing Authorization to Authenticated (Subscriber+) Optimized Image Deletion via regenerate-attachment REST Endpoint

mateuszgbiorczyk Converter for Media – Optimize images | Convert WebP & AVIF

Cookie Banner, Cookie Consent, Consent Log, Cookie Scanner, Script Blocker (for GDPR, CCPA & ePrivacy) : WP Cookie Consent <= 4.0.7 - Missing Authorization to Unauthenticated Arbitrary Post Deletion

wplegalpages Cookie Banner, Cookie Consent, Consent Log, Cookie Scanner, Script Blocker (for GDPR, CCPA & ePrivacy) : WP Cookie Consent

TECNO Pova6 Pro 5G 安全漏洞

TECNO Tecno Pova6 Pro 5G transsion hios

Better Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss <= 2.10.2 - Unauthenticated Stored Cross-Site Scripting

wordplus Better Messages – Live Chat for WordPress, BuddyPress, PeepSo, Ultimate Member, BuddyBoss

WP Recipe Maker <= 10.2.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

brechtvds WP Recipe Maker

WP Social Ninja - Embed Social Feeds, Customer Reviews, Chat Widgets (Google Reviews, YouTube Feed, Photo Feeds, and More) <= 4.0.1 - Missing Authorization to Unauthenticated Plugin's Settings Disclosure And Modification

adreastrian WP Social Ninja – Embed Social Feeds, User Reviews & Chat Widgets

HTML Forms – Simple WordPress Forms Plugin <= 1.6.0 - Unauthenticated Stored Cross-Site Scripting

linksoftware HTML Forms – Simple WordPress Forms Plugin

"UNSUPPORTED WHEN ASSIGNED" Certain versions of the ASUS Live Update client were distributed with un...

ASUS live update asus live_update

An out-of-bounds read vulnerability has been identified in the asComSvc service. This vulnerability ...

ASUS Armoury Crate

An uncontrolled resource consumption vulnerability affects certain ASUS motherboards using Intel B4...

ASUS B460 series ASUS B560 series +11个

Cross-site request forgery vulnerability exists in GROWI v7.3.3 and earlier. If a user views a malic...

GROWI, Inc. GROWI

Acer｜ListCheck.exe - Local Privilege Escalation

Acer ListCheck.exe

ASRock, ASRockRack, ASRockInd｜Motherboard - Protection Mechanism Failure

ASRock Intel 500 chipset motherboard ASRockRack Intel 500 chipset motherboard +10个