Vulmon
The easy-digital-downloads plugin before 2.9.16 for WordPress has XSS related to IP address logging....
The easy-digital-downloads plugin before 2.9.16 for WordPress has XSS related to IP address logging....
The companion-sitemap-generator plugin before 3.7.0 for WordPress has CSRF....
The jayj-quicktag plugin before 1.3.2 for WordPress has CSRF....
The companion-auto-update plugin before 3.2.1 for WordPress has local file inclusion....
The invite-anyone plugin before 1.3.16 for WordPress has incorrect escaping of untrusted Dashboard and front-end input....
The easy-digital-downloads plugin before 2.3.3 for WordPress has SQL injection....
A flaw was found in the Linux kernel's NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process() use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container user can cause a host...
fstream before 1.0.12 is vulnerable to Arbitrary File Overwrite. Extracting tarballs containing a hardlink to a file that already exists in the system, and a file that matches the hardlink, will overwrite the system's file with the contents of the extracted file. The...
A race condition in the one-pass compression functions of Zstandard prior to version 1.3.8 could allow an attacker to write bytes out of bounds if an output buffer smaller than the recommended size was used....
A vulnerability in the normalization functionality of Cisco Firepower Threat Defense Software, Cisco FirePOWER Services Software for ASA, and Cisco Firepower Management Center Software could allow an unauthenticated, remote attacker to bypass filtering protections. The...