Spip 4.1.10 Admin Account Spoofing via Malicious SVG Upload

spip spip

D-Link DAP-1325 Hardware A1 Unauthenticated Configuration Download

D-Link DAP-1325 dlink dap-1325_firmware

PimpMyLog 1.7.14 Improper Access Control via Account Creation Endpoint

Pimpmylog PimpMyLog potsky pimp_my_log

WebsiteBaker 2.13.3 Stored Cross-Site Scripting via SVG File Upload

websitebaker WebsiteBaker websitebaker websitebaker

WebsiteBaker 2.13.3 Directory Traversal via Media Delete Endpoint

websitebaker WebsiteBaker websitebaker websitebaker

WBCE CMS 1.6.1 Cross-Site Scripting and Open Redirect Vulnerability

Unknown WBCE CMS wbce wbce_cms

Podcast Generator 安全漏洞

Unknown Unknown podcastgenerator podcast_generator

Rukovoditel 3.4.1 Multiple Stored Cross-Site Scripting via Configuration

Rukovoditel Rukovoditel rukovoditel rukovoditel

Rukovoditel 3.4.1 Multiple Stored Cross-Site Scripting via Comments

Rukovoditel Rukovoditel rukovoditel rukovoditel

phpfm 1.7.9 Authentication Bypass via Type Juggling Vulnerability

Dulldusk phpfm dulldusk phpfilemanager

tRPC has possible prototype pollution in `experimental_nextAppDirCaller`

trpc trpc trpc trpc

FileRise 跨站脚本漏洞

error311 FileRise filerise filerise

GLPI 跨站脚本漏洞

glpi-project glpi

HPE OneView 安全漏洞

Hewlett Packard Enterprise (HPE) HPE OneView hpe oneview

Exposure of Private Personal Information to an Unauthorized Actor vulnerability in RTI Connext Professional (Core Libraries) allows Sniffing Network Traffic.

RTI Connext Professional

parisc: Avoid crash due to unaligned access in unwinder

Linux Linux Linux Linux

page_pool: always add GFP_NOWARN for ATOMIC allocations

Linux Linux Linux Linux

lan966x: Fix sleeping in atomic context

Linux Linux Linux Linux

netconsole: Acquire su_mutex before navigating configs hierarchy

Linux Linux Linux Linux

clk: thead: th1520-ap: set all AXI clocks to CLK_IS_CRITICAL

Linux Linux Linux Linux