Alerts

IBM Storage Scale GUI 5.1.9.0 through 5.1.9.6 and 5.2.0.0 through 5.2.1.1 could allow a user to perform unauthorized actions after intercepting and modifying a csv file due to improper...

A vulnerability in the packet processing functionality of Cisco access point (AP) software could allow an unauthenticated, adjacent attacker to exhaust resources on an affected device. 

This vulnerability is due to insufficient management of...

The vulnerability occurs in the parsing of CSP files. The issues result from the lack of proper validation of user-supplied data, which could allow reading past the end of allocated data...

Horner Automation Cscape contains a memory corruption vulnerability, which could allow an attacker to disclose information and execute arbitrary code.

A logic vulnerability in the the mobile application (com.transsion.applock) can lead to bypassing the application password.

The Responsive Filterable Portfolio plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter in all versions up to, and including, 1.0.8 due to insufficient escaping on...

The AR for WordPress plugin for WordPress is vulnerable to unauthorized double extension file upload due to a missing capability check on the set_ar_featured_image() function in all versions up to,...

The Hello In All Languages plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.6. This is due to missing or incorrect nonce validation on a...

The NewsmanApp plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'newsman_subscribe_widget' shortcode in all versions up to, and including, 2.7.6 due...