| CVE-2022-2190 | The Gallery Plugin for WordPress plugin before 1.8.4.7 does not escape the $_SERVER['REQUEST_URI'] parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers | medium |
| CVE-2022-2167 | The Newspaper WordPress theme before 12 does not sanitise a parameter before outputting it back in an HTML attribute via an AJAX action, leading to a Reflected Cross-Site Scripting | medium |
| CVE-2021-47293 | In the Linux kernel, the following vulnerability has been resolved: net/sched: act_skbmod: Skip non-Ethernet packets Currently tcf_skbmod_act() assumes that packets use Ethernet as their L2 protocol, which is not always the case. As an example, for CAN devices: $ ip link add dev vcan0 type vcan $ ip link set up vcan0 $ tc qdisc add dev vcan0 root handle 1: htb $ tc filter add dev vcan0 parent 1: protocol ip prio 10 \ matchall action skbmod swap mac Doing the above silently corrupts all the packets. Do not perform skbmod actions for non-Ethernet packets. | high |
| CVE-2021-46850 | myVesta Control Panel before 0.9.8-26-43 and Vesta Control Panel before 0.9.8-26 are vulnerable to command injection. An authenticated and remote administrative user can execute arbitrary commands via the v_sftp_license parameter when sending HTTP POST requests to the /edit/server endpoint. | high |
| CVE-2021-46848 | GNU Libtasn1 before 4.19.0 has an ETYPE_OK off-by-one array size check that affects asn1_encode_simple_der. | critical |
| CVE-2021-46757 | Insufficient checking of memory buffer in ASP Secure OS may allow an attacker with a malicious TA to read/write to the ASP Secure OS kernel virtual address space potentially leading to privilege escalation. | high |
| CVE-2021-42777 | Stimulsoft (aka Stimulsoft Reports) 2013.1.1600.0, when Compilation Mode is used, allows an attacker to execute arbitrary C# code on any machine that renders a report, including the application server or a user's local machine, as demonstrated by System.Diagnostics.Process.Start. | critical |
| CVE-2021-42553 | A buffer overflow vulnerability in stm32_mw_usb_host of STMicroelectronics in versions before 3.5.1 allows an attacker to execute arbitrary code when the descriptor contains more endpoints than USBH_MAX_NUM_ENDPOINTS. The library is typically integrated when using a RTOS such as FreeRTOS on STM32 MCUs. | critical |
| CVE-2021-42010 | Heron versions <= 0.20.4-incubating allows CRLF log injection because of the lack of escaping in the log statements. Please update to version 0.20.5-incubating which addresses this issue. | critical |
| CVE-2021-40661 | A remote, unauthenticated, directory traversal vulnerability was identified within the web interface used by IND780 Advanced Weighing Terminals Build 8.0.07 March 19, 2018 (SS Label 'IND780_8.0.07'), Version 7.2.10 June 18, 2012 (SS Label 'IND780_7.2.10'). It was possible to traverse the folders of the affected host by providing a traversal path to the 'webpage' parameter in AutoCE.ini This could allow a remote unauthenticated adversary to access additional files on the affected system. This could also allow the adversary to perform further enumeration against the affected host to identify the versions of the systems in use, in order to launch further attacks in future. | high |
| CVE-2021-40241 | xfig 3.2.7 is vulnerable to Buffer Overflow. | critical |
| CVE-2021-38737 | SEMCMS v 1.1 is vulnerable to SQL Injection via Ant_Pro.php. | critical |
| CVE-2021-38736 | SEMCMS Shop V 1.1 is vulnerable to SQL Injection via Ant_Global.php. | critical |
| CVE-2021-38734 | SEMCMS SHOP v 1.1 is vulnerable to SQL Injection via Ant_Menu.php. | critical |
| CVE-2021-38733 | SEMCMS SHOP v 1.1 is vulnerable to SQL Injection via Ant_BlogCat.php. | critical |
| CVE-2021-38732 | SEMCMS SHOP v 1.1 is vulnerable to SQL via Ant_Message.php. | critical |
| CVE-2021-38731 | SEMCMS SHOP v 1.1 is vulnerable to SQL Injection via Ant_Zekou.php. | critical |
| CVE-2021-38730 | SEMCMS SHOP v 1.1 is vulnerable to SQL Injection via Ant_Info.php. | critical |
| CVE-2021-38729 | SEMCMS SHOP v 1.1 is vulnerable to SQL Injection via Ant_Plist.php. | critical |
| CVE-2021-38728 | SEMCMS SHOP v 1.1 is vulnerable to Cross Site Scripting (XSS) via Ant_M_Coup.php. | medium |
| CVE-2021-37781 | Employee Record Management System v 1.2 is vulnerable to Cross Site Scripting (XSS) via editempprofile.php. | medium |
| CVE-2021-35388 | Hospital Management System v 4.0 is vulnerable to Cross Site Scripting (XSS) via /hospital/hms/admin/patient-search.php. | medium |
| CVE-2021-35387 | Hospital Management System v 4.0 is vulnerable to SQL Injection via file:hospital/hms/admin/view-patient.php. | high |
| CVE-2021-24502 | The WP Google Map WordPress plugin before 1.7.7 did not sanitise or escape the Map Title before outputting them in the page, leading to a Stored Cross-Site Scripting issue by high privilege users, even when the unfiltered_html capability is disallowed | medium |
| CVE-2021-24130 | Unvalidated input in the WP Google Map Plugin WordPress plugin, versions before 4.1.5, in the Manage Locations page within the plugin settings was vulnerable to SQL Injection through a high privileged user (admin+). | high |
| CVE-2020-36774 | plugins/gtk+/glade-gtk-box.c in GNOME Glade before 3.38.1 and 3.39.x before 3.40.0 mishandles widget rebuilding for GladeGtkBox, leading to a denial of service (application crash). | medium |
| CVE-2020-21016 | D-Link DIR-846 devices with firmware 100A35 allow remote attackers to execute arbitrary code as root via HNAP1/control/SetGuestWLanSettings.php. | critical |
| CVE-2020-10196 | An XSS vulnerability in the popup-builder plugin before 3.64.1 for WordPress allows remote attackers to inject arbitrary JavaScript into existing popups via an unsecured ajax action in com/classes/Ajax.php. It is possible for an unauthenticated attacker to insert malicious JavaScript in several of the popup's fields by sending a request to wp-admin/admin-ajax.php with the POST action parameter of sgpb_autosave and including additional data in an allPopupData parameter, including the popup's ID (which is visible in the source of the page in which the popup is inserted) and arbitrary JavaScript which will then be executed in the browsers of visitors to that page. Because the plugin functionality automatically adds script tags to data entered into these fields, this injection will typically bypass most WAF applications. | medium |
| CVE-2020-10195 | The popup-builder plugin before 3.64.1 for WordPress allows information disclosure and settings modification, leading to in-scope privilege escalation via admin-post actions to com/classes/Actions.php. By sending a POST request to wp-admin/admin-post.php, an authenticated attacker with minimal (subscriber-level) permissions can modify the plugin's settings to allow arbitrary roles (including subscribers) access to plugin functionality by setting the action parameter to sgpbSaveSettings, export a list of current newsletter subscribers by setting the action parameter to csv_file, or obtain system configuration information including webserver configuration and a list of installed plugins by setting the action parameter to sgpb_system_info. | medium |
| CVE-2016-10878 | The wp-google-map-plugin plugin before 3.1.2 for WordPress has XSS. | medium |
| CVE-2015-9309 | The wp-google-map-plugin plugin before 2.3.10 for WordPress has CSRF in the add/edit category feature. | high |
| CVE-2015-9308 | The wp-google-map-plugin plugin before 2.3.10 for WordPress has CSRF in the add/edit map feature. | high |
| CVE-2015-9307 | The wp-google-map-plugin plugin before 2.3.10 for WordPress has CSRF in the add/edit location feature. | high |
| CVE-2015-9305 | The wp-google-map-plugin plugin before 2.3.7 for WordPress has XSS related to the add_query_arg() and remove_query_arg() functions. | medium |
| CVE-2025-47303 | Rejected reason: Not used | No Score |
| CVE-2025-47302 | Rejected reason: Not used | No Score |
| CVE-2025-47301 | Rejected reason: Not used | No Score |
| CVE-2025-47300 | Rejected reason: Not used | No Score |
| CVE-2025-47299 | Rejected reason: Not used | No Score |
| CVE-2025-47298 | Rejected reason: Not used | No Score |
| CVE-2025-47297 | Rejected reason: Not used | No Score |
| CVE-2025-47296 | Rejected reason: Not used | No Score |
| CVE-2025-47268 | ping in iputils through 20240905 allows a denial of service (application error or incorrect data collection) via a crafted ICMP Echo Reply packet, because of a signed 64-bit integer overflow in timestamp multiplication. | medium |
| CVE-2025-45618 | Incorrect access control in the component /admin/sys/datasource/ajaxList of jeeweb-mybatis-springboot v0.0.1.RELEASE allows attackers to access sensitive information via a crafted payload. | medium |
| CVE-2025-45617 | Incorrect access control in the component /user/list of production_ssm v0.0.1-SNAPSHOT allows attackers to access sensitive information via a crafted payload. | high |
| CVE-2025-45616 | Incorrect access control in the /admin/** API of brcc v1.2.0 allows attackers to gain access to Admin rights via a crafted request. | critical |
| CVE-2025-45615 | Incorrect access control in the /admin/ API of yaoqishan v0.0.1-SNAPSHOT allows attackers to gain access to Admin rights via a crafted request. | critical |
| CVE-2025-45614 | Incorrect access control in the component /api/user/manager of One v1.0 allows attackers to access sensitive information via a crafted payload. | high |
| CVE-2025-45613 | Incorrect access control in the component /user/list of Shiro-Action v0.6 allows attackers to access sensitive information via a crafted payload. | high |
| CVE-2025-45612 | Incorrect access control in xmall v1.1 allows attackers to bypass authentication via a crafted GET request to /index. | critical |
