The Everest Backup – WordPress Cloud Backup, Migration, Restore & Cloning Plugin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'everest_process_status' AJAX action in all versions up to, and including, 2.3.5. This makes it possible for un…

The Colibri Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's colibri_newsletter shortcode in all versions up to, and including, 1.0.334 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for a…

Permission control vulnerability in the Gallery module. Successful exploitation of this vulnerability may affect service confidentiality

A weakness has been identified in CodeAstro Gym Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/equipment-entry.php. Executing a manipulation of the argument ename can lead to sql injection. It is possible to launch the attack remotely. The explo…

In modem, there is a possible system crash due to improper input validation. This could lead to remote escalation of privilege with no additional execution privileges needed.

In modem, there is a possible system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed.

MONGO dissector infinite loop in Wireshark 4.4.0 to 4.4.9 and 4.2.0 to 4.2.13 allows denial of service

Vulnerability in Drupal Owl Carousel 2.This issue affects Owl Carousel 2: *.*.

cel-rust is a Common Expression Language interpreter written in Rust. Starting in version 0.10.0 and prior to version 0.11.4, parsing certain malformed CEL expressions can cause the parser to panic, terminating the process. When the crate is used to evaluate untrusted expressions (e.g., user-suppli…

Vulnerability in Drupal API Key manager.This issue affects API Key manager: *.*.