6.5
CVE-2025-22823 - WordPress Genesis Style Shortcodes Plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in jtwerdy Genesis Style Shortcodes genesis-style-shortcodes allows DOM-Based XSS.This issue affects Genesis Style Shortcodes: from n/a through <= 1.0.
6.5
CVE-2025-22824 - WordPress Live Flight Radar Plugin <= 1.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in lucia.intelisano Live Flight Radar live-flight-radar allows Stored XSS.This issue affects Live Flight Radar: from n/a through <= 1.0.
6.5
CVE-2025-22826 - WordPress Sell Digital Downloads plugin <= 2.2.7 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in wpecommerce Sell Digital Downloads sell-digital-downloads allows Stored XSS.This issue affects Sell Digital Downloads: from n/a through <= 2.2.7.
6.5
CVE-2025-22827 - WordPress WP Joomag plugin <= 2.5.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in joomag WP Joomag wp-joomag allows DOM-Based XSS.This issue affects WP Joomag: from n/a through <= 2.5.2.
3.7
CVE-2024-10106 - Ember ZNet buffer overflow in 'packet handoff' plugin
A buffer overflow vulnerability in the packet handoff plugin allows an attacker to overwrite memory outside the plugin's buffer.
8.2
CVE-2023-24012 - Data Distribution Service (DDS) Chain of Trust (CoT) violation vulnerability in Open DDS
An attacker can arbitrarily craft malicious DDS Participants (or ROS 2 Nodes) with valid certificates to compromise and get full control of the attacked secure DDS databus system by exploiting vulnerable attributes in the configuration of PKCS#7 certificate’s validation. This is caused by a non-com…
8.2
CVE-2023-24011 - Data Distribution Service (DDS) Chain of Trust (CoT) violation vulnerability in Cyclone DDS
An attacker can arbitrarily craft malicious DDS Participants (or ROS 2 Nodes) with valid certificates to compromise and get full control of the attacked secure DDS databus system by exploiting vulnerable attributes in the configuration of PKCS#7 certificate’s validation. This is caused by a non-com…
8.2
CVE-2023-24010 - Data Distribution Service (DDS) Chain of Trust (CoT) violation in Fast DDS
An attacker can arbitrarily craft malicious DDS Participants (or ROS 2 Nodes) with valid certificates to compromise and get full control of the attacked secure DDS databus system by exploiting vulnerable attributes in the configuration of PKCS#7 certificate’s validation. This is caused by a non-com…
5.5
CVE-2022-22491 - IBM App Connect Enterprise Certified Container denial of service
IBM App Connect Enterprise Certified Container 7.1, 7.2, 8.0, 8.1, 8.2, 9.0, 9.1, 9.2, 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, 12.3, and 12.4 operands running in Red Hat OpenShift do not restrict writing to the local filesystem, which may result in exhausting the ava…
5.4
CVE-2024-43176 - IBM OpenPages information disclosure
IBM OpenPages 9.0 could allow an authenticated user to obtain sensitive information such as configurations that should only be available to privileged users.