Argument injection in special agent configuration in Checkmk <2.4.0p1, <2.3.0p32, <2.2.0p42 and 2.1.0 allows authenticated attackers to write arbitrary files

Stack overflow leading to DoS can be triggered by a malicious authenticated client in Clickhouse before 19.14.3.3.

Yandex Browser for Android prior to version 21.3.0 allows remote attackers to perform IDN homograph attack.

Yandex Browser Lite for Android prior to version 21.1.0 allows remote attackers to cause a denial of service.

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

Yandex Browser Lite for Android before 21.1.0 allows remote attackers to spoof the address bar.

In Eclipse JGit versions 7.2.0.202503040940-r and older, the ManifestParser class used by the repo command and the AmazonS3 class used to implement the experimental amazons3 git transport protocol allowing to store git pack files in an Amazon S3 bucket, are vulnerable to XML External Entity (XXE) a…

The Madara – Responsive and modern WordPress theme for manga sites theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.2.2 via the 'template' parameter. This makes it possible for unauthenticated attackers to include and execute arbitrary files on the s…

A flaw was found in gnome-remote-desktop. Once gnome-remote-desktop listens for RDP connections, an unauthenticated attacker can exhaust system resources and repeatedly crash the process. There may be a resource leak after many attacks, which will also result in gnome-remote-desktop no longer being…

The DIGITS: WordPress Mobile Number Signup and Login WordPress plugin before 8.4.6.1 does not rate limit OTP validation attempts, making it straightforward for attackers to bruteforce them.