8.5
CVE-2024-12021 - Stored Cross-Site Scripting
Coverity versions prior to 2024.9.0 are vulnerable to stored cross-site scripting (XSS) in various administrative interfaces. The impact of exploitation may result in the compromise of local accounts managed by the Coverity platform as well as other standard impacts resulting from cross-site scriptβ¦
4.8
CVE-2025-2998 - PyTorch torch.nn.utils.rnn.pad_packed_sequence memory corruption
A vulnerability was found in PyTorch 2.6.0. It has been declared as critical. Affected by this vulnerability is the function torch.nn.utils.rnn.pad_packed_sequence. The manipulation leads to memory corruption. Local access is required to approach this attack. The exploit has been disclosed to the pβ¦
5.3
CVE-2025-2997 - zhangyanbo2007 youkefu url server-side request forgery
A vulnerability was found in zhangyanbo2007 youkefu 4.2.0. It has been classified as critical. Affected is an unknown function of the file /res/url. The manipulation of the argument url leads to server-side request forgery. It is possible to launch the attack remotely. The exploit has been discloseβ¦
7.5
CVE-2023-0881 - DDoS in Ubuntu package linux-bluefield
Running DDoS on tcp port 22 will trigger a kernel crash. This issue is introduced by the backport of a commit regarding nft_lookup without the subsequent fixes that were introduced after this commit. The resolution of this CVE introduces those commits to the linux-bluefield package.
6.9
CVE-2025-2996 - Tenda FH1202 Web Management Interface SysToolDDNS access control
A vulnerability was found in Tenda FH1202 1.2.0.14(408) and classified as critical. This issue affects some unknown processing of the file /goform/SysToolDDNS of the component Web Management Interface. The manipulation leads to improper access controls. The attack may be initiated remotely. The expβ¦
6.5
CVE-2025-31629 - WordPress Infusionsoft Web Form JavaScript plugin <= 1.1.1 - Cross Site Scripting (XSS) vulnerabiliβ¦
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Jacob Allred Infusionsoft Web Form JavaScript infusionsoft-web-form-javascript allows Stored XSS.This issue affects Infusionsoft Web Form JavaScript: from n/a through <= 1.1.1.
5.9
CVE-2025-31627 - WordPress Media Library Assistant plugin <= 3.24 - Stored Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in David Lingren Media LIbrary Assistant media-library-assistant allows Stored XSS.This issue affects Media LIbrary Assistant: from n/a through <= 3.24.
7.1
CVE-2025-31625 - WordPress Useinfluence plugin <= 1.0.8 - Cross Site Request Forgery (CSRF) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ramanparashar Useinfluence useinfluence allows Stored XSS.This issue affects Useinfluence: from n/a through <= 1.0.8.
6.5
CVE-2025-31624 - WordPress Processing Projects plugin <= 1.0.2 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in LABCAT Processing Projects processing-projects allows DOM-Based XSS.This issue affects Processing Projects: from n/a through <= 1.0.2.
7.1
CVE-2025-31623 - WordPress Rich Text Editor plugin <= 1.0.1 - CSRF to Stored XSS vulnerability
Cross-Site Request Forgery (CSRF) vulnerability in richtexteditor Rich Text Editor richtexteditor allows Stored XSS.This issue affects Rich Text Editor: from n/a through <= 1.0.1.