Aggregator

Submit #510690 / VDB-299049

Исследование ведущих университетов раскрывает границы возможностей искусственного интеллекта в сложных этических вопросах.

A vulnerability was found in MariaDB Server up to 10.11.x/11.4.x and classified as problematic. Affected by this issue is the function JOIN::fix_all_splittings_in_plan. The manipulation leads to insecure automated optimizations. This vulnerability is handled as CVE-2023-52971. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Contact Us by Lord Linus Plugin up to 2.6 on WordPress and classified as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross-site request forgery. This vulnerability is known as CVE-2025-1382. The attack can be launched remotely. There is no exploit available.

A vulnerability, which was classified as problematic, was found in MariaDB Server up to 10.4.x/10.5.x/11.x/11.3.x. Affected is the function Item_direct_view_ref::derived_field_transformer_for_where. The manipulation leads to insecure automated optimizations. This vulnerability is traded as CVE-2023-52970. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in MariaDB Server up to 10.4.x/10.5.x/10.10.x/11.x. This issue affects the function make_aggr_tables_info/optimize_stage2. The manipulation leads to insecure automated optimizations. The identification of this vulnerability is CVE-2023-52969. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic was found in MariaDB Server up to 11.1.3. This vulnerability affects the function fix_fields_if_needed. The manipulation leads to incorrect behavior order. This vulnerability was named CVE-2023-52968. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as problematic has been found in WooCommerce URL Shortener Plugin up to 9.0.2 on WordPress. This affects an unknown part of the component Setting Handler. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2025-1363. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability was found in WooCommerce URL Shortener Plugin up to 9.0.2 on WordPress. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross-site request forgery. This vulnerability is handled as CVE-2025-1362. The attack may be launched remotely. There is no exploit available.

Currently trending CVE - Hype Score: 1

Ущерб от действий инсайдера оценивается в сотни миллионов долларов.

Модели ИИ застревают в собственных мыслях — и это дорого.

创新，才是未来。

A CVSS score 7.8 AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H severity vulnerability discovered by 'MICHAEL RANDRIANANTENAINA [https://elkamika.blogspot.com/]' was reported to the affected vendor on: 2025-03-09, 29 days ago. The vendor is given until 2025-07-07 to publish a fix or workaround. Once the vendor has created and tested a patch we will coordinate the release of a public advisory.

Инициатива «Catch and Revoke» станет ответом на волну студенческих акций против политики.

A vulnerability, which was classified as problematic, has been found in Ampache up to 6.5.x. This issue affects some unknown processing of the component Democratic Playlist Name Handler. The manipulation leads to cross site scripting. The identification of this vulnerability is CVE-2024-47184. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in openPetra 2023.02. It has been declared as problematic. This vulnerability affects unknown code of the file serverMCommon.asmx. The manipulation leads to cross site scripting. This vulnerability was named CVE-2024-40510. The attack can be initiated remotely. There is no exploit available.

A vulnerability has been found in CodeAstro Membership Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file edit-type.php. The manipulation of the argument membership_type leads to cross site scripting. This vulnerability was named CVE-2024-46470. The attack can be initiated remotely. There is no exploit available.

A vulnerability was found in Gallery 1.3.1/1.3.2/1.3.3/1.4/1.4.1. It has been declared as critical. Affected by this vulnerability is an unknown functionality. The manipulation of the argument GALLERY_BASEDIR leads to file inclusion. This vulnerability is known as CVE-2004-2124. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.