| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Unauthenticated SQL Injection in Library Management System <= 3.5.7 versions. |
| Subscriber Cross Site Scripting (XSS) in ListingPro <= 2.9.11 versions. |
| Unauthenticated Insecure Direct Object References (IDOR) in Payment Gateway Based Fees and Discounts for WooCommerce <= 3.0.0 versions. |
| Subscriber PHP Object Injection in Uncanny Automator Pro <= 7.3.0.6 versions. |
| Unauthenticated SQL Injection in JetSmartFilters <= 3.8.3 versions. |
| Unauthenticated SQL Injection in JetEngine <= 3.8.10.2 versions. |
| Contributor Remote Code Execution (RCE) in Blocksy Companion Pro <= 2.1.45 versions. |
| Author Cross Site Scripting (XSS) in Featured Image <= 2.1 versions. |
| Administrator SQL Injection in WP All Import <= 4.0.1 versions. |
| Unauthenticated Insecure Direct Object References (IDOR) in Blocksy Companion Pro <= 2.1.46 versions. |
| Subscriber Broken Access Control in Email Marketing for WooCommerce by Omnisend <= 1.19.0 versions. |
| Subscriber Broken Access Control in MasterStudy LMS <= 3.7.30 versions. |
| Unauthenticated Cross Site Request Forgery (CSRF) in Real Estate 7 <= 3.5.9 versions. |
| newsletters_subscribers Broken Access Control in Newsletters <= 4.13 versions. |
| Subscriber Broken Access Control in Shoppable Images Lite <= 1.3 versions. |
| Unauthenticated Broken Access Control in Booking and Rental Manager <= 2.7.1 versions. |
| Contributor SQL Injection in Recipe Maker For Your Food Blog from Zip Recipes <= 8.2.7 versions. |
| A web page that contains unusual GPU shader code is loaded into the GPU compiler process and can trigger a write out-of-bounds write crash in the GPU shader compiler library. On certain platforms, when the compiler process has system privileges this could enable further exploits on the device.
An edge case using a very small value in GPU shader code can cause a segmentation fault in the GPU shader compiler due to am out-of-bounds write. |
| Unauthenticated remote information disclosure vulnerability in Ollama's model quantization engine allows an attacker to read and exfiltrate the server's heap memory, potentially leading to sensitive data exposure, further compromise, and stealthy persistence. |
| Kernel software installed and running inside a Host VM may post improper commands to the GPU Firmware to trigger a memory read or write outside the permitted range of memory for the host kernel.
Addresses passed to the GPU Firmware can be used by the Firmware for more privileged memory accesses than are permitted by the system. |
