CVE
Vendors
Products
Updated
CVSS v2
CVSS v3
Business Logic Errors in Packagist dolibarr/dolibarr prior to 16.0.
Use After Free in GitHub repository vim/vim prior to 8.2.
The TI WooCommerce Wishlist WordPress plugin before 1.40.1, TI WooCommerce Wishlist Pro WordPress plugin before 1.40.1 do not sanitise and escape the item_id parameter before using it in a SQL statement via the wishlist/remove_product REST endpoint, allowing unauthenticated attackers to perform SQL injection attacks
The Asgaros Forum WordPress plugin before 2.0.0 does not sanitise and escape the post_id parameter before using it in a SQL statement via a REST route of the plugin (accessible to any authenticated user), leading to a SQL injection
The WP Visitor Statistics (Real Time Traffic) WordPress plugin before 5.6 does not sanitise and escape the id parameter before using it in a SQL statement via the refUrlDetails AJAX action, available to any authenticated user, leading to a SQL injection
Unrestricted Upload of File with Dangerous Type in Packagist showdoc/showdoc prior to 2.10.2.
Stack-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.
Improper Authorization in GitHub repository janeczku/calibre-web prior to 0.6.16.
Improper Access Control in GitHub repository janeczku/calibre-web prior to 0.6.16.