| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| A handling issue in the RTSP service of the Mercury MIPC252W 1.0.5 Build 230306 Rel.79931n allows an authenticated attacker to trigger session termination by repeatedly sending SETUP requests for the same media track within a single RTSP session. This causes the server to reset the RTSP connection, leading to a denial-of-service condition. |
| MERCURY MIPC252W IP camera 1.0.5 Build 230306 Rel.79931n contains an improper authentication vulnerability in the RTSP service. After successful Digest authentication in an initial DESCRIBE request, the device does not verify the Digest response parameter in subsequent RTSP requests within the same session. As a result, RTSP methods such as SETUP, PLAY, and TEARDOWN can be processed even when the Authorization header contains an empty or invalid response value, as long as the nonce and session identifier correspond to a previously authenticated session. This allows an attacker with network access to reuse session parameters and issue unauthorized RTSP control commands without computing a valid Digest response. |
| A vulnerability was identified in SourceCodester Pharmacy Sales and Inventory System 1.0. This affects the function delete_expired of the file /ajax.php?action=delete_expired. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit is publicly available and might be used. |
| P4 Server versions prior to 2026.1 are configured with insecure default settings that, when exposed to untrusted networks, allow unauthenticated attackers to create arbitrary user accounts, enumerate existing users, authenticate to accounts with no password set, and access depot contents via the built-in 'remote' user. These default settings, taken together, can lead to unauthorized access to source code repositories and other managed assets. The 2026.1 release, expected in May 2026, enforces secure-by-default configurations on upgrade and new installations |
| A vulnerability in olivethemes Olive One Click Demo Import olive-one-click-demo-import.This issue affects Olive One Click Demo Import: from n/a through <= 1.1.1. |
| Missing Authorization vulnerability in Saleswonder Team: Tobias 5 Stars Rating Funnel 5-stars-rating-funnel.This issue affects 5 Stars Rating Funnel: from n/a through <= 1.2.67. |
| Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in cimatti Contact Forms by Cimatti contact-forms.This issue affects Contact Forms by Cimatti: from n/a through <= 1.8.0. |
| A vulnerability in PluginOps Layer Slider slider-slideshow.This issue affects Layer Slider: from n/a through <= 1.1.9.7. |
| A vulnerability in PluginOps Social Feed | All social media in one place add-facebook.This issue affects Social Feed | All social media in one place: from n/a through <= 1.5.4.6. |
| A vulnerability in Nks Post Sliders & Post Grids post-slider-carousel.This issue affects Post Sliders & Post Grids: from n/a through <= 1.0.20. |
| A vulnerability in WP Map Plugins Basic Interactive World Map basic-interactive-world-map.This issue affects Basic Interactive World Map: from n/a through <= 2.0. |
| A vulnerability in StellarWP Kadence WooCommerce Email Designer kadence-woocommerce-email-designer.This issue affects Kadence WooCommerce Email Designer: from n/a through <= 1.5.11. |
| A vulnerability in Collins Agbonghama Admin Bar & Dashboard Access Control admin-bar-dashboard-control.This issue affects Admin Bar & Dashboard Access Control: from n/a through <= 1.2.8. |
| A vulnerability in Elementor Linker linker.This issue affects Linker: from n/a through <= 1.2.1. |
| A vulnerability in Milan Petrovic GD Security Headers gd-security-headers.This issue affects GD Security Headers: from n/a through <= 1.7. |
| A vulnerability in Roland Murg Current Menu Item for Custom Post Types current-menu-item-for-custom-post-types.This issue affects Current Menu Item for Custom Post Types: from n/a through <= 1.5. |
| A vulnerability in Alter Alter alter.This issue affects Alter: from n/a through <= 1.0. |
| A vulnerability in Jayce53 EasyRecipe easyrecipe.This issue affects EasyRecipe: from n/a through <= 3.5.3251. |
| A vulnerability in TheFreeWindows Auto Limit Posts Reloaded auto-limit-posts-reloaded.This issue affects Auto Limit Posts Reloaded: from n/a through <= 2.5. |
| A vulnerability in PluginOps Feather Login Page feather-login-page.This issue affects Feather Login Page: from n/a through <= 1.1.3. |
