-
Scribus 1.6.3 Released! 3 New Script Functions & Various Fixes
Scribus, the popular free open-source desktop publishing software, announced new 1.6.3 version on Wednesday! This is a maintenance release that contains primarily bug-fixes, though there are also a few new features included in the release. For scripting, Scribus 1.6.3 added three Python script functions for working with points and the document unit. They include: pointsToDocUnit…
-
CVE-2025-22535 – WPListCal SQL Injection Vulnerability
CVE ID : CVE-2025-22535 Published : Jan. 9, 2025, 4:16 p.m. | 21 hours, 36 minutes ago Description : Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in Jonathan Kern WPListCal allows SQL Injection.This issue affects WPListCal: from n/a through 1.3.5. Severity: 8.5 | HIGH Visit the link for more details, such…
-
CVE-2025-22508 – Roninwp FAT Event Lite PHP Local File Include Vulnerability
CVE ID : CVE-2025-22508 Published : Jan. 9, 2025, 4:16 p.m. | 21 hours, 36 minutes ago Description : Improper Control of Filename for Include/Require Statement in PHP Program (‘PHP Remote File Inclusion’) vulnerability in Roninwp FAT Event Lite allows PHP Local File Inclusion.This issue affects FAT Event Lite: from n/a through 1.1. Severity: 8.1 | HIGH…
-
RetroArch 1.20.0 Released with PipeWire Audio Driver, Qt6 Support
RetroArch, the popular free open-source front-end for emulators and game engines, released version 1.20.0 a few days ago. The new release added illuminance sensor support for Linux users. Meaning you can play Boktai with real light, just as intended. While, it’s also working on sunlight and camera support. Also for Linux, the release added audio…
-
CVE-2025-22505 – NC Wishlist for Woocommerce SQL Injection Vulnerability
CVE ID : CVE-2025-22505 Published : Jan. 9, 2025, 4:16 p.m. | 21 hours, 36 minutes ago Description : Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability in Nabaraj Chapagain NC Wishlist for Woocommerce allows SQL Injection.This issue affects NC Wishlist for Woocommerce: from n/a through 1.0.1. Severity: 8.5 | HIGH Visit…
-
CVE-2025-22504 – Jumpdemand 4ECPS Web Forms Unrestricted File Upload RCE
CVE ID : CVE-2025-22504 Published : Jan. 9, 2025, 4:16 p.m. | 21 hours, 36 minutes ago Description : Unrestricted Upload of File with Dangerous Type vulnerability in jumpdemand 4ECPS Web Forms allows Upload a Web Shell to a Web Server.This issue affects 4ECPS Web Forms: from n/a through 0.2.18. Severity: 10.0 | CRITICAL Visit the link…
-
CVE-2023-24012 – “ThreatX DDS PKCS7 Signature Bypass”
CVE ID : CVE-2023-24012 Published : Jan. 9, 2025, 3:15 p.m. | 22 hours, 37 minutes ago Description : An attacker can arbitrarily craft malicious DDS Participants (or ROS 2 Nodes) with valid certificates to compromise and get full control of the attacked secure DDS databus system by exploiting vulnerable attributes in the configuration of PKCS#7 certificate’s…
-
Search Which Files include Given Text/String in Linux (Examples)
This tutorial shows how to search and print which files contain your specified text or string in Ubuntu and other Linux in command line, with examples. Search file or file content is an important skill for Linux administrator. I’ve shown how to use locate command to search files through the keyword in its file-name, path,…
-
CVE-2023-24011 – Siemens Industrial Automation ROS 2 DDS PKCS7 Certificate Validation_chain Execution Bypass
CVE ID : CVE-2023-24011 Published : Jan. 9, 2025, 3:15 p.m. | 22 hours, 37 minutes ago Description : An attacker can arbitrarily craft malicious DDS Participants (or ROS 2 Nodes) with valid certificates to compromise and get full control of the attacked secure DDS databus system by exploiting vulnerable attributes in the configuration of PKCS#7 certificate’s…
-
CVE-2023-24010 – BDEX DDS Certificate Signature Verification Vulnerability
CVE ID : CVE-2023-24010 Published : Jan. 9, 2025, 3:15 p.m. | 22 hours, 37 minutes ago Description : An attacker can arbitrarily craft malicious DDS Participants (or ROS 2 Nodes) with valid certificates to compromise and get full control of the attacked secure DDS databus system by exploiting vulnerable attributes in the configuration of PKCS#7 certificate’s…