CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 3CVE-2025-47577 – WordPress TI WooCommerce Wishlist < 2.10.0 - Arbitrary File Upload Vulnerability
https://notcve.org/view.php?id=CVE-2025-47577
16 May 2025 — Unrestricted Upload of File with Dangerous Type vulnerability in TemplateInvaders TI WooCommerce Wishlist allows Upload a Web Shell to a Web Server.This issue affects TI WooCommerce Wishlist: from n/a through 2.9.2. Unrestricted Upload of File with Dangerous Type vulnerability in TemplateInvaders TI WooCommerce Wishlist allows Upload a Web Shell to a Web Server.This issue affects TI WooCommerce Wishlist: from n/a before 2.10.0. The TI WooCommerce Wishlist plugin for WordPress is vulnerable to arbitrary file... • https://packetstorm.news/files/id/198927 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2025-32920 – WordPress TI WooCommerce Wishlist plugin <= 2.10.0 - Cross Site Scripting (XSS) vulnerability
https://notcve.org/view.php?id=CVE-2025-32920
15 May 2025 — Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in TemplateInvaders TI WooCommerce Wishlist allows Stored XSS.This issue affects TI WooCommerce Wishlist: from n/a through 2.9.2. Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in TemplateInvaders TI WooCommerce Wishlist allows Stored XSS.This issue affects TI WooCommerce Wishlist: from n/a through 2.10.0. The TI WooCommerce Wishlist plugin for WordPress is v... • https://patchstack.com/database/wordpress/plugin/ti-woocommerce-wishlist/vulnerability/wordpress-ti-woocommerce-wishlist-plugin-2-9-2-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.6EPSS: 0%CPEs: 2EXPL: 1CVE-2024-41629 – Texas Instruments Fusion Digital Power Designer 7.10.1 Credential Disclosure
https://notcve.org/view.php?id=CVE-2024-41629
03 Sep 2024 — An issue in Texas Instruments Fusion Digital Power Designer v.7.10.1 allows a local attacker to obtain sensitive information via the plaintext storage of credentials Texas Instruments Fusion Digital Power Designer version 7.10.1 allows a local attacker to obtain sensitive information via the plaintext storage of credentials. • https://packetstorm.news/files/id/181281 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 10.0EPSS: 82%CPEs: 1EXPL: 2CVE-2024-43917 – WordPress TI WooCommerce Wishlist plugin <= 2.8.2 - SQL Injection vulnerability
https://notcve.org/view.php?id=CVE-2024-43917
22 Aug 2024 — Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in TemplateInvaders TI WooCommerce Wishlist allows SQL Injection.This issue affects TI WooCommerce Wishlist: from n/a through 2.8.2. The TI WooCommerce Wishlist plugin for WordPress is vulnerable to SQL Injection in all versions up to, and including, 2.8.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthe... • https://github.com/p33d/CVE-2024-43917 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2021-27504 – Texas Instruments FREERTOS Integer Overflow or Wraparound
https://notcve.org/view.php?id=CVE-2021-27504
21 Nov 2023 — Texas Instruments devices running FREERTOS, malloc returns a valid pointer to a small buffer on extremely large values, which can trigger an integer overflow vulnerability in 'malloc' for FreeRTOS, resulting in code execution. En los dispositivos de Texas Instruments que ejecutan FREERTOS, malloc devuelve un puntero válido a un pequeño búfer en valores extremadamente grandes, lo que puede desencadenar una vulnerabilidad de desbordamiento de enteros en 'malloc' para FreeRTOS, lo que resulta en la ejecución d... • https://www.cisa.gov/news-events/ics-advisories/icsa-21-119-04 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 14EXPL: 0CVE-2021-27502 – Texas Instruments TI-RTOS Integer Overflow or Wraparound
https://notcve.org/view.php?id=CVE-2021-27502
21 Nov 2023 — Texas Instruments TI-RTOS, when configured to use HeapMem heap(default), malloc returns a valid pointer to a small buffer on extremely large values, which can trigger an integer overflow vulnerability in 'HeapMem_allocUnprotected' and result in code execution. Texas Instruments TI-RTOS, cuando se configura para usar el heap HeapMem (predeterminado), malloc devuelve un puntero válido a un búfer pequeño en valores extremadamente grandes, lo que puede desencadenar una vulnerabilidad de desbordamiento de entero... • https://www.cisa.gov/news-events/ics-advisories/icsa-21-119-04 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 14EXPL: 0CVE-2021-22636 – Texas Instruments TI-RTOS Integer Overflow or Wraparound
https://notcve.org/view.php?id=CVE-2021-22636
20 Nov 2023 — Texas Instruments TI-RTOS, when configured to use HeapMem heap(default), malloc returns a valid pointer to a small buffer on extremely large values, which can trigger an integer overflow vulnerability in 'HeapMem_allocUnprotected' and result in code execution. Texas Instruments TI-RTOS, cuando se configura para usar el heap HeapMem (predeterminado), malloc devuelve un puntero válido a un búfer pequeño en valores extremadamente grandes, lo que puede desencadenar una vulnerabilidad de desbordamiento de entero... • https://www.cisa.gov/news-events/ics-advisories/icsa-21-119-04 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.8EPSS: 0%CPEs: 14EXPL: 0CVE-2021-27429 – Texas Instruments TI-RTOS Integer Overflow or Wraparound
https://notcve.org/view.php?id=CVE-2021-27429
20 Nov 2023 — Texas Instruments TI-RTOS returns a valid pointer to a small buffer on extremely large values. This can trigger an integer overflow vulnerability in 'HeapTrack_alloc' and result in code execution. Texas Instruments TI-RTOS devuelve un puntero válido a un búfer pequeño en valores extremadamente grandes. Esto puede desencadenar una vulnerabilidad de desbordamiento de enteros en 'HeapTrack_alloc' y provocar la ejecución de código. • https://www.cisa.gov/news-events/ics-advisories/icsa-21-119-04 • CWE-190: Integer Overflow or Wraparound •
CVSS: 4.4EPSS: 0%CPEs: 2EXPL: 0CVE-2022-25332 – SK_LOAD timing side channel during AES module decryption in Texas Instruments OMAP L138
https://notcve.org/view.php?id=CVE-2022-25332
19 Oct 2023 — The AES implementation in the Texas Instruments OMAP L138 (secure variants), present in mask ROM, suffers from a timing side channel which can be exploited by an adversary with non-secure supervisor privileges by managing cache contents and collecting timing information for different ciphertext inputs. Using this side channel, the SK_LOAD secure kernel routine can be used to recover the Customer Encryption Key (CEK). La implementación de AES en Texas Instruments OMAP L138 (variantes seguras), presente en la... • https://tetraburst.com • CWE-203: Observable Discrepancy CWE-208: Observable Timing Discrepancy •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-25334 – Stack overflow on SK_LOAD signature length field in Texas Instruments OMAP L138
https://notcve.org/view.php?id=CVE-2022-25334
19 Oct 2023 — The Texas Instruments OMAP L138 (secure variants) trusted execution environment (TEE) lacks a bounds check on the signature size field in the SK_LOAD module loading routine, present in mask ROM. A module with a sufficiently large signature field causes a stack overflow, affecting secure kernel data pages. This can be leveraged to obtain arbitrary code execution in secure supervisor context by overwriting a SHA256 function pointer in the secure kernel data area when loading a forged, unsigned SK_LOAD module ... • https://tetraburst.com • CWE-121: Stack-based Buffer Overflow CWE-787: Out-of-bounds Write •