The usc-e-shop (aka Collne Welcart e-Commerce) plugin before 1.9.36 for WordPress allows Object Injection because of usces_unserialize. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.
WordPress
Deserialization
Welcart E Commerce
NVD
CVSS 3.1
8.8
EPSS
1.9%
PackageKit's apt backend mistakenly treated all local debs as trusted. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.
Privilege Escalation
Packagekit
Ubuntu Linux
NVD
CVSS 3.1
7.8
EPSS
0.3%