2840512 matches found
IServ Schoolserver User Enumeration
IServ Schoolserver suffers from a user enumeration vulnerability. The vendor does not feel this is an issue...
EUVD-2026-39959
The Gutenverse – WordPress Blocks, Page Builder & Site Editor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 3.8.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...
EUVD-2026-39950
The Dokan: AI Powered WooCommerce Multivendor Marketplace Solution – Build Your Own Amazon, eBay, Etsy plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Product SKU in all versions up to, and including, 5.0.4 due to insufficient input sanitization and output escaping. This mak...
CVE-2026-49416
The CVE-2026-49416 issue affects FreeBSD vt(4) CONS_HISTORY ioctl. The bug occurs when a large history size is requested, causing an integer overflow in the buffer size calculation and resulting in a heap allocation smaller than needed; subsequent initialization writes beyond the allocation, enab...
CVE-2026-45258
CVE-2026-45258 arises from an overflow in dsp_mmap_single() when validating an mmap() request in the FreeBSD sound(4) mmap path. The sum of user-supplied offset and length could overflow, letting a large mapping pass the check, and the offset could be narrowed from 64 to 32 bits when converted to...
CVE-2026-13295
The CVE-2026-13295 entry concerns the Page Builder by SiteOrigin WordPress plugin. A stored XSS vulnerability affects all versions up to 2.34.3, caused by insufficient input sanitization and output escaping of the panels_data parameter. Authenticated users with Contributor-level access and above ...
CVE-2026-12471
The CVE concerns the Spexo WordPress theme. A missing capability check in the activate_plugin function affects all versions up to and including 2.0.11, allowing authenticated attackers with Subscriber-level access and above to activate a limited set of plugins. The information from connected docu...
CVE-2026-11783
The CVE concerns the Dokan: AI Powered WooCommerce Multivendor Marketplace Solution for WordPress. A Stored XSS flaw exists in all versions up to 5.0.4 due to insufficient input sanitization and output escaping of the Product SKU, enabling an authenticated attacker with custom-level access or hig...
EUVD-2026-39946
The Paid Membership Plugin, Ecommerce, User Registration Form, Login Form, User Profile & Restrict Content WordPress plugin before 4.16.17 does not verify that the user performing a subscription action owns the targeted subscription, allowing any authenticated user Subscriber+ to cancel other...
EUVD-2026-39945
The NEX-Forms – Ultimate Forms Plugin for WordPress plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 9.2.2. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated...
CVE-2026-12415
The CVE concerns the WordPress plugin Invoice Generator. Vulnerable in versions up to 1.0.0 due to a missing capability check on the pravel_invoice_edit_account() AJAX action. The handler is exposed via wp_ajax_nopriv_pravel_invoice_edit_account and accepts attacker-controlled user_id and user_em...
ROOT-OS-DEBIAN-13-CVE-2026-31634 CVE-2026-31634 in rootio-linux - Patched by Root
Root has patched CVE-2026-31634 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...
ROOT-OS-DEBIAN-13-CVE-2026-23452 CVE-2026-23452 in rootio-linux - Patched by Root
Root has patched CVE-2026-23452 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...
ROOT-OS-DEBIAN-13-CVE-2026-23303 CVE-2026-23303 in rootio-linux - Patched by Root
Root has patched CVE-2026-23303 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...
ROOT-OS-DEBIAN-13-CVE-2026-23367 CVE-2026-23367 in rootio-linux - Patched by Root
Root has patched CVE-2026-23367 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...
ROOT-OS-DEBIAN-13-CVE-2025-71202 CVE-2025-71202 in rootio-linux - Patched by Root
Root has patched CVE-2025-71202 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...
ROOT-OS-DEBIAN-13-CVE-2025-40121 CVE-2025-40121 in rootio-linux - Patched by Root
Root has patched CVE-2025-40121 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...
ROOT-OS-DEBIAN-13-CVE-2024-58095 CVE-2024-58095 in rootio-linux - Patched by Root
Root has patched CVE-2024-58095 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...
ROOT-OS-DEBIAN-13-CVE-2025-23130 CVE-2025-23130 in rootio-linux - Patched by Root
Root has patched CVE-2025-23130 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...
ROOT-OS-DEBIAN-13-CVE-2025-38678 CVE-2025-38678 in rootio-linux - Patched by Root
Root has patched CVE-2025-38678 in the rootio-linux package for Root:Debian:13. Multiple fixed versions available...