1351 matches found
CVE-2026-54262
Wagtail’s CVE-2026-54262 affects the translation feature. In versions before 7.0.8, 7.3.3, and 7.4.2, a user with the can submit translation permission could create translations for any page, including pages they lack access to. The root cause is described as a permission/authorization issue rela...
CVE-2026-13560
A security vulnerability has been detected in Edimax EW-7478APC 1.04. The affected element is the function formAccept of the file /goform/formAccept of the component POST Request Handler. The manipulation of the argument submit-url leads to os command injection. The attack is possible to be carri...
CVE-2026-13560
Summary : CVE-2026-13560 affects Edimax EW-7478APC (firmware 1.04). The vulnerable component is the POST Request Handler’s /goform/formAccept function, where manipulating the argument submit-url enables an OS command injection . The attack is remote and the exploit has been disclosed publicly. Th...
CVE-2026-13560 Edimax EW-7478APC POST Request formAccept os command injection
A security vulnerability has been detected in Edimax EW-7478APC 1.04. The affected element is the function formAccept of the file /goform/formAccept of the component POST Request Handler. The manipulation of the argument submit-url leads to os command injection. The attack is possible to be carri...
CVE-2026-52982 net: usb: rtl8150: fix use-after-free in rtl8150_start_xmit()
In the Linux kernel, the following vulnerability has been resolved: net: usb: rtl8150: fix use-after-free in rtl8150startxmit syzbot reported a KASAN slab-use-after-free read in rtl8150startxmit when accessing skb-len for tx statistics after usbsubmiturb has been called: BUG: KASAN:...
Astra Linux – Vulnerability in Linux 6.12
In the Linux kernel, the following vulnerability has been resolved: net/handshake: The function handshakereqsubmit replaces sk-skdestruct, but it never restores it when submission fails before the request is hashed. As a result, handshakeskdestruct returns early, and the original destructor never...
CVE-2026-54007
Open WebUI is a self-hosted artificial intelligence platform designed to operate entirely offline. Prior to 0.9.6, the chat message listener allows non-same-origin input:prompt and action:submit messages, so an external site can set prompt text and trigger submitPrompt in an authenticated victim...
EUVD-2019-20199
WordPress Ultimate Addons for Beaver Builder 1.2.4.1 contains an authentication bypass vulnerability that allows attackers to gain unauthorized access by exploiting the social media login form functionality. Attackers can submit a POST request to the admin-ajax.php endpoint with the...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: removing redundant scheduler job cleanup when CS aborts. When command submission fails due to an invalid userptr in amdgpucssubmit, legacy code will perform cleanup of scheduler jobs. However, this is completely...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
In the Linux kernel, the following vulnerability has been resolved: nilfs2: A potential use-after-free issue has been addressed in nilfsgccachesubmitreaddata. In nilfsgccachesubmitreaddata, the function brelsebh is called to decrement the reference count of bh when the call to nilfsdattranslate...
Astra Linux – Vulnerability in Linux 5.15
A NULL pointer dereference flaw was discovered in the Linux kernel’s drivers/gpu/drm/msm/msmgemsubmit.c code, specifically in the submitlookupcmds function. This flaw occurs because there is no check on the return value of kmalloc. This issue allows a local user to crash the system...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: erofs: Add GFPNOIO to the bio completion if necessary. The bio completion path in the process context e.g., dm-verity will directly call into decompression instead of triggering another workqueue context for minimal scheduling...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fixed the issue where the fence was put before waiting in amdgpuamdkfdsubmitib. The amdgpuamdkfdsubmitib function submits a GPU job and obtains a fence from amdgpuibschedule. This fence is used to wait for the job to...
Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10
In the Linux kernel, the following vulnerability has been resolved: btrfs: Do not clean up the repair bio if submission fails. The submission helper always runs bioendio on the bio if submission fails. Therefore, cleaning up the bio only leads to various use-after-free errors and NULL pointer...
CVE-2026-48997 e107: Command Injection via shell expansion in ImageMagick resize destination path
e107 is a content management system CMS. Versions 2.3.5 and earlier contain a command injection vulnerability in the ImageMagick resize destination path. In resizeimage, the source path is escaped with escapeshellarg, but the destination path is inserted inside raw double quotes in the convert...
Open WebUI: Cross-origin postMessage confirmation bypass via action:submit
Summary The chat message listener allows non-same-origin input:prompt and action:submit messages, so an external site can set prompt text and trigger submitPrompt in an authenticated victim session. I validated this with a cross-origin attacker page that auto-posted messages and caused unauthoriz...
GHSA-GJ48-438W-JH9V Bleach clean() / Cleaner() fails to sanitize dangerous URI schemes in allowed formaction attributes
Summary Bleach clean / Cleaner fails to sanitize dangerous URI schemes in allowed formaction attributes. Bleach applies URI protocol sanitization only to attributes listed in attrvalisuri. While URI-bearing attributes such as action, href, src, and poster are included in that set, formaction is...
CVE-2026-44208
Frappe is a full-stack web application framework. Prior to versions 15.107.0 and 16.17.0, lack of validations in the "submitdiscussion" endpoint allows for unauthorized access to resources. This issue has been patched in versions 15.107.0 and 16.17.0...
CVE-2026-44208
CVE-2026-44208 affects the Frappe framework (full-stack web app). A lack of input/permission validations in the submit_discussion() endpoint allows unauthorized access to resources (IDOR) in affected builds. The issue is fixed in versions 15.107.0 and 16.17.0; prior releases were vulnerable. No e...
CVE-2026-44208 Frappe: IDOR in `submit_discussion()`
Frappe is a full-stack web application framework. Prior to versions 15.107.0 and 16.17.0, lack of validations in the "submitdiscussion" endpoint allows for unauthorized access to resources. This issue has been patched in versions 15.107.0 and 16.17.0...