EUVD-2026-32276

Slican telephone exchanges allow administrative protocol authentication bypass. An attacker can bypass the need to enter login credentials by executing the appropriate command. This issue was fixed in versions below: - NCP: version 1.24.0250 - IPx series: version 6.61.0040 - CCT-1668: version...

CVE-2026-35087

Slican telephone exchanges allow administrative protocol authentication bypass. An attacker can bypass the need to enter login credentials by executing the appropriate command. This issue was fixed in versions below: - NCP: version 1.24.0250 - IPx series: version 6.61.0040 - CCT-1668: version...

CVE-2026-35089

In Slican telephone exchanges secure key is generated in a predictable manner using properties of the telephone exchange which can be obtained without authentication. An unauthenticated attacker can deduce the secure key and obtain admin credentials. This issue was fixed in versions below: - IPx...

CVE-2026-35089

Slican telephone exchanges expose admin credentials because the secure key is generated predictably from exchange properties without authentication. CVE-2026-35089 (and CVE-2026-35087) describe an unauthenticated path to deduce the secure key and gain admin access. Remediations (per affected entr...

PT-2026-43699

Slican telephone exchanges allow administrative protocol authentication bypass. An attacker can bypass the need to enter login credentials by executing the appropriate command. This issue was fixed in versions below: - NCP: version 1.24.0250 - IPx series: version 6.61.0040 - CCT-1668: version...

SUSE SLES12 : Recommended update for initial livepatch (SUSE-SU-2026:1668-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1668-1 advisory. The SUSE Linux Enterprise 12 SP5 kernel was updated to fix various security issues The following security issues were fixed: - CVE-2024-26584:...

CVE-2026-1668

creationtimestamp| type| source ---|---|--- 2026-04-06 15:00:07+00:00| published-proof-of-concept| Telegram/ZajfVU0NVHMB2Muj4M-mvXlhnMSYm4sTiRiw7Ql6Q5T1ODA 2026-04-07 06:08:44+00:00| seen| https://bsky.app/profile/news.karthihegde.dev/post/3miv4isvlxc26 2026-04-07 06:20:04+00:00| seen|...

openSUSE Security Advisory (SUSE-SU-2026:0290-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES15 / openSUSE 15 Security Update : openvswitch3 (SUSE-SU-2026:0290-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0290-1 advisory. Update to v3.1.7: - CVE-2023-3966: openvswitch, openvswitch3: Invalid memory access in Geneve with HW offload...

SUSE: Security Advisory (SUSE-SU-2026:0280-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE Security Advisory (SUSE-SU-2026:0280-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2025-1668 School Management System – WPSchoolPress <= 2.2.16 - Missing Authorization to Arbitrary User Deletion

The School Management System – WPSchoolPress plugin for WordPress is vulnerable to arbitrary user deletion due to a missing capability check on the wpspDeleteUser function in all versions up to, and including, 2.2.16. This makes it possible for authenticated attackers, with teacher-level access a...

CVE-2025-1668 School Management System – WPSchoolPress <= 2.2.16 - Missing Authorization to Arbitrary User Deletion

The School Management System – WPSchoolPress plugin for WordPress is vulnerable to arbitrary user deletion due to a missing capability check on the wpspDeleteUser function in all versions up to, and including, 2.2.16. This makes it possible for authenticated attackers, with teacher-level access a...

CVE-2025-1668

CVE-2025-1668 concerns the WordPress plugin WPSchoolPress (School Management System) for versions

CVE-2024-1668

creationtimestamp| type| source ---|---|--- 2025-02-01 17:28:09+00:00| seen| Telegram/AoTLTjc-pDwXCW9fe6xRnloJelyxieDvjyZ1p0e5l0oAqYl...

Photon OS 4.0: Openvswitch PHSA-2023-4.0-0391

An update of the openvswitch package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-4.0-0391. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

CBL Mariner 2.0 Security Update: openvswitch (CVE-2023-1668)

The version of openvswitch installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2023-1668 advisory. - A flaw was found in openvswitch OVS. When processing an IP packet with protocol 0, OVS will install the...

RHEL 7 : openvswitch (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - openvswitch: limitation in the OVS packet parsing in userspace leads to DoS CVE-2020-35498 - openvswitch:...

CVE-2023-1668 affecting package openvswitch for versions less than 2.17.5-3

CVE-2023-1668 affecting package openvswitch for versions less than 2.17.5-3. A patched version of the package is available...

CVE-2024-1668

The Avada | Website Builder For WordPress & WooCommerce theme for WordPress is vulnerable to Sensitive Information Exposure in versions up to and including 7.11.5 via the form entries page. This makes it possible for authenticated attackers, with contributor access and above, to view the contents...