CVE-2026-32291

creationtimestamp| type| source ---|---|--- 2026-03-18 17:04:14+00:00| seen| https://t.me/truesecator/8008...

CVE-2026-32291 GL-iNet Comet (GL-RM1) KVM unauthenticated root access via UART serial console

The GL-iNet Comet GL-RM1 KVM before 1.8.2 does not require authentication on the UART serial console. This attack requires physically opening the device and connecting to the UART pins...

CVE-2026-32291

The CVE-2026-32291 issue affects GL-iNet Comet KVM (GL-RM1) prior to firmware 1.8.2, where the UART serial console does not require authentication. An attacker with physical access can connect to UART pins to gain root-level access. The Red Hat and ENISA entries corroborate this UART-authenticati...

CVE-2025-32291

creationtimestamp| type| source ---|---|--- 2025-06-09 16:56:13+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/17709...

CVE-2025-32291 WordPress SUMO Affiliates Pro plugin < 11.1.0 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in FantasticPlugins SUMO Affiliates Pro affs allows Using Malicious Files.This issue affects SUMO Affiliates Pro: from n/a through 11.1.0...

CVE-2025-32291 WordPress SUMO Affiliates Pro plugin < 11.1.0 - Arbitrary File Upload vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in FantasticPlugins SUMO Affiliates Pro affs allows Using Malicious Files.This issue affects SUMO Affiliates Pro: from n/a through 11.1.0...

WordPress SUMO Affiliates Pro plugin < 11.1.0 - Arbitrary File Upload vulnerability

Arbitrary File Upload vulnerability discovered by Anhchangmutrang in WordPress Plugin SUMO Affiliates Pro versions 11.1.0...

CVE-2022-32291

In Real Player through 20.1.0.312, attackers can execute arbitrary code by placing a UNC share pathname for a DLL file in a RAM file...

CVE-2024-32291

CVE-2024-32291 affects Tenda W30E v1.0 firmware v1.0.1.25(633): the fromNatlimit function suffers a stack overflow triggered via the page parameter due to inadequate input length validation. This vulnerability can lead to a denial of service with high impact on availability (CVE metrics show NETW...

CVE-2023-32291

CVE-2023-32291 (MonsterInsights Pro) : A stored XSS exists in MonsterInsights Pro versions up to and including 8.14.1 due to improper input neutralization during web page generation. The issue affects the plugin when handling user-supplied data and can lead to stored script execution. The vulnera...

WordPress MonsterInsights Pro Plugin <= 8.14.1 is vulnerable to Cross Site Scripting (XSS)

Software MonsterInsights Pro Type Plugin Vulnerable versions = 8.14.1 Fixed in 8.15 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-32291 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 1c1883d581be Credits Rafie Muhammad...

CVE-2022-32291

In Real Player through 20.1.0.312, attackers can execute arbitrary code by placing a UNC share pathname for a DLL file in a RAM file...

CVE-2022-32291

CVE-2022-32291 affects RealPlayer up to version 20.1.0.312. An attacker can execute arbitrary code by placing a UNC share pathname (for a DLL file) in a RAM file, triggering code execution on affected systems. Multiple sources (NVD entry) corroborate the impact and condition. The connected docume...