72 matches found
CVE-2026-27346 WordPress B2BKing plugin < 5.2.10 - Broken Access Control vulnerability
Missing Authorization vulnerability in Kings Plugins B2BKing allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects B2BKing: from n/a before 5.2.10...
EUVD-2026-31757
Missing Authorization vulnerability in Kings Plugins B2BKing allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects B2BKing: from n/a before 5.2.10...
CVE-2026-27346 WordPress B2BKing plugin < 5.2.10 - Broken Access Control vulnerability
Missing Authorization vulnerability in Kings Plugins B2BKing allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects B2BKing: from n/a before 5.2.10...
WordPress B2BKing plugin < 5.2.10 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Phat RiO in WordPress Plugin B2BKing versions 5.2.10...
PT-2026-43139
Name of the Vulnerable Software and Affected Versions B2BKing versions prior to 5.2.10 Description A missing authorization issue allows for the exploitation of incorrectly configured access control security levels. This is a broken access control flaw where the system fails to properly verify if ...
WordPress plugin B2BKing 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
GHSA-R5J5-Q42H-FC93 Mautic is Vulnerable to SQL Injection through Contact Activity API Sorting
Summary This advisory addresses a SQL Injection vulnerability in the API endpoint used for retrieving contact activities. A vulnerability exists in the query construction for the Contact Activity timeline where the parameter responsible for determining the sort direction was not strictly validate...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004398)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004398 advisory. In the Linux kernel before 5.2.10, there is a race condition bug that can be caused by a malicious USB device in the USB character device driver layer, aka...
Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004416)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004416 advisory. In the Linux kernel before 5.2.10, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/class/cdc-acm.c driver, aka...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000467)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000467 advisory. In the Linux kernel before 5.2.10, there is a race condition bug that can be caused by a malicious USB device in the USB character device driver layer, aka...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000198)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000198 advisory. In the Linux kernel before 5.2.10, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/hid/usbhid/hiddev.c driver, aka...
EUVD-2023-0354
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2018-2830
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. Supported versions that are affected are Prior to 5.1.36 and...
Linux Distros Unpatched Vulnerability : CVE-2018-2842
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. Supported versions that are affected are Prior to 5.1.36 and...
Linux Distros Unpatched Vulnerability : CVE-2018-2831
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. Supported versions that are affected are Prior to 5.1.36 and...
Linux Distros Unpatched Vulnerability : CVE-2018-2860
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. Supported versions that are affected are Prior to 5.1.36 and...
Linux Distros Unpatched Vulnerability : CVE-2018-2836
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. Supported versions that are affected are Prior to 5.1.36 and...
CVE-2014-8295
SQL injection vulnerability in joblogs.php in Bacula-Web 5.2.10 allows remote attackers to execute arbitrary SQL commands via the jobid parameter...
CVE-2024-11391
The Advanced File Manager plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation via the 'classfmaconnector.php' file in all versions up to, and including, 5.2.10. This makes it possible for authenticated attackers, with Subscriber-level access and above,...
PT-2024-16954 · WordPress · Advanced File Manager
Name of the Vulnerable Software and Affected Versions: Advanced File Manager plugin for WordPress versions up to and including 5.2.10 Description: The issue arises from missing file type validation via the 'class fma connector.php' file, allowing authenticated attackers with Subscriber-level acce...