CVE-2026-31266

Craft CMS 5.9.5 and earlier contains a Missing Authorization vulnerability in the migrate endpoint /actions/app/migrate...

CVE-2026-31266

Craft CMS 5.9.5 and earlier contains a Missing Authorization vulnerability in the migrate endpoint /actions/app/migrate...

CVE-2026-30289

An arbitrary file overwrite vulnerability in Tinybeans Private Family Album App v5.9.5-prod allows attackers to overwrite critical internal files via the file import process, leading to arbitrary code execution or information exposure...

Unity Linux 20.1060a / 20.1070a Security Update: net-snmp (UTSA-2026-005913)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005913 advisory. net-snmp is a SNMP application library, tools and daemon. Prior to versions 5.9.5 and 5.10.pre2, a specially crafted packet to an net-snmp snmptrapd daemon can cause...

TencentOS Server 4: net-snmp (TSSA-2026:0003)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0003 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

ALPINE-CVE-2025-68615

net-snmp is a SNMP application library, tools and daemon. Prior to versions 5.9.5 and 5.10.pre2, a specially crafted packet to an net-snmp snmptrapd daemon can cause a buffer overflow and the daemon to crash. This issue has been patched in versions 5.9.5 and 5.10.pre2...

AZL-72901 CVE-2025-68615 affecting package net-snmp for versions less than 5.9.5.2-1

net-snmp is a SNMP application library, tools and daemon. Prior to versions 5.9.5 and 5.10.pre2, a specially crafted packet to an net-snmp snmptrapd daemon can cause a buffer overflow and the daemon to crash. This issue has been patched in versions 5.9.5 and 5.10.pre2...

CVE-2025-68615 Net-SNMP snmptrapd crash

net-snmp is a SNMP application library, tools and daemon. Prior to versions 5.9.5 and 5.10.pre2, a specially crafted packet to an net-snmp snmptrapd daemon can cause a buffer overflow and the daemon to crash. This issue has been patched in versions 5.9.5 and 5.10.pre2...

CVE-2025-49917 WordPress Icegram Express Pro plugin <= 5.9.5 - Server Side Request Forgery (SSRF) vulnerability

Server-Side Request Forgery SSRF vulnerability in Icegram Icegram Express Pro email-subscribers-premium allows Server Side Request Forgery.This issue affects Icegram Express Pro: from n/a through = 5.9.5...

Diebold Nixdorf Vynamic View Console 信息泄露漏洞

Diebold Nixdorf Vynamic View Console is a Diebold Nixdorf system that allows remote changes to all PC-based devices via Intel Active Management Technology AMT BIOS management. An information disclosure vulnerability exists in Diebold Nixdorf Vynamic View Console versions prior to 5.9.5, which ste...

Diebold Nixdorf Vynamic View Console 代码问题漏洞

Diebold Nixdorf Vynamic View Console is a Diebold Nixdorf system that allows remote changes to all PC-based devices via Intel Active Management Technology AMT BIOS management. A code issue vulnerability exists in Diebold Nixdorf Vynamic View Console versions prior to 5.9.5 that stems from an...

Important: Red Hat Security Advisory: security update Logging for Red Hat OpenShift - 5.9.6

Important Logging for Red Hat OpenShift - 5.9.6 Logging for Red Hat OpenShift - 5.9.6 cluster-logging-rhel9-operator: compat-openssl11CVE-2023-0286...

WordPress plugin Event post path traversal vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A path traversal...

WordPress Event post Plugin <= 5.9.5 is vulnerable to Local File Inclusion

Software Event post Type Plugin Vulnerable versions = 5.9.5 Fixed in 5.9.6 OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2024-38735 Patch priority High CVSS severity High 7.5 Developer Claim ownership PSID 3e99c6808576 Credits Emili Castells Required privilege...

PT-2024-11905 · Unknown +2 · Strongswan +2

Name of the Vulnerable Software and Affected Versions: strongSwan versions 5.9.2 through 5.9.5 Description: The issue is related to authorization bypass through improper validation of certificates with host mismatch. When certificates are used to authenticate clients in TLS-based EAP methods, the...

Fedora 35 : wordpress (2022-35ce8ecede)

The remote Fedora 35 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-35ce8ecede advisory. WordPress 5.9.5 Security Release Security updates included in this release Stored XSS via wp-mail.php post by email Toshitsugu Yoneyama of Mitsui Bussan Secu...

CVE-2021-45079 affecting package strongswan for versions less than 5.9.5-1

CVE-2021-45079 affecting package strongswan for versions less than 5.9.5-1. An upgraded version of the package is available that resolves this issue...

CVE-2021-41991 affecting package strongswan for versions less than 5.9.5-1

CVE-2021-41991 affecting package strongswan for versions less than 5.9.5-1. An upgraded version of the package is available that resolves this issue...

WordPress events-manager plugin cross-site scripting vulnerability (CNVD-2020-28770)

WordPress is the WordPress Foundation's set of blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. events-manager is an events management plugin used in it. Cross-site scripting vulnerability exists in WordPress events-manager...

Debian DLA-1854-1 : libonig security update

A use-after-free in onignewdeluxe in regext.c allows attackers to potentially cause information disclosure, denial of service, or possibly code execution by providing a crafted regular expression. The attacker provides a pair of a regex pattern and a string, with a multi-byte encoding that gets...