CVE-2026-6211 Arbitrary File Upload in Global IT's WEOLL

Unrestricted upload of file with dangerous type vulnerability in Global IT Informatics Services Inc. WEOLL allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects WEOLL: from 2.0.9 before 3.2.45.33...

CVE-2022-41656

Missing Authorization vulnerability in Bizswoop Account Manager for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Account Manager for WooCommerce: from n/a through 2.1.2...

APPYAP Yaay Social Media App 安全漏洞

APPYAP Yaay Social Media App is a mobile social application developed by the Turkish company APPYAP. It supports sharing short videos and social interactions. There are security vulnerabilities in the version 3.8.0 to 24102025 of the APPYAP Yaay Social Media App. These vulnerabilities stem from...

Yordam Library Automation System 安全漏洞

Yordam Library Automation System is an application developed by Yordam Corporation. Versions of the Yordam Library Automation System from v.19.5 to v.22.1 contained security vulnerabilities. These vulnerabilities were caused by incorrect authorization settings, which could lead to exploitation of...

WordPress plugin Preschool and Kindergarten 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There ar...

PT-2026-4216

Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Curly curly allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Curly: from n/a through = 3.3...

WordPress plugin TaxCloud for WooCommerce has security vulnerabilities

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be added to a...

EUVD-2025-203590

Missing Authorization vulnerability in WP Compress WP Compress for MainWP wp-compress-mainwp allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Compress for MainWP: from n/a through = 6.50.07...

ROS-20251124-11

A vulnerability in the Libraries component of Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK and Oracle Java SE software platform is related to access control weaknesses. Exploitation of the vulnerability could allow an attacker acting remotely to impact data integrity...

ROS-20251124-14

A vulnerability in the Security component of Oracle GraalVM Enterprise Edition virtual machines, Oracle GraalVM for JDK and Oracle Java SE software platform is related to access control weaknesses. Exploitation of the vulnerability could allow an attacker acting remotely to gain access to read,...

ROS-20250828-04

A vulnerability in the Moodle virtual learning environment is related to insufficient cleanup of data provided by the by the user in the calendar event header when the event is deleted. Exploitation of the vulnerability could allow A remote attacker to perform cross-site scripting attacks A...

The vulnerability of PackageKit for macOS operating systems, which allows a hacker to trigger a service failure.

The vulnerability of PackageKit for macOS operating systems is related to access control deficiencies. Exploiting this vulnerability can allow an attacker to cause service failures...

The vulnerability of the Framework component in Android operating systems, which allows a hacker to increase their privileges

The vulnerability of the Framework component in Android operating systems is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to enhance their privileges...

The vulnerability of the microprogrammed software of D-Link DIR-823-Pro wireless routers allows a intruder to gain unauthorized access to Telnet services.

The vulnerability of D-Link DIR-823-Pro wireless routers’ microprogramming software is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to gain unauthorized access to Telnet services...

The vulnerability of the Oracle Solaris operating system’s file system allows a perpetrator to gain full control over the application.

The vulnerability of the Oracle Solaris operating system’s file system is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to gain full control over the application...

The vulnerability of Notepad++ installer allows a hacker to elevate their privileges and write arbitrary files.

The vulnerability of the Notepad++ text editor is related to deficiencies in access control, resulting from uncontrolled access to search paths. Exploiting this vulnerability can allow attackers to enhance their privileges and write arbitrary files...

The vulnerability of the Task Scheduler in Windows operating systems allows a malicious individual to escalate their privileges.

The vulnerability of the Task Scheduler in Windows operating systems is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to increase their privileges...

The vulnerability of the Local Security Authority (LSA) service on Windows operating systems allows a perpetrator to trigger a service failure.

The vulnerability of the Local Security Authority LSA service on Windows operating systems is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious actor to cause a service failure...

The vulnerability of the Update Handler component in Mozilla Firefox, Mozilla Firefox ESR, and the Mozilla Thunderbird email client allows a hacker to escalate their privileges.

The vulnerability of the Update Handler component in Mozilla Firefox, Mozilla Firefox ESR, and the email client Mozilla Thunderbird is related to access control deficiencies. Exploiting this vulnerability can allow an attacker to enhance their privileges remotely...

The vulnerability in the Accessibility component of operating system frameworks like iPadOS, iOS, and MacOS allows attackers to disclose protected information.

The vulnerability of the Accessibility component in iPadOS, iOS, and MacOS is related to deficiencies in access control. Exploiting this vulnerability can allow attackers to disclose protected information...