CVE-2026-24950 WordPress Authorsy plugin <= 1.0.6 - Insecure Direct Object References (IDOR) vulnerability

Authorization Bypass Through User-Controlled Key vulnerability in themeplugs Authorsy authorsy allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Authorsy: from n/a through = 1.0.6...

ROS-20250729-04

A vulnerability in the JSSE component of the Oracle Java SE software platform, Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is associated with access control errors. JDK and Oracle GraalVM Enterprise Edition virtual machines is related to access control errors...

The vulnerability of Android operating systems’ isemtelephony services allows attackers to gain unauthorized access to protected information.

The vulnerability of IsemTelephony operating systems for Android is related to access control errors. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

The vulnerability of the LeAudioService service in Android operating systems allows a hacker to gain access to read and modify data.

The vulnerability of the LeAudioService service on Android operating systems is related to access control errors. Exploiting this vulnerability can allow an attacker to gain access to read and modify data...

The vulnerability of the user interface of Juniper Networks Junos OS allows a attacker to trigger a service failure.

The vulnerability of the user interface of Juniper Networks Junos OS is related to access control errors. Exploiting this vulnerability can allow a perpetrator to cause service interruptions...

The vulnerability of the JDBC component of the Oracle Database Server database management system allows a perpetrator to gain unauthorized access to protected information.

The vulnerability of the JDBC component of the Oracle Database Server management database system is related to access control errors. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

The vulnerability of the Windows Microsoft PC Manager software for maintenance, cleaning, and security operations is related to access control errors, which allow attackers to escalate their privileges.

The vulnerability of the Windows Microsoft PC Manager software for maintenance, cleaning, and security operations is related to access control errors. Exploiting this vulnerability can allow attackers to increase their privileges...

The vulnerability of the “Tekon” SCADA system, related to errors in access control, allows a intruder to gain unauthorized access to protected information.

The vulnerability of the “Tekon” SCADA system, related to access control errors. Exploiting this vulnerability could allow an intruder operating remotely to gain unauthorized access to protected information...

The vulnerability of the OpenConfig.Set command in the Arist EOS operating system allows a hacker to gain unauthorized access to protected information.

The vulnerability of the OpenConfig.Set command in the Arist EOS operating system is related to access control errors. Exploiting this vulnerability could allow a malicious actor to gain unauthorized access to protected information...

The vulnerability of the OpenConfig.Set command in the Arist EOS operating system allows a attacker to influence the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the OpenConfig.Set command in the Arist EOS operating system is related to access control errors. Exploiting this vulnerability could allow a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information...

The vulnerability of software platforms for developing and managing online stores like Magento Open Source, Adobe Commerce, and Adobe Commerce B2B, related to access control errors, allows attackers to escalate their privileges.

The vulnerabilities of software platforms for developing and managing online stores like Magento Open Source, Adobe Commerce, and Adobe Commerce B2B are related to access control errors. Exploiting these vulnerabilities can allow attackers to enhance their privileges remotely...

The vulnerability of the Windows operating system’s Storage Port Driver allows attackers to disclose sensitive information that is protected by this system.

The vulnerability of the Windows operating system’s Storage Port Driver is related to access control errors. Exploiting this vulnerability can allow an attacker to disclose protected information...

ROS-20250619-15

A software vulnerability in the Grafana monitoring and surveillance platform is related to a vulnerability in the of the XY Chart plugin to DOM XSS. Exploitation of the vulnerability could allow an attacker acting remotely, execute arbitrary code Grafana monitoring and surveillance platform...

The vulnerability of embedded Qualcomm microprogramming software, related to access control errors, allows attackers to damage memory.

The vulnerability of embedded Qualcomm software programs is related to access control errors. Exploiting this vulnerability can allow attackers to damage memory...

The vulnerability of the Attachments component in the iSupplier Portal application of the Oracle E-Business Suite allows a perpetrator to disclose protected information.

The vulnerability of the Attachments component in the iSupplier Portal application of the Oracle E-Business Suite is related to access control errors. Exploiting this vulnerability could allow a malicious actor to disclose sensitive information using the HTTP protocol...

The vulnerability of the Grafana monitoring and observation platform, related to access control errors, allows a violator to disrupt the operation of the program.

The vulnerability of the Grafana monitoring and observation platform is related to access control errors. Exploiting this vulnerability could allow a malicious actor to disrupt the program’s operation by deleting the server administrator’s account...

The vulnerability of operating systems iPadOS and iOS, related to access control errors, allows attackers to disclose confidential information.

The vulnerability of iPadOS and iOS operating systems is related to access control errors. Exploiting this vulnerability can allow a malicious actor to disclose confidential information by connecting to the device...

ROS-20250514-01

A vulnerability in the iiosimpledummytriggerh function of driver drivers/iio/dummy/iiosimpledummybuffer.c of the Linux kernel's IIO stub driver support is related to the use of an uninitialized resource. an uninitialized resource. Exploitation of the vulnerability could allow an attacker to gain...

The vulnerability of D-Link DIR-618 and DIR-605L router microprogramming software allows a hacker to execute arbitrary code.

The vulnerability of D-Link DIR-618 and DIR-605L router microprogramming software is related to access control errors. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the /goform/formTcpipSetup function in D-Link DIR-618 and DIR-605L router microprogramming software allows a hacker to execute arbitrary code.

The vulnerability of the /goform/formTcpipSetup function in D-Link DIR-618 and DIR-605L router microprogramming software is related to access control errors. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...