GHSA-95FX-JJR5-F39C jsPDF Vulnerable to Denial of Service (DoS) via Unvalidated BMP Dimensions in BMPDecoder

Impact User control of the first argument of the addImage method results in Denial of Service. If given the possibility to pass unsanitized image data or URLs to the addImage method, a user can provide a harmful BMP file that results in out of memory errors and denial of service. Harmful BMP file...

Race Condition

Overview jspdf is a PDF Document creation from JavaScript Affected versions of this package are vulnerable to Race Condition in the addJS function due to the use of a shared module-scoped variable for storing JavaScript content. An attacker can cause sensitive data intended for one user to be...

WordPress Slider Revolution plugin <= 6.7.11 - Authenticated (Author+) Stored Cross-Site Scripting via Add Layer class, id, and title Attributes vulnerability

Authenticated Author+ Stored Cross-Site Scripting via Add Layer class, id, and title Attributes vulnerability discovered by wesley wcraft in WordPress Plugin Slider Revolution versions = 6.7.10...

kernel: net: atlantic: fix fragment overflow handling in RX path

An out-of-bounds write vulnerability was found in the Aquantia Atlantic network driver in the Linux kernel. When receiving packets that span more than MAXSKBFRAGS 17 fragments, the driver writes beyond the skb fragment array bounds in skbaddrxfrag, causing kernel memory corruption and panic...

OPENSUSE-SU-2026:20148-1 Security update for dpdk

This update for dpdk fixes the following issues: Update to version 24.11.4. Security issues fixed: - CVE-2025-23259: issue in the Poll Mode Driver PMD allows an attacker on a VM in the system to leak information and cause a denial of service on the network interface bsc1254161. Other issues fixed...

CVE-2026-1117 Improper Access Control in parisneo/lollms

A vulnerability in the lollmsgenerationevents.py component of parisneo/lollms version 5.9.0 allows unauthenticated access to sensitive Socket.IO events. The addevents function registers event handlers such as generatetext, cancelgeneration, generatemsg, and generatemsgfrom without implementing...

CVE-2026-1738

A flaw has been found in Open5GS up to 2.7.6. The impacted element is the function sgwctunneladd of the file /src/sgwc/context.c of the component SGWC. Executing a manipulation of the argument pdr can lead to reachable assertion. The attack can be executed remotely. The exploit has been published...

PT-2026-5597

A flaw has been found in Open5GS up to 2.7.6. The impacted element is the function sgwc tunnel add of the file /src/sgwc/context.c of the component SGWC. Executing a manipulation of the argument pdr can lead to reachable assertion. The attack can be executed remotely. The exploit has been publish...

jsPDF 安全漏洞

jsPDF is a JavaScript-based PDF document generation library developed by Parallax. Versions of jsPDF prior to 4.1.0 contained a security vulnerability. This vulnerability stemmed from the first parameter of the addImage method, which allowed users to provide harmful BMP files, potentially leading...

Open5GS 安全漏洞

Open5GS is an open-source implementation of 5G Core and EPC in C language, which serves as the core network for LTE/NR networks. Versions of Open5GS 2.7.6 and earlier contain security vulnerabilities. These vulnerabilities stem from incorrect handling of the parameter pdr in the function...

EUVD-2021-34762

Ultimate POS 4.4 contains a persistent cross-site scripting vulnerability in the product name parameter that allows remote attackers to inject malicious scripts. Attackers can exploit the vulnerability through product add or edit functions to execute arbitrary JavaScript and potentially hijack us...

CVE-2021-47908

Ultimate POS 4.4 contains a persistent cross-site scripting vulnerability in the product name parameter that allows remote attackers to inject malicious scripts. Attackers can exploit the vulnerability through product add or edit functions to execute arbitrary JavaScript and potentially hijack us...

CVE-2021-47908 Ultimate POS 4.4 Persistent Cross-Site Scripting via Product Name

Ultimate POS 4.4 contains a persistent cross-site scripting vulnerability in the product name parameter that allows remote attackers to inject malicious scripts. Attackers can exploit the vulnerability through product add or edit functions to execute arbitrary JavaScript and potentially hijack us...

CVE-2026-1251

The SupportCandy – Helpdesk & Customer Support Ticket System plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 3.4.4 via the 'addreply' function due to missing validation on a user controlled key. This makes it possible for authenticated...

PT-2026-5554

Ultimate POS 4.4 contains a persistent cross-site scripting vulnerability in the product name parameter that allows remote attackers to inject malicious scripts. Attackers can exploit the vulnerability through product add or edit functions to execute arbitrary JavaScript and potentially hijack us...

CVE-2026-1251 SupportCandy – Helpdesk & Customer Support Ticket System <= 3.4.4 - Authenticated (Subscriber+) Insecure Direct Object Reference

The SupportCandy – Helpdesk & Customer Support Ticket System plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 3.4.4 via the 'addreply' function due to missing validation on a user controlled key. This makes it possible for authenticated...

CVE-2026-1251 SupportCandy – Helpdesk & Customer Support Ticket System <= 3.4.4 - Authenticated (Subscriber+) Insecure Direct Object Reference

The SupportCandy – Helpdesk & Customer Support Ticket System plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 3.4.4 via the 'addreply' function due to missing validation on a user controlled key. This makes it possible for authenticated...

EUVD-2019-19378

NetPCLinker 1.0.0.0 contains a buffer overflow vulnerability in the Clients Control Panel DNS/IP field that allows attackers to execute arbitrary shellcode. Attackers can craft a malicious payload in the DNS/IP input to overwrite SEH handlers and execute shellcode when adding a new client...

CVE-2020-37046

Sistem Informasi Pengumuman Kelulusan Online 1.0 contains a cross-site request forgery vulnerability that allows attackers to add unauthorized admin users through the tambahuser.php endpoint. Attackers can craft a malicious HTML form to submit admin credentials and create new administrative...

ShellExploit

This project is no longer supported PowerSploit is a col...