WordPress Advanced Product Fields (Product Addons) for WooCommerce plugin <= 1.6.19 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by daroo in WordPress Plugin Advanced Product Fields Product Addons for WooCommerce versions = 1.6.19...

Quantum Computers Are Not a Threat to 128-bit Symmetric Keys

The advancing threat of cryptographically-relevant quantum computers has made it urgent to replace currently-deployed asymmetric cryptography primitives—key exchange ECDH and digital signatures RSA, ECDSA, EdDSA—which are vulnerable to Shor’s quantum algorithm. It does not, however, impact existi...

USN-8183-1 linux-gcp, linux-gcp-6.17 vulnerabilities

Josh Eads, Kristoffer Janke, Eduardo Vela Nava, Tavis Ormandy, and Matteo Rizzo discovered that some AMD Zen processors did not properly verify the signature of CPU microcode. This flaw is known as EntrySign. A privileged attacker could possibly use this issue to cause load malicious CPU microcod...

Floating Point Divider State Sampling on AMD CPUs

CVE Details Refer to Glossary for explanation of terms CVE| CVE Description| CVSS Score ---|---|--- CVE-2025-54505| A transient execution vulnerability within AMD CPUs may allow a local, user-privileged attacker to leak data via the floating-point divisor unit, potentially resulting in a loss of...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007481)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007481 advisory. In the Linux kernel, the following vulnerability has been resolved: ALSA: seq: oss: Fix races at processing SysEx messages OSS sequencer handles the SysEx messages...

[SECURITY] Fedora 44 Update: kf6-ktextwidgets-6.25.0-1.fc44

KDE Frameworks 6 Tier 3 addon with advanced text edting widgets...

[SECURITY] Fedora 44 Update: kf6-kservice-6.25.0-1.fc44

KDE Frameworks 6 Tier 3 solution for advanced plugin and service introspection...

[SECURITY] Fedora 44 Update: kf6-kcompletion-6.25.0-1.fc44

KCompletion provides widgets with advanced completion support as well as a lower-level completion class which can be used with your own widgets...

poc

poc Collection of my PoC's for various vulnerabilities. L...

CVE-2025-54510

A missing lock verification in AMD Secure Processor ASP firmware may permit a locally authenticated attacker with administrative privileges to alter MMIO routing on some Zen 5-based products, potentially compromising guest system integrity...

AMD EPYC Processor 安全漏洞

The AMD EPYC Processor is a series of multi-core processors developed by American semiconductor company AMD. There is a security vulnerability in the AMD EPYC Processor, which stems from improper use of the boot service. This vulnerability may lead to privilege escalation and arbitrary code...

WordPress Advanced Custom Fields (ACF®) plugin <= 6.7.0 - Unauthenticated Missing Authorization to Arbitrary Post/Page Disclosure via AJAX Field Query Parameters vulnerability

Unauthenticated Missing Authorization to Arbitrary Post/Page Disclosure via AJAX Field Query Parameters vulnerability discovered by Fernando Mecozzi in WordPress Plugin Advanced Custom Fields versions = 6.7.0...

Important: Red Hat Security Advisory: Red Hat Advanced Cluster Management for Kubernetes v2.13.6 security update

Red Hat Advanced Cluster Management for Kubernetes 2.13 General Availability release images, which add new features and enhancements, bug fixes, and updated container images. Red Hat Advanced Cluster Management for Kubernetes 2.13 images Red Hat Advanced Cluster Management for Kubernetes provides...

CVE-2026-4812 Advanced Custom Fields (ACF®) <= 6.7.0 - Unauthenticated Missing Authorization to Arbitrary Post/Page Disclosure via AJAX Field Query Parameters

The Advanced Custom Fields ACF plugin for WordPress is vulnerable to Missing Authorization to Arbitrary Post/Page Disclosure in versions up to and including 6.7.0. This is due to AJAX field query endpoints accepting user-supplied filter parameters that override field-configured restrictions witho...

CVE-2026-4812

The Advanced Custom Fields ACF plugin for WordPress is vulnerable to Missing Authorization to Arbitrary Post/Page Disclosure in versions up to and including 6.7.0. This is due to AJAX field query endpoints accepting user-supplied filter parameters that override field-configured restrictions witho...

PT-2026-33003

Name of the Vulnerable Software and Affected Versions Advanced Custom Fields ACF plugin for WordPress versions prior to 6.7.1 Description The plugin contains a flaw where AJAX field query endpoints accept user-supplied filter parameters that override field-configured restrictions without proper...

WordPress plugin Advanced Custom Fields 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

CVE-2026-26178 Windows Advanced Rasterization Platform Elevation of Privilege Vulnerability

...

CVE-2026-26178

CVE-2026-26178 is a Windows Advanced Rasterization Platform Elevation of Privilege vulnerability with CVSS v3.1 base score 8.8 (HIGH). The issue is exploitable via NETWORK with LOW attack complexity and NONE privileges required, but it requires user interaction. Impact is rated HIGH for confident...

Important: Red Hat Security Advisory: Submariner v0.22 security fixes and container updates

Submariner v0.22 General Availability release images, which provide enhancements, security fixes, and updated container images. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...