9740 matches found
PT-2026-22337
Name of the Vulnerable Software and Affected Versions KNOWHY Advanced Technology Trading Ltd. Co. EduAsist versions through 27022026 Description EduAsist is susceptible to a Reflected Cross-site Scripting XSS issue due to improper neutralization of input during web page generation. This allows an...
PT-2026-22388
Name of the Vulnerable Software and Affected Versions Group-Office versions prior to 26.0.8 Group-Office versions prior to 25.0.87 Group-Office versions prior to 6.8.153 Description The software has a SQL Injection issue that can be exploited through the advancedQueryData parameter, specifically...
CVE-2026-1929
The Advanced Woo Labels plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.37. This is due to the use of calluserfuncarray with user-controlled callback and parameters in the getselectoptionvalues AJAX handler without an allowlist of permitted...
WordPress Advanced Woo Labels plugin <= 2.37 - Authenticated (Contributor+) Remote Code Execution via 'callback' Parameter vulnerability
Authenticated Contributor+ Remote Code Execution via 'callback' Parameter vulnerability discovered by Osvaldo Noe Gonzalez Del Rio Os - cyberdogzmarketing.com | krei.dev | ogbuilders.io in WordPress Plugin Advanced Woo Labels versions = 2.36...
A High-Throughput AES-GCM Implementation on GPUs for Secure, Policy-Based Access to Massive Astronomical Catalogs
The era of large astronomical surveys generates massive image catalogs requiring efficient and secure access, particularly during pre-publication periods where data confidentiality and integrity are paramount. While Findable, Accessible, Interoperable, and Reusable FAIR principles guide the...
AMD Processors 安全漏洞
AMD Processors are a series of processors developed by American semiconductor company AMD. There are security vulnerabilities in AMD Processors, which stem from improper handling of direct memory writing by the input/output memory management unit. This can allow malicious client virtual machines ...
Security Bulletin: MongoDB Enterprised Advanced affected by: Use of Insufficiently Random Values vulnerability (CVE-2025-7783)
Summary There is 1 vulnerability in form-data-2.3.3.tgz used in MongoDB Enterprised Advanced for IBM, involving CVE-2025-7783. The vulnerability has been addressed. Vulnerability Details CVEID:CVE-2025-7783 DESCRIPTION: Use of Insufficiently Random Values vulnerability in form-data allows HTTP...
Security Bulletin: Security vulnerabilities may affect IBM Java shipped with IBM CICS TX Advanced
Summary Security vulnerabilities may affect IBM Java shipped with IBM CICS TX Advanced. An update to IBM CICS TX Advanced has been released to address these vulnerabilities. Vulnerability Details CVEID:CVE-2026-1188 DESCRIPTION: In the Eclipse OMR port library component since release 0.2.0, an AP...
EUVD-2026-8631
The Advanced Woo Labels plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.37. This is due to the use of calluserfuncarray with user-controlled callback and parameters in the getselectoptionvalues AJAX handler without an allowlist of permitted...
CVE-2026-1929
The Advanced Woo Labels plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.37. This is due to the use of calluserfuncarray with user-controlled callback and parameters in the getselectoptionvalues AJAX handler without an allowlist of permitted...
WordPress Advanced Woo Labels plugin <= 2.36 - Remote Code Execution (RCE) vulnerability
Remote Code Execution RCE vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin Advanced Woo Labels versions = 2.36...
CVE-2026-1929
The CVE-2026-1929 entry describes a Remote Code Execution in the WordPress plugin Advanced Woo Labels (vulnerable up to and including 2.37). The issue arises in the AJAX handler (get_select_option_values) where the code calls call_user_func_array() with a user-controlled callback and parameters, ...
CVE-2026-1929 Advanced Woo Labels <= 2.37 - Authenticated (Contributor+) Remote Code Execution via 'callback' Parameter
The Advanced Woo Labels plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.37. This is due to the use of calluserfuncarray with user-controlled callback and parameters in the getselectoptionvalues AJAX handler without an allowlist of permitted...
CVE-2026-1929 Advanced Woo Labels <= 2.37 - Authenticated (Contributor+) Remote Code Execution via 'callback' Parameter
The Advanced Woo Labels plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.37. This is due to the use of calluserfuncarray with user-controlled callback and parameters in the getselectoptionvalues AJAX handler without an allowlist of permitted...
PT-2026-21888
Name of the Vulnerable Software and Affected Versions Advanced Woo Labels versions prior to 2.3 Description The Advanced Woo Labels plugin for WordPress is susceptible to Remote Code Execution due to the use of call user func array with user-controlled callback and parameters in the get select...
WordPress plugin Advanced Woo Labels 代码注入漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Versions...
Security Bulletin: MongoDB Enterprised Advanced affected by: Allocation of Resources Without Limits or Throttling vulnerability (CVE-2025-8885)
Summary There is a vulnerability in bc-fips-1.0.2.5.jar used in MongoDB Enterprised Advanced for IBM, involving CVE-2025-8885. The vulnerability has/vulnerabilities have been addressed. Vulnerability Details CVEID:CVE-2025-8885 DESCRIPTION: Allocation of Resources Without Limits or Throttling...
Security Bulletin: Improper neutralization of null bytes may lead to buffer over-reads in MongoDB Server affecting MongoDB Enterprised Advanced (CVE-2024-10921)
Summary There is a vulnerability in MongoDB Server used in MongoDB Enterprised Advanced for IBM, involving improper neutralization of null bytes may lead to buffer over-reads in MongoDB Server. The vulnerability has been addressed. Vulnerability Details CVEID:CVE-2024-10921 DESCRIPTION: An...
Security Bulletin: Vulnerabilities in netty-codec-4.1.124.Final.jar, netty-codec-http-4.1.108.Final.jar, netty-codec-http2-4.1.124.Final.jar affecting MongoDB Enterprised Advanced (CVE-2025-58056, CVE-2025-58057, CVE-2025-67735)
Summary There are vulnerabilities in netty-codec-4.1.124.Final.jar, netty-codec-http-4.1.108.Final.jar, netty-codec-http2-4.1.124.Final.jar used in MongoDB Enterprised Advanced for IBM, involving CVE-2025-58056, CVE-2025-58057, CVE-2025-67735. The vulnerabilities have been addressed. Vulnerabilit...
Security Bulletin: Vulnerabilities in COMPONENT_NAME_HERE affecting MongoDB Enterprised Advanced (CVE-2024-29371)
Summary There is a vulnerability in jose4j-0.9.4.jar used in MongoDB Enterprised Advanced for IBM, involving CVE-2024-29371. The vulnerability has been addressed. Vulnerability Details CVEID:CVE-2024-29371 DESCRIPTION: In jose4j before 0.9.6, an attacker can cause a Denial-of-Service DoS conditio...