EUVD-2026-11742

wpDiscuz before 7.6.47 contains a shortcode injection vulnerability that allows attackers to execute arbitrary shortcodes by including them in comment content sent via email notifications. Attackers can inject shortcodes like contact-form-7 or usermeta in comments, which are executed server-side...

SUSE-SU-2026:0438-1 Security update for ImageMagick

This update for ImageMagick fixes the following issues: - CVE-2026-22770: improper pointer initialization can cause denial of service bsc1256969. - CVE-2026-23874: manipulation of digital images can lead to stack overflow bsc1256976. - CVE-2026-23876: maliciously crafted image can lead to heap...

CVE-2021-33641

When processing files, malloc stores the data of the current line. When processing comments, malloc incorrectly accesses the released memory use after free...

The vulnerability of CKEditor’s WYSIWYG editor, related to the lack of measures taken to protect the structure of web pages, allows attackers to compromise data integrity.

The vulnerability of the CKEditor WYSIWYG editor is related to the incorrect processing of the “--!” comment. Exploiting this vulnerability may allow an attacker to compromise the integrity of the data...

The vulnerability of the enterprise automation system 1C:Enterprise allows a malicious individual to trigger service failures or execute arbitrary codes.

The automation system of the enterprise 1C:Enterprise contains a vulnerability in the Fast Infoset decoder of the XML document handling library xml2.dll. A malicious individual, by manipulating input data, can set the Fast Infoset decoder to the CIIUTF8LARGELENGTH state for processing a single...