3946 matches found
CVE-2026-32942
A flaw was found in PJSIP, a multimedia communication library. A remote attacker could exploit a heap use-after-free vulnerability in the Interactive Connectivity Establishment ICE session. This occurs due to race conditions between session destruction and callbacks, potentially allowing for...
CVE-2026-3550 RockPress <= 1.0.17 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Modification via AJAX Actions
The RockPress plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.0.17. This is due to missing capability checks on multiple AJAX actions rockpressimport, rockpressimportstatus, rockpresslastimport, rockpressresetimport, and rockpresscheckservices...
CVE-2026-3550
CVE-2026-3550 – RockPress (WordPress) vulnerability : RockPress
EUVD-2026-13520
PJSIP is a free and open source multimedia communication library written in C. Versions 2.16 and below contain a heap use-after-free vulnerability in the ICE session that occurs when there are race conditions between session destruction and the callbacks. This issue has been fixed in version 2.17...
CVE-2026-32939
DataEase is an open source data visualization analysis tool. Versions 2.10.19 and below have inconsistent Locale handling between the JDBC URL validation logic and the H2 JDBC engine's internal parsing. DataEase uses String.toUpperCase without specifying an explicit Locale, causing its security...
PT-2026-26591
The RockPress plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.0.17. This is due to missing capability checks on multiple AJAX actions rockpress import, rockpress import status, rockpress last import, rockpress reset import, and rockpress check...
CVE-2026-20074 Cisco IOS XR Software Multi-Instance Intermediate System-to-Intermediate System Denial of Service Vulnerability
A vulnerability in the Intermediate System-to-Intermediate System IS-IS multi-instance routing feature of Cisco IOS XR Software could allow an unauthenticated, adjacent attacker to cause the IS-IS process to restart unexpectedly. This vulnerability is due to insufficient input validation of ingre...
The Future of Iran’s Internet Is More Uncertain Than Ever
Iran’s internet shutdown has reduced connectivity by 99 percent, with air strikes likely causing additional outages, and few workarounds remaining...
Amazon Linux 2 : freerdp, --advisory ALAS2-2026-3166 (ALAS-2026-3166)
The version of freerdp installed on the remote host is prior to 2.11.7-1. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2026-3166 advisory. FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a malicious RDP server can trigger a...
CVE-2025-70828
An issue in Datart v1.0.0-rc.3 allows attackers to execute arbitrary code via the url parameter in the JDBC configuration...
CVE-2025-70828
An issue in Datart v1.0.0-rc.3 allows attackers to execute arbitrary code via the url parameter in the JDBC configuration...
CVE-2025-70829
An information exposure vulnerability in Datart v1.0.0-rc.3 allows authenticated attackers to access sensitive data via a custom H2 JDBC connection string...
datart 安全漏洞
Datart is an open-source data visualization platform developed by running-elephant. Version datart v1.0.0-rc.3 contains a security vulnerability. This vulnerability stems from the unchecked URL parameter in the JDBC configuration, which may allow attackers to execute arbitrary code...
CVE-2026-25994 PJSIP has a heap buffer overflow in ICE with long username
PJSIP is a free and open source multimedia communication library written in C. In 2.16 and earlier, a buffer overflow vulnerability exists in PJNATH ICE Session when processing credentials with excessively long usernames...
February 10, 2026—KB5077179 (OS Build 28000.1575)
February 10, 2026—KB5077179 OS Build 28000.1575 This cumulative update for Windows 11, version 26H1 KB5077179, includes the latest security fixes and improvements, along with non-security updates from last month’s optional preview release. To learn more about differences between security updates,...
Rockwell Automation ArmorStart LT Denial of Service Vulnerability (CNVD-2026-10854)
Rockwell Automation ArmorStart LT is a distributed motor controller from Rockwell Automation. A denial of service vulnerability exists in the Rockwell Automation ArmorStart LT, which originates from a device losing ICMP connectivity while performing a Burp Suite active scan, and can be exploited ...
CVE-2025-9278
A security issue exists within ArmorStart® LT that can result in a denial-of-service condition. After running a Burp Suite active scan, the device loses ICMP connectivity, causing the web application to become inaccessible...
CVE-2025-9278
ArmorStart® LT is affected by CVE-2025-9278, with a denial-of-service condition triggered by probes such as a Burp Suite active scan that causes the device to lose ICMP connectivity and render the web application inaccessible. The vulnerability is documented across multiple feeds (NVD, Red Hat, C...
CVE-2025-9278 ArmorStart® LT - Multiple Denial-of-Service Vulnerabilities
A security issue exists within ArmorStart® LT that can result in a denial-of-service condition. After running a Burp Suite active scan, the device loses ICMP connectivity, causing the web application to become inaccessible...
A Survey of Security Challenges and Solutions for Advanced Air Mobility and EVTOL Aircraft
This survey reviews the existing and envisioned security vulnerabilities and defense mechanisms relevant to Advanced Air Mobility AAM systems, with a focus on electric vertical takeoff and landing eVTOL aircraft. Drawing from vulnerabilities in the avionics in commercial aviation and the automate...