410 matches found
CVE-2026-25439
Unauthenticated Broken Authentication in Booknetic = 4.8.5 versions...
CVE-2026-48883
Unauthenticated Broken Access Control in WPC Product Bundles for WooCommerce = 8.5.3 versions...
ROOT-OS-UBUNTU-2204-CVE-2026-23085 CVE-2026-23085 in rootio-linux - Patched by Root
Root has patched CVE-2026-23085 in the rootio-linux package for Root:Ubuntu:22.04. Multiple fixed versions available...
PT-2026-49488
Unauthenticated Broken Access Control in WPC Product Bundles for WooCommerce = 8.5.3 versions...
CVE-2026-20260
In Splunk SOAR Security Orchestration, Automation, and Response versions below 8.5.0, an unauthenticated attacker could inject American National Standards Institute ANSI escape codes into SOAR application log files through specially crafted HTTP request paths, which a terminal emulator might...
MINI-GW72-97XX-8PV5
Bulletin has no description...
EUVD-2026-32922
TinyMCE Cross-Site Scripting XSS vulnerability using media plugin data-mce-object injection...
CVE-2026-9170
IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service and a potential remote code execution due to improper input validation...
CVE-2026-8852
IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service via the optional module modfastcgi module...
CVE-2026-34184
Hydrosystem Control System does not enforce authorization for some directories. This allows an unauthorized attacker to read all files in these directories and even execute some of them. Critically the attacker could run PHP scripts directly on the connected database.This issue was fixed in...
CVE-2026-4857
IdentityIQ 8.5, all IdentityIQ 8.5 patch levels prior to 8.5p2, IdentityIQ 8.4, and all IdentityIQ 8.4 patch levels prior to 8.4p4 allow authenticated users assigned the Debug Pages Read Only capability or any custom capability with the ViewAccessDebugPage SPRight to incorrectly create new...
CVE-2026-8633
IBM Web Server Plug-ins for WebSphere Application Server and WebSphere Liberty 8.5, 9.0 IBM WebSphere Application Server and WebSphere Application Server Liberty are vulnerable to remote code execution in the Web Server Plug-ins, through a specially crafted request...
PHP 8.5.x < 8.5.7 Multiple Vulnerabilities
The version of PHP installed on the remote host is prior to 8.5.7. It is, therefore, affected by multiple vulnerabilities as referenced in the Version 8.5.7 advisory. - In uriparser before 1.0.2, the function family EqualsUri can misclassify two unequal URIs as equal. CVE-2026-44928 - In uriparse...
CVE-2026-9319 IBM WebSphere Application Server is affected by a remote code execution vulnerability
IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to potential remote code execution due to deserialization of untrusted data via JAX-WS endpoints with WS-Security...
CVE-2026-9319
IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to potential remote code execution due to deserialization of untrusted data via JAX-WS endpoints with WS-Security...
CVE-2026-9311 IBM WebSphere Application Server is affected by remote code execution
IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to remote code execution caused by the bypass of security controls...
CVE-2026-9311 IBM WebSphere Application Server is affected by remote code execution
IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to remote code execution caused by the bypass of security controls...
EUVD-2026-33735
IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to remote code execution caused by the bypass of security controls...
CVE-2026-9311
IBM WebSphere Application Server 9.0 and 8.5 are affected by a remote code execution vulnerability (CVE-2026-9311) caused by bypassing security controls. The IBM bulletin assigns CVSS v3.1 base score 9.0 (CRITICAL) with network attack vector, high attack complexity, no privileges required, and re...
CVE-2026-8644 IBM WebSphere Application Server is affected by an identity spoofing vulnerability
IBM WebSphere Application Server 9.0, and 8.5 is vulnerable to identity spoofing...