CVE-2026-22343 WordPress WordPress Dating Theme theme <= 11.2.0 - Broken Access Control vulnerability

Unauthenticated Broken Access Control in WordPress Dating Theme = 11.2.0 versions...

Security update for glusterfs (important)

openSUSE Security Update: Security update for glusterfs Announcement ID: openSUSE-SU-2026:0104-1 Rating: important References: 1208517 1208519 1210894 1212476 Cross-References: CVE-2022-48340 CVE-2023-26253 CVSS scores: CVE-2022-48340 SUSE: 7.5 CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H...

CVE-2026-21365

Substance3D - Painter versions 11.1.2 and earlier are affected by an out-of-bounds read vulnerability that could lead to memory exposure. An attacker could leverage this vulnerability to access sensitive information stored in memory. Exploitation of this issue requires user interaction in that a...

CVE-2026-21364 Substance3D - Painter | NULL Pointer Dereference (CWE-476)

Substance3D - Painter versions 11.1.2 and earlier are affected by a NULL Pointer Dereference vulnerability that could lead to application denial-of-service. An attacker could exploit this vulnerability to crash the application, causing disruption to services. Exploitation of this issue requires...

DoS (Denial of Service) ansi-regex Dependency in Jira Software Data Center and Server

This High severity DoS Denial of Service vulnerability was introduced in version 9.15.2, 9.16.0, 9.17.0, 10.1.1, 10.3.13, 11.2.0 of Jira Software Data Center and Server. This DoS Denial of Service vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of code:java...

WordPress PixelYourSite plugin < 11.1.2 - Admin+ LFI vulnerability

Admin+ LFI vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin PixelYourSite – Your smart PIXEL TAG Manager versions 11.1.2...

CVE-2025-54187

Substance3D - Painter versions 11.0.2 and earlier are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

CVE-2019-17561

The "Apache NetBeans" autoupdate system does not fully validate code signatures. An attacker could modify the downloaded nbm and include additional code. "Apache NetBeans" versions up to and including 11.2 are affected by this vulnerability...

CVE-2025-24353 Directus privilege escalation vulnerability using Share feature

Directus is a real-time API and App dashboard for managing SQL database content. Prior to version 11.2.0, when sharing an item, a typical user can specify an arbitrary role. It allows the user to use a higher-privileged role to see fields that otherwise the user should not be able to see. Instanc...

PT-2025-11545

Name of the Vulnerable Software and Affected Versions: visionOS versions prior to 2.2 watchOS versions prior to 11.2 tvOS versions prior to 18.2 macOS Sequoia versions prior to 15.2 iOS versions prior to 18.2 iPadOS versions prior to 18.2 Description: A logic issue was addressed with improved fil...

Secomea GateManager 安全漏洞

Secomea GateManager is a remote access server product from Secomea, Denmark. A security vulnerability exists in Secomea GateManager versions prior to 11.2.624071020, which stems from a security flaw in the pseudo-random number generator PRNG...

PT-2024-22876 · Projeqtor · Projeqtor

Name of the Vulnerable Software and Affected Versions: projeqtor versions up to 11.2.0 Description: The issue is related to a remote code execution RCE vulnerability via the component /view/print.php. This allows for potential exploitation, but specific details about the number of affected device...

CVE-2023-49034

Cross Site Scripting XSS vulnerability in ProjeQtOr 11.0.2 allows a remote attacker to execute arbitrary code via a crafted script to thecheckvalidHtmlText function in the ack.php and security.php files...

IBM Cognos Analytics 代码注入漏洞

A remote code execution vulnerability exists in IBM Cognos Analytics version 11.1.7, 11.2.0, a suite of business intelligence software from IBM Corporation that provides valuable information, secure data governance, and reporting. The vulnerability stems from incorrect neutralization of...

CVE-2021-20427

IBM Security Guardium 11.2 uses an inadequate account lockout setting that could allow a remote attacker to brute force account credentials. IBM X-Force ID: 196314...

IBM Security Guardium 安全漏洞

IBM Security Guardium is a suite of platforms from IBM in the United States that provide data protection capabilities. The platform includes features such as custom UI, report management and streamlined audit process building. An elevation of privilege vulnerability exists in IBM Security Guardiu...

Oracle Sun Systems Products Suite Solaris Component Arbitrary Code Execution Vulnerability

Oracle Sun Solaris is a set of Unix-like operating systems from Oracle. A security vulnerability exists in the rmformat Utility subcomponent of the Solaris component of Oracle Sun Systems Products Suite version 10 and version 11.2. A local attacker could exploit this vulnerability to compromise t...