324 matches found
PT-2026-53038
Name of the Vulnerable Software and Affected Versions Ivory Search – WordPress Search Plugin versions prior to 5.5.16 Description Insufficient input sanitization and output escaping allow authenticated attackers with administrator-level access and above to perform Stored Cross-Site Scripting XSS...
CVE-2026-49506
Dell Wyse Management Suite, versions prior to WMS 5.5 HF1, contain an Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Remote Code Execution...
CVE-2026-41120
CVE-2026-41120 affects Dell Wyse Management Suite prior to 5.5 HF1. The vulnerability is described as an Acceptance of Extraneous Untrusted Data With Trusted Data, enabling a low-privilege, remote attacker to potentially achieve Remote Code Execution. The connected sources indicate the fix is ava...
CVE-2026-49506
Dell Wyse Management Suite before version 5.5 HF1 is affected by CVE-2026-49506: an improper limitation of a pathname to a restricted directory (path traversal) could allow a high-privilege attacker with remote access to achieve remote code execution. Affected product: Dell Wyse Management Suite;...
CVE-2026-49506
Dell Wyse Management Suite, versions prior to WMS 5.5 HF1, contain an Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Remote Code Execution...
Astra Linux – Vulnerability in Linux
A flaw was discovered in the Linux kernel’s implementation of string matching within packets. A privileged user with root or CAPNETADMIN status can insert rules into iptables, and this action may cause the system to panic. The issue affects kernels prior to version 5.5-rc1...
EUVD-2026-37060
The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to Privilege Escalation to Administrator in versions up to, and including, 5.5.1. The plugin chains three independent flaws that together allow an authenticated Agent Agent+ to overwrite a...
CVE-2026-49083 WordPress LatePoint plugin <= 5.5.1 - Privilege Escalation vulnerability
Contributor Privilege Escalation in LatePoint = 5.5.1 versions...
CVE-2026-49083
Summary: CVE-2026-49083 affects the WordPress LatePoint plugin and is a privilege-escalation vulnerability in versions ≤ 5.5.1. What’s affected: WordPress LatePoint plugin (versions up to and including 5.5.1). Impact (as per provided metrics): CVSS 3.1 base score 7.5 (High), with network attack v...
CVE-2026-49063 WordPress Listdom plugin <= 5.5.0 - Privilege Escalation vulnerability
Unauthenticated Privilege Escalation in Listdom = 5.5.0 versions...
EUVD-2026-36871
Unauthenticated Privilege Escalation in Listdom = 5.5.0 versions...
CVE-2026-42665
Summary (CVE-2026-42665): Unauthenticated SQL Injection in the WordPress plugin “WP Data Access” (versions
CVE-2026-45328
ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.5.4 and 6.0, the esptee component exposes secure-service wrappers in espsecureservices.c and espsecureservicesiram.c that bridge calls from the user application i.e. the REE to TEE-protected hardware peripherals...
WordPress LatePoint plugin <= 5.5.1 - Privilege Escalation vulnerability
Privilege Escalation vulnerability discovered by VanTastic in WordPress Plugin LatePoint versions = 5.5.1...
CVE-2021-47970 Macaron Notes 5.5 Denial of Service via Buffer Overflow
Macaron Notes 5.5 contains a denial of service vulnerability that allows attackers to crash the application by creating notes with excessively long character strings. Attackers can generate a payload containing 350000 repeated characters and paste it into a note field to trigger application crash...
PT-2026-41456
Name of the Vulnerable Software and Affected Versions Macaron Notes version 5.5 Description A denial of service issue allows attackers to crash the application by creating notes with excessively long character strings. An attacker can trigger the crash and stop functionality by pasting a payload...
Macaron Notes 安全漏洞
Macaron Notes is a note-taking application developed by Macaron Corporation that supports sticky note recording, schedule organization, and personalized theme management. Version 5.5 of Macaron Notes contains a security vulnerability. This vulnerability stems from allowing attackers to cause...
openSUSE 16 Security Update : raylib (openSUSE-SU-2026:20717-1)
"The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20717-1 advisory. Changes in raylib: - security update: CVE-2025-15533: Fix heap-based buffer overflow via GenImageFontAtlas function manipulation bsc1256900...
PT-2026-41126
Name of the Vulnerable Software and Affected Versions ClipBucket versions prior to 5.5.3 - 122 Description An SQL Injection SQLi issue exists in the authenticated admin endpoint "admin area/action logs.php". The endpoint processes the type parameter, which is passed to the fetch action logs...
OPENSUSE-SU-2026:20717-1 Security update for raylib
This update for raylib fixes the following issues: Changes in raylib: - security update: CVE-2025-15533: Fix heap-based buffer overflow via GenImageFontAtlas function manipulation bsc1256900 CVE-2025-15534: Fix integer overflow vulnerability in LoadFontData bsc1256901 - Update to 5.5: NEW raylib...