23700 matches found
CVE-2026-23434
In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: serialize lock/unlock against other NAND operations nandlock and nandunlock call into chip-ops.lockarea/unlockarea without holding the NAND device lock. On controllers that implement SETFEATURES via multiple low-lev...
CVE-2026-4346
The vulnerability affecting TL-WR850N v3 allows cleartext storage of administrative and Wi-Fi credentials in a region of the device’s flash memory while the serial interface remains enabled and protected by weak authentication. An attacker with physical access and the ability to connect to the...
EUVD-2026-16452
The vulnerability affecting TL-WR850N v3 allows cleartext storage of administrative and Wi-Fi credentials in a region of the device’s flash memory while the serial interface remains enabled and protected by weak authentication. An attacker with physical access and the ability to connect to the...
CVE-2026-4346
The vulnerability affecting TL-WR850N v3 allows cleartext storage of administrative and Wi-Fi credentials in a region of the device’s flash memory while the serial interface remains enabled and protected by weak authentication. An attacker with physical access and the ability to connect to the...
CVE-2026-4346
The vulnerability affecting TL-WR850N v3 allows cleartext storage of administrative and Wi-Fi credentials in a region of the device’s flash memory while the serial interface remains enabled and protected by weak authentication. An attacker with physical access and the ability to connect to the...
CVE-2024-32537
Cross-Site request forgery CSRF vulnerability in joshuae1974 Flash Video Player allows Cross Site Request Forgery.This issue affects Flash Video Player: from n/a through 5.0.4...
PT-2026-28644
Name of the Vulnerable Software and Affected Versions TL-WR850N version 3 Description The issue allows for the storage of administrative and Wi-Fi credentials in cleartext within a region of the device’s flash memory. The serial interface remains enabled and is protected by weak authentication. A...
TP-Link TL-WR850N 安全漏洞
The TP-Link TL-WR850N is a WiFi router produced by the TP-Link company. The TP-Link TL-WR850N v3 has a security vulnerability. This vulnerability arises from the fact that, when the serial interface is enabled and under weak authentication protection, management credentials and Wi-Fi credentials...
EUVD-2024-30339
Cross-Site request forgery CSRF vulnerability in joshuae1974 Flash Video Player allows Cross Site Request Forgery.This issue affects Flash Video Player: from n/a through 5.0.4...
CVE-2024-32537
Cross-Site request forgery CSRF vulnerability in joshuae1974 Flash Video Player allows Cross Site Request Forgery.This issue affects Flash Video Player: from n/a through 5.0.4...
CVE-2024-32537 WordPress Flash Video Player plugin <= 5.0.4 - CSRF to XSS vulnerability
Cross-Site request forgery CSRF vulnerability in joshuae1974 Flash Video Player allows Cross Site Request Forgery.This issue affects Flash Video Player: from n/a through 5.0.4...
CVE-2024-32537
Cross-Site request forgery CSRF vulnerability in joshuae1974 Flash Video Player allows Cross Site Request Forgery.This issue affects Flash Video Player: from n/a through 5.0.4...
CVE-2024-32537 WordPress Flash Video Player plugin <= 5.0.4 - CSRF to XSS vulnerability
Cross-Site request forgery CSRF vulnerability in joshuae1974 Flash Video Player allows Cross Site Request Forgery.This issue affects Flash Video Player: from n/a through 5.0.4...
PT-2026-26595
CVE-2024-32537 Cross-Site request forgery CSRF vulnerability in joshuae1974 Flash Video Player allows Cross Site Request Forgery.This issue affects Flash Video Player: from n/a th… https://t.co/Iem5zgox96...
WordPress plugin Flash Video Player 跨站请求伪造漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...
Improper Authentication and Origin Validation Error in pyload-ng
Summary A Host Header Spoofing vulnerability in the @localcheck decorator allows unauthenticated external attackers to bypass local-only restrictions. This grants access to the Click'N'Load API endpoints, enabling attackers to remotely queue arbitrary downloads, leading to Server-Side Request...
CVE-2026-23267
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix ISCHECKPOINTED flag inconsistency issue caused by concurrent atomic commit and checkpoint writes During SPO tests, when mounting F2FS, an -EINVAL error was returned from f2fsrecoverinodepage. The issue occurred under th...
CVE-2026-23265
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on node footer in read,writeendio ----------- cut here ------------ kernel BUG at fs/f2fs/data.c:358! Call Trace: blkupdaterequest+0x5eb/0xe70 block/blk-mq.c:987 blkmqendrequest+0x3e/0x70...
UBUNTU-CVE-2026-23265
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on node footer in read,writeendio ----------- cut here ------------ kernel BUG at fs/f2fs/data.c:358! Call Trace: blkupdaterequest+0x5eb/0xe70 block/blk-mq.c:987 blkmqendrequest+0x3e/0x70...
CVE-2026-23267
The CVE-2026-23267 issue is a Linux kernel f2fs race where an IS_CHECKPOINTED flag inconsistency during atomic commits could cause an -EINVAL in f2fs_recover_inode_page. The root cause is a race between f2fs_ioc_commit_atomic_write and f2fs_write_checkpoint, with the last_folio’s nat_entry flag n...