57 matches found
2026-07 Security and Quality Rollup for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012 R2 for x64 (KB5102205)
2026-07 Security and Quality Rollup for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012 R2 for x64 KB5102205...
CVE-2026-57429
CVE-2026-57429 is associated with the WordPress plugin Slim SEO (versions ≤ 4.6.2). The vulnerability is described as Broken Access Control in the available connected documents (Patchstack listing and CVE records). Public details in the connected sources confirm the affected software/component an...
WordPress Slim SEO plugin <= 4.6.2 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Abu Hurayra in WordPress Plugin Slim SEO versions = 4.6.2...
CVE-2025-32747
Dell PowerFlex Manager, versions =4.6.2, contains an Incorrect Privilege Assignment vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges...
CVE-2025-32751
Dell PowerFlex Manager, versions =4.6.2, contains an Insecure Storage of Sensitive Information vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to unauthorized access to sensitive information...
CVE-2025-32747
Dell PowerFlex Manager, versions =4.6.2, contains an Incorrect Privilege Assignment vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges...
EUVD-2026-30301
vCluster Platform provides a Kubernetes platform for managing virtual clusters, multi-tenancy, and cluster sharing. Prior to 4.4.3, 4.5.5, 4.6.2, 4.7.1, and 4.8.0, there is a Stored XSS attack vulnerability via the name field of a templateRef. This can lead to the execution of arbitrary external...
May 12, 2026-Security and Quality Rollup for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012 (KB5088860)
None None...
CVE-2026-30828
Wallos is an open-source, self-hostable personal subscription tracker. Prior to version 4.6.2, the url parameter can be used to retrieve local system files. This issue has been patched in version 4.6.2...
CVE-2026-30841 Wallos: Reflected XSS via unescaped token and email parameters in passwordreset.php
Wallos is an open-source, self-hostable personal subscription tracker. Prior to version 4.6.2, passwordreset.php outputs $GET"token" and $GET"email" directly into HTML input value attributes using and without calling htmlspecialchars. This allows reflected XSS by breaking out of the attribute...
EUVD-2026-10120
Wallos is an open-source, self-hostable personal subscription tracker. Prior to version 4.6.2, there is a server-side request forgery vulnerability in notification testers. This issue has been patched in version 4.6.2...
CVE-2026-30828 Wallos: SSRF via url parameter leading to File Traversal
Wallos is an open-source, self-hostable personal subscription tracker. Prior to version 4.6.2, the url parameter can be used to retrieve local system files. This issue has been patched in version 4.6.2...
CVE-2026-30828
Wallos is an open-source, self-hostable personal subscription tracker. Prior to version 4.6.2, the url parameter can be used to retrieve local system files. This issue has been patched in version 4.6.2...
EUVD-2026-10116
Wallos is an open-source, self-hostable personal subscription tracker. Prior to version 4.6.2, the url parameter can be used to retrieve local system files. This issue has been patched in version 4.6.2...
CVE-2026-0961
BLF file parser crash in Wireshark 4.6.0 to 4.6.2 and 4.4.0 to 4.4.12 allows denial of service...
OPENSUSE-SU-2025:15799-1 libwireshark19-4.6.2-1.1 on GA media
These are all security issues fixed in the libwireshark19-4.6.2-1.1 package on the GA media of openSUSE Tumbleweed...
CVE-2025-54965
An XSS issue was discovered in BAE SOCET GXP before 4.6.0.2. The SOCET GXP Job Status Service does not properly sanitize the job ID parameter before using it in the job status page. An attacker who is able to social engineer a user into clicking a malicious link may be able to execute arbitrary...
October 14, 2025-Security Only Update for .NET Framework 3.5.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2008 R2 SP1 (KB5066748)
None None...
Flask App Builder 输入验证错误漏洞
Flask App Builder is a simple and fast application development framework by Daniel Vaz Gaspar Personal Developer. An input validation error vulnerability exists in Flask App Builder versions prior to 4.6.2, which stems from an unvalidated host header and could lead to an open redirect...
PT-2025-1800 · WordPress · Wp Social Autoconnect
Name of the Vulnerable Software and Affected Versions: WP Social AutoConnect plugin for WordPress versions up to, and including, 4.6.2 Description: The issue is due to missing or incorrect nonce validation on a function, making it possible for unauthenticated attackers to inject malicious web...