CVE-2025-32747

Dell PowerFlex Manager, versions =4.6.2, contains an Incorrect Privilege Assignment vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges...

CVE-2025-32751

Dell PowerFlex Manager, versions =4.6.2, contains an Insecure Storage of Sensitive Information vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to unauthorized access to sensitive information...

CVE-2025-32747

Dell PowerFlex Manager, versions =4.6.2, contains an Incorrect Privilege Assignment vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Elevation of privileges...

EUVD-2026-30301

vCluster Platform provides a Kubernetes platform for managing virtual clusters, multi-tenancy, and cluster sharing. Prior to 4.4.3, 4.5.5, 4.6.2, 4.7.1, and 4.8.0, there is a Stored XSS attack vulnerability via the name field of a templateRef. This can lead to the execution of arbitrary external...

May 12, 2026-Security and Quality Rollup for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012 (KB5088860)

May 12, 2026-Security and Quality Rollup for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012 KB5088860 Applies to: Microsoft .NET Framework 3.5 Microsoft .NET Framework 4.6.2 Microsoft .NET Framework 4.7 Microsoft .NET Framework 4.7.1 Microsoft .NET Framework 4.7.2...

CVE-2026-30828

Wallos is an open-source, self-hostable personal subscription tracker. Prior to version 4.6.2, the url parameter can be used to retrieve local system files. This issue has been patched in version 4.6.2...

CVE-2026-30841 Wallos: Reflected XSS via unescaped token and email parameters in passwordreset.php

Wallos is an open-source, self-hostable personal subscription tracker. Prior to version 4.6.2, passwordreset.php outputs $GET"token" and $GET"email" directly into HTML input value attributes using and without calling htmlspecialchars. This allows reflected XSS by breaking out of the attribute...

EUVD-2026-10120

Wallos is an open-source, self-hostable personal subscription tracker. Prior to version 4.6.2, there is a server-side request forgery vulnerability in notification testers. This issue has been patched in version 4.6.2...

CVE-2026-30828 Wallos: SSRF via url parameter leading to File Traversal

Wallos is an open-source, self-hostable personal subscription tracker. Prior to version 4.6.2, the url parameter can be used to retrieve local system files. This issue has been patched in version 4.6.2...

CVE-2026-30828

Wallos is an open-source, self-hostable personal subscription tracker. Prior to version 4.6.2, the url parameter can be used to retrieve local system files. This issue has been patched in version 4.6.2...

EUVD-2026-10116

Wallos is an open-source, self-hostable personal subscription tracker. Prior to version 4.6.2, the url parameter can be used to retrieve local system files. This issue has been patched in version 4.6.2...

CVE-2026-0961

BLF file parser crash in Wireshark 4.6.0 to 4.6.2 and 4.4.0 to 4.4.12 allows denial of service...

OPENSUSE-SU-2025:15799-1 libwireshark19-4.6.2-1.1 on GA media

These are all security issues fixed in the libwireshark19-4.6.2-1.1 package on the GA media of openSUSE Tumbleweed...

CVE-2025-54965

An XSS issue was discovered in BAE SOCET GXP before 4.6.0.2. The SOCET GXP Job Status Service does not properly sanitize the job ID parameter before using it in the job status page. An attacker who is able to social engineer a user into clicking a malicious link may be able to execute arbitrary...

October 14, 2025-Security Only Update for .NET Framework 3.5.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2008 R2 SP1 (KB5066748)

October 14, 2025-Security Only Update for .NET Framework 3.5.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2008 R2 SP1 KB5066748 Applies to:Microsoft .NET Framework 3.5.1 Microsoft .NET Framework 4.6.2 Microsoft .NET Framework 4.7 Microsoft .NET Framework 4.7.1 Microsoft .NET Framework 4.7....

Flask App Builder 输入验证错误漏洞

Flask App Builder is a simple and fast application development framework by Daniel Vaz Gaspar Personal Developer. An input validation error vulnerability exists in Flask App Builder versions prior to 4.6.2, which stems from an unvalidated host header and could lead to an open redirect...

PT-2025-1800 · WordPress · Wp Social Autoconnect

Name of the Vulnerable Software and Affected Versions: WP Social AutoConnect plugin for WordPress versions up to, and including, 4.6.2 Description: The issue is due to missing or incorrect nonce validation on a function, making it possible for unauthenticated attackers to inject malicious web...

Ubiquiti Networks UniFi Network Application 安全漏洞

Ubiquiti Networks UniFi Network Application is a network management software from Ubiquiti, Inc. that allows users to manage a variety of devices in a network including, but not limited to, wireless access points APs, switches, routers, etc. through a centralized interface. A security vulnerabili...

GL.iNet多款产品 安全漏洞

GL.iNet MT3000 and others are products of China's GL.iNet GL.iNet.GL.iNet MT3000 is an AX3000 portable router that uses the Wi-Fi 6 protocol.GL.iNet AX1800 is a wireless router.GL.iNet AXT1800 is a router. A security vulnerability exists in several GL.iNet products. An attacker exploiting this...

GL.iNet多款产品 安全漏洞

GL.iNet MT3000 and others are products of China's GL.iNet GL.iNet.GL.iNet MT3000 is an AX3000 portable router that uses the Wi-Fi 6 protocol.GL.iNet AXT1800 is a router.GL.iNet MT2500 is a router.GL.iNet AXT1800 is a router.GL.iNet AXT1800 is a router.GL.iNet MT2500 is a router.GL.iNet MT2500 is ...