CVE-2026-24357

creationtimestamp| type| source ---|---|--- 2026-01-22 17:36:10+00:00| seen| https://gist.github.com/Darkcrai86/1447eafea930c5a21ac785b3ff58503c...

EUVD-2026-3855

Authorization Bypass Through User-Controlled Key vulnerability in Elated-Themes Sweet Jane sweetjane allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Sweet Jane: from n/a through = 1.2...

EUVD-2026-3854

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Imran Emu Owl Carousel WP owl-carousel-wp allows Stored XSS.This issue affects Owl Carousel WP: from n/a through = 2.2.2...

EUVD-2026-3850

Authorization Bypass Through User-Controlled Key vulnerability in Mikado-Themes Cocco cocco allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cocco: from n/a through = 1.5.1...

EUVD-2026-3915

Missing Authorization vulnerability in e-plugins Lawyer Directory lawyer-directory allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Lawyer Directory: from n/a through = 1.3.4...

EUVD-2026-4033

Unrestricted Upload of File with Dangerous Type vulnerability in garidium g-FFL Checkout g-ffl-checkout allows Upload a Web Shell to a Web Server.This issue affects g-FFL Checkout: from n/a through = 2.1.0...

EUVD-2026-4104

Missing Authorization vulnerability in cozythemes HomeLancer homelancer allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects HomeLancer: from n/a through = 1.0.1...

CVE-2026-21975

The CVE-2026-21975 entry describes a vulnerability in the Java VM component of Oracle Database Server. Affected: Oracle Database Server Java VM , versions 19.3-19.29 and 21.3-21.20 . Root cause: vulnerability in the Java VM allows a high privileged attacker with Authenticated User privilege and n...

CVE-2026-21962

...

CVE-2026-21942

...

CVE-2026-21944

The CVE-2026-21944 affects Oracle Agile Product Lifecycle Management for Process (Product Quality Management component) with affected version 6.2.4. It describes a low-privilege attacker who can exploit over HTTP network access to gain unauthorized access to data. Affected status is supported by ...

EUVD-2026-3327

A flaw in Node.js TLS error handling allows remote attackers to crash or exhaust resources of a TLS server when pskCallback or ALPNCallback are in use. Synchronous exceptions thrown during these callbacks bypass standard TLS error handling paths tlsClientError and error, causing either immediate...

MINI-HQJ4-X9RM-6FJ5

Bulletin has no description...

EUVD-2026-3432

A security issue exists within ArmorStart® LT that can result in a denial-of-service condition. Fuzzing performed using Defensics causes the device to become unresponsive, requiring a reboot...

CVE-2026-1140

A vulnerability was found in UTT 进取 520W 1.7.7-180627. This issue affects the function strcpy of the file /goform/ConfigExceptAli. The manipulation results in buffer overflow. It is possible to launch the attack remotely. The exploit has been made public and could be used. The vendor was contacte...

EUVD-2026-3486

The PeachPay — Payments & Express Checkout for WooCommerce supports Stripe, PayPal, Square, Authorize.net plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability checks on the ConvesioPay webhook REST endpoint in all versions up to, and including,...

EUVD-2026-3487

A vulnerability was detected in MineAdmin 1.x/2.x. Affected by this vulnerability is an unknown functionality of the file /system/downloadById. Performing a manipulation of the argument ID results in information disclosure. The attack can be initiated remotely. The attack's complexity is rated as...

EUVD-2026-3336

A buffer over-read in the PublicKey::verify method of Binance - Trust Wallet Core before commit 5668c67 allows attackers to cause a Denial of Service DoS via a crafted input...

net: hns3: add VLAN id validation before using

...

MiracleLinux 7 : kdelibs-4.14.8-6.el7 (AXSA:2017-1655:01)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2017-1655:01 advisory. Libraries for KDE 4. Security issues fixed with this release: CVE-2017-8422 KDE kdelibs before 4.14.32 and KAuth before 5.34 allow local users to gain root...