1885 matches found
rust-libp2p 安全漏洞
rust-libp2p is a Rust implementation of the libp2p open-source network stack. Versions of rust-libp2p prior to 0.49.4 contained a security vulnerability. This vulnerability stemmed from the lack of checks for arithmetic operations involving Instant and Duration when processing specially crafted...
CVE-2026-24969
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in designingmedia Instant VA instantva allows Path Traversal.This issue affects Instant VA: from n/a through = 1.0.1...
CVE-2026-24969
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in designingmedia Instant VA instantva allows Path Traversal.This issue affects Instant VA: from n/a through = 1.0.1...
CVE-2026-24969 WordPress Instant VA theme <= 1.0.1 - Arbitrary File Deletion vulnerability
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in designingmedia Instant VA instantva allows Path Traversal.This issue affects Instant VA: from n/a through = 1.0.1...
CVE-2026-24969
CVE-2026-24969 affects the WordPress Instant VA theme (designingmedia Instant VA) up to version 1.0.1 and is caused by improper limitation of a pathname to a restricted directory (Path Traversal). This can lead to arbitrary file deletion as described in multiple sources. The Red Hat/NVD entries c...
CVE-2026-24969 WordPress Instant VA theme <= 1.0.1 - Arbitrary File Deletion vulnerability
Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in designingmedia Instant VA instantva allows Path Traversal.This issue affects Instant VA: from n/a through = 1.0.1...
WordPress plugin Instant VA 路径遍历漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...
WordPress Instant Popup Builder plugin <= 1.1.7 - Unauthenticated Arbitrary Shortcode Execution via 'token' Parameter vulnerability
Unauthenticated Arbitrary Shortcode Execution via 'token' Parameter vulnerability discovered by theviper17y in WordPress Plugin Instant Popup Builder versions = 1.1.7...
EUVD-2026-13074
The Instant Popup Builder plugin for WordPress is vulnerable to Unauthenticated Arbitrary Shortcode Execution in all versions up to and including 1.1.7. This is due to the handleemailverificationpage function constructing a shortcode string from user-supplied GET parameters token, email and passi...
CVE-2026-3475
The Instant Popup Builder plugin for WordPress is vulnerable to Unauthenticated Arbitrary Shortcode Execution in all versions up to and including 1.1.7. This is due to the handleemailverificationpage function constructing a shortcode string from user-supplied GET parameters token, email and passi...
CVE-2026-3475
CVE-2026-3475 affects the WordPress plugin Instant Popup Builder (
CVE-2026-3475
The Instant Popup Builder plugin for WordPress is vulnerable to Unauthenticated Arbitrary Shortcode Execution in all versions up to and including 1.1.7. This is due to the handleemailverificationpage function constructing a shortcode string from user-supplied GET parameters token, email and passi...
CVE-2026-3475 Instant Popup Builder <= 1.1.7 - Unauthenticated Arbitrary Shortcode Execution via 'token' Parameter
The Instant Popup Builder plugin for WordPress is vulnerable to Unauthenticated Arbitrary Shortcode Execution in all versions up to and including 1.1.7. This is due to the handleemailverificationpage function constructing a shortcode string from user-supplied GET parameters token, email and passi...
CVE-2026-3475 Instant Popup Builder <= 1.1.7 - Unauthenticated Arbitrary Shortcode Execution via 'token' Parameter
The Instant Popup Builder plugin for WordPress is vulnerable to Unauthenticated Arbitrary Shortcode Execution in all versions up to and including 1.1.7. This is due to the handleemailverificationpage function constructing a shortcode string from user-supplied GET parameters token, email and passi...
WordPress plugin Instant Popup Builder 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
PT-2026-25914
🚨 CVE-2026-32292: GL-iNet Comet... $30 KVM boxes with zero rate limiting = instant network pivot point for anyone with Hydra and patience. KVMpwn BruteForce NetworkPivot. https://t.co/VKisqb37V7 netsec vulnerability CVE sysadmin zeroday...
WordPress Instant VA theme <= 1.0.1 - Arbitrary File Deletion vulnerability
Arbitrary File Deletion vulnerability discovered by Phat RiO - BlueRock in WordPress Theme Instant VA versions = 1.0.1...
CVE-2026-28281 InstantCMS has Multiple CSRF Vulnerabilities
InstantCMS is a free and open source content management system. Prior to 2.18.1, InstantCMS does not validate CSRF tokens, which allows attackers grant moderator privileges to users, execute scheduled tasks, move posts to trash, and accept friend requests on behalf of the user. This vulnerability...
EUVD-2026-10405
InstantCMS is a free and open source content management system. Prior to 2.18.1, InstantCMS does not validate CSRF tokens, which allows attackers grant moderator privileges to users, execute scheduled tasks, move posts to trash, and accept friend requests on behalf of the user. This vulnerability...
[SECURITY] Fedora 42 Update: opensips-3.5.9-2.fc42
OpenSIPS or Open SIP Server is a very fast and flexible SIP RFC3261 proxy server. Written entirely in C, opensips can handle thousands calls per second even on low-budget hardware. A C Shell like scripting language provides full control over the server's behaviour. It's modular architecture allow...