CVE-2026-6486

A vulnerability was detected in classroombookings up to 2.17.0. This impacts the function read of the file crbs-core/application/views/layout.php of the component User Display Name Handler. The manipulation of the argument displayname results in cross site scripting. The attack can be executed...

CVE-2026-25624

CVE-2026-25624 is an administrative cross-site scripting vulnerability in the web UI dashboard layout of Arista Edge Threat Management NGFW. The issue involves unvalidated user-supplied variables echoed back to administrative profiles, enabling XSS when an attacker has administrative UI access. A...

CVE-2026-25624

An administrative cross-site scripting XSS vulnerability exists in the web user interface dashboard layout of Arista Edge Threat Management - Arista Next Generation Firewall NGFW. Unvalidated user-supplied variables are echoed back to administrative profiles, facilitating vector payload processin...

CVE-2026-6703

The Responsive Blocks – Page Builder for Blocks & Patterns plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 2.2.1. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticat...

CVE-2026-40834

An low privileged remote attacker can exploit an unauthenticated SQL Injection vulnerability in the dashlayout.php files saveDashboardLayout function due to improper neutralization of special elements in a SQL INSERT command allowing for reading the whole database and inserting entries into a non...

CVE-2026-44011

Craft CMS is a content management system CMS. From 4.0.0 to before 4.17.12 and 5.9.18, Craft CMS which contains an input-handling flaw in a Yii object creation path that let any authenticated user inject malicious configuration and execute arbitrary commands on the server. The request-controlled...

CVE-2026-8711

NGINX JavaScript has a vulnerability when the jsfetchproxy directive is configured with at least one client-controlled NGINX variable for example, $http, $arg, $cookie and a location invoking the ngx.fetch operation from NGINX JavaScript. An unauthenticated attacker can exploit this vulnerability...

CVE-2026-36602

Mercusys AC12G EU V1 router with firmware AC12GEUV1200909 discloses kernel memory layout via the UPnP GetStatusInfo action. An unauthenticated attacker on the adjacent network can obtain a raw MIPS KSEG0 kernel pointer, revealing kernel memory layout and aiding further exploitation...

WordPress Page Layout builder v1.9.3 - Cross-Site Scripting

WordPress plugin Page-layout-builder v1.9.3 contains a cross-site scripting vulnerability. id: CVE-2016-1000141 info: name: WordPress Page Layout builder v1.9.3 - Cross-Site Scripting author: daffainfo severity: medium description: WordPress plugin Page-layout-builder v1.9.3 contains a cross-site...

ROS-20260605-73-0060

The vulnerability of the Layout component: Texts and fonts in Mozilla Firefox, Firefox ESR, and the email client Thunderbird are related to the use of memory after it is released. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility o...

CVE-2026-48155

A flaw was found in pypdf, a free and open-source pure-python PDF library. An attacker can craft a malicious PDF file that, when processed, leads to excessive memory consumption. This occurs when extracting text in layout mode with large character offsets. This vulnerability can result in a Denia...

CVE-2026-36602

Mercusys AC12G EU V1 router with firmware AC12GEUV1200909 discloses kernel memory layout via the UPnP GetStatusInfo action. An unauthenticated attacker on the adjacent network can obtain a raw MIPS KSEG0 kernel pointer, revealing kernel memory layout and aiding further exploitation...

PT-2026-45990

Mercusys AC12G EU V1 router with firmware AC12GEU V1 200909 discloses kernel memory layout via the UPnP GetStatusInfo action. An unauthenticated attacker on the adjacent network can obtain a raw MIPS KSEG0 kernel pointer, revealing kernel memory layout and aiding further exploitation...

CVE-2026-36602

Mercusys AC12G EU V1 router with firmware AC12GEUV1200909 discloses kernel memory layout via the UPnP GetStatusInfo action. An unauthenticated attacker on the adjacent network can obtain a raw MIPS KSEG0 kernel pointer, revealing kernel memory layout and aiding further exploitation...

EUVD-2026-34141

Mercusys AC12G EU V1 router with firmware AC12GEUV1200909 discloses kernel memory layout via the UPnP GetStatusInfo action. An unauthenticated attacker on the adjacent network can obtain a raw MIPS KSEG0 kernel pointer, revealing kernel memory layout and aiding further exploitation...

CVE-2026-36602

CVE-2026-36602 affects the Mercusys AC12G (EU) V1 router with firmware AC12G(EU)_V1_200909. The issue arises in UPnP GetStatusInfo handling, which discloses kernel memory layout. An unauthenticated attacker on an adjacent network can obtain a raw MIPS KSEG0 kernel pointer, exposing kernel memory ...

CVE-2026-36602

Mercusys AC12G EU V1 router with firmware AC12GEUV1200909 discloses kernel memory layout via the UPnP GetStatusInfo action. An unauthenticated attacker on the adjacent network can obtain a raw MIPS KSEG0 kernel pointer, revealing kernel memory layout and aiding further exploitation...

org.apache.logging.log4j/log4j-core: Apache Log4j Core: Invalid XML output causes denial of service in logging

A flaw was found in Apache Log4j Core. The XmlLayout component, responsible for formatting log messages into XML, does not properly remove or replace characters that are not allowed in XML 1.0. When log messages or diagnostic information contain these forbidden characters, the resulting XML outpu...

org.apache.logging.log4j/log4j-core: Apache Log4j Core: Log injection via CRLF sequences due to configuration attribute renames

A flaw was found in Apache Log4j Core. This vulnerability allows for log injection through the use of Carriage Return Line Feed CRLF sequences. This occurs because security-related configuration attributes were silently renamed, impacting users who directly configure Rfc5424Layout with stream-bas...

org.apache.logging.log4j: Apache Log4j JsonTemplateLayout: Denial of Service via invalid JSON output

A flaw was found in Apache Log4j's JsonTemplateLayout. This vulnerability allows a remote attacker to disrupt log processing systems. By sending log events that include specific non-numeric floating-point values, the attacker can cause the JsonTemplateLayout to generate invalid JSON output. This...