International Datacasting SFX2100 SuperFlex Satellite Receiver 安全漏洞

The International Datacasting SFX2100 SuperFlex Satellite Receiver is a professional broadcast-grade satellite signal receiving device developed by the International Datacasting company. The SFX2100 SuperFlex Satellite Receiver has a security vulnerability, which stems from hard-coded credentials...

PT-2026-22878

Name of the Vulnerable Software and Affected Versions International Datacasting Corporation IDC SFX Series SuperFlex SatelliteReceiver affected versions not specified Description The IDC SFX Series SuperFlex SatelliteReceiver includes hardcoded credentials for the monitor account. A remote,...

ROS-20260304-73-0019

A vulnerability in the readstring function of the hwmon component of the Linux operating system kernel is related to an operation exceeding buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

CVE-2026-2383

The Simple Download Monitor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via custom field in all versions up to, and including, 4.0.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access...

Security Bulletin: IBM Maximo Application Suite - Monitor Component uses filelock-3.20.1-py3-none-any.whl, filelock-3.20.2-py3-none-any.whl which is vulnerable to CVE-2026-22701.

Summary IBM Maximo Application Suite - Monitor Component uses filelock-3.20.1-py3-none-any.whl, filelock-3.20.2-py3-none-any.whl which is vulnerable to CVE-2026-22701. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-22701 DESCRIPTION: filelock...

Security Bulletin: IBM Maximo Application Suite - Monitor Component uses pyasn1-0.6.1.tar.gz which is vulnerable to CVE-2026-23490.

Summary IBM Maximo Application Suite - Monitor Component uses pyasn1-0.6.1.tar.gz which is vulnerable to CVE-2026-23490. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2026-23490 DESCRIPTION: pyasn1 is a generic ASN.1 library for Python. Prior to...

Security Bulletin: IBM Maximo Application Suite - Monitor Component uses netty-codec-http-4.2.5.Final.jar which is vulnerable to CVE-2025-67735.

Summary IBM Maximo Application Suite - Monitor Component uses netty-codec-http-4.2.5.Final.jar which is vulnerable to CVE-2025-67735. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2025-67735 DESCRIPTION: Netty is an asynchronous, event-driven...

Security Bulletin: IBM Maximo Application Suite - Monitor Component uses log4j-core-2.25.1.jar which is vulnerable to CVE-2025-68161.

Summary IBM Maximo Application Suite - Monitor Component uses log4j-core-2.25.1.jar which is vulnerable to CVE-2025-68161. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2025-68161 DESCRIPTION: The Socket Appender in Apache Log4j Core versions...

Security Bulletin: IBM Maximo Application Suite - Monitor Component uses urllib3-2.5.0-py3-none-any.whl, urllib3-2.6.1-py3-none-any.whl, urllib3-2.6.2-py3-none-any.whl which is vulnerable to CVE-2025-66418, CVE-2025-66471, CVE-2026-21441.

Summary IBM Maximo Application Suite - Monitor Component uses urllib3-2.5.0-py3-none-any.whl, urllib3-2.6.1-py3-none-any.whl, urllib3-2.6.2-py3-none-any.whl which is vulnerable to CVE-2025-66418, CVE-2025-66471, CVE-2026-21441. This bulletin contains information addressing the vulnerability...

Security Bulletin: IBM Maximo Application Suite - Monitor Component uses werkzeug-3.1.1-py3-none-any.whl, werkzeug-3.1.3-py3-none-any.whl which is vulnerable to CVE-2025-66221, CVE-2026-21860.

Summary IBM Maximo Application Suite - Monitor Component uses werkzeug-3.1.1-py3-none-any.whl, werkzeug-3.1.3-py3-none-any.whl which is vulnerable to CVE-2025-66221, CVE-2026-21860. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2025-66221...

Security Bulletin: IBM Maximo Application Suite - Monitor Component uses qs-6.13.0.tgz, qs-6.14.0.tgz which is vulnerable to CVE-2025-15284.

Summary IBM Maximo Application Suite - Monitor Component uses qs-6.13.0.tgz, qs-6.14.0.tgz which is vulnerable to CVE-2025-15284. This bulletin contains information addressing the vulnerability. Vulnerability Details CVEID:CVE-2025-15284 DESCRIPTION: Improper Input Validation vulnerability in qs...

Security Bulletin: IBM Maximo Application Suite - Monitor Component uses transformers-4.53.0-py3-none-any.whl which is vulnerable to multiple CVEs.

Summary IBM Maximo Application Suite - Monitor Component uses transformers-4.53.0-py3-none-any.whl which is vulnerable to CVE-2025-14920, CVE-2025-14921, CVE-2025-14926, CVE-2025-14927, CVE-2025-14924, CVE-2025-14928, CVE-2025-14929, CVE-2025-14930. This bulletin contains information addressing t...

Security Bulletin: IBM Maximo Application Suite - Monitor Component uses tornado-6.5-cp39-abi3-manylinux_2_5_x86_64.manylinux1_x86_64.manylinux_2_17_x86_64.manylinux2014_x86_64.whl which is vulnerable to CVE-2025-67724, CVE-2025-67725, CVE-2025-67726.

Summary IBM Maximo Application Suite - Monitor Component uses tornado-6.5-cp39-abi3-manylinux25x8664.manylinux1x8664.manylinux217x8664.manylinux2014x8664.whl which is vulnerable to CVE-2025-67724, CVE-2025-67725, CVE-2025-67726. This bulletin contains information addressing the vulnerability...

EUVD-2026-9017

The Simple Download Monitor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via custom field in all versions up to, and including, 4.0.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access...

CVE-2026-2383

The Simple Download Monitor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via custom field in all versions up to, and including, 4.0.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access...

CVE-2026-2383 Simple Download Monitor <= 4.0.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Custom Field

The Simple Download Monitor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via custom field in all versions up to, and including, 4.0.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access...

PT-2026-22319

The Simple Download Monitor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via custom field in all versions up to, and including, 4.0.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access...

WordPress plugin Simple Download Monitor 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

WordPress Simple Download Monitor plugin <= 4.0.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via Custom Field vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Custom Field vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Simple Download Monitor versions = 4.0.5...

CVE-2026-26932

Improper Validation of Array Index CWE-129 in the PostgreSQL protocol parser in Packetbeat can lead Denial of Service via Input Data Manipulation CAPEC-153. An attacker can send a specially crafted packet causing a Go runtime panic that terminates the Packetbeat process. This vulnerability requir...