CVE-2026-5935

IBM Total Storage Service Console TSSC / TS4500 IMC 9.2, 9.3, 9.4, 9.5, 9.6 TSSC/IMC could allow an unauthenticated user to execute arbitrary commands with normal user privileges on the system due to improper validation of user supplied input...

EUVD-2026-24439

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: GIS. Supported versions that are affected are 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of thi...

EUVD-2026-24346

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Group Replication Plugin. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to...

CVE-2026-35235

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: GIS. Supported versions that are affected are 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of thi...

CVE-2026-34303

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQ...

Fedora 43 : calibre (2026-9cc418c23e)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-9cc418c23e advisory. Update to 9.6.0. Fixes rhbz2452087 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessu...

EUVD-2025-204088

Missing Authorization vulnerability in 8theme XStore xstore allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects XStore: from n/a through 9.6...

CVE-2025-64192 WordPress XStore theme < 9.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in 8theme XStore xstore allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects XStore: from n/a through 9.6...

CVE-2025-64192

CVE-2025-64192 affects the WordPress XStore theme (XStore) with versions prior to 9.6. The issue is a Missing Authorization vulnerability caused by broken access control, allowing exploitation due to improperly configured access levels. Public documentation in the connected sources confirms the i...

WordPress plugin XStore 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

Important: Red Hat Security Advisory: sssd security update

An update for sssd is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

EUVD-2025-35217

code16 Sharp v9.6.6 is vulnerable to Cross Site Scripting XSS src/Form/Fields/SharpFormUploadField.php...

EUVD-2025-33406

In xckk v9.6, there is a SQL injection vulnerability in which the cond parameter in notice/list is not securely filtered, resulting in a SQL injection vulnerability...

EUVD-2025-33409

In xckk v9.6, there is a SQL injection vulnerability in which the orderBy parameter in address/list is not securely filtered, resulting in a SQL injection vulnerability...

xckk 安全漏洞

xckk small dish low-code development platform is a low-code development platform open-sourced by China Cloud Network Software bestfeng. A security vulnerability exists in xckk v9.6, which originates from the cond parameter in notice/list is not securely filtered, which may lead to SQL injection...

CVE-2025-60265

In xckk v9.6, there is a SQL injection vulnerability in which the orderBy parameter in user/list is not securely filtered, resulting in a SQL injection vulnerability...

CVE-2025-60265

In xckk v9.6, there is a SQL injection vulnerability in which the orderBy parameter in user/list is not securely filtered, resulting in a SQL injection vulnerability...

CVE-2025-61985

ssh in OpenSSH before 10.1 allows the '\0' character in an ssh:// URI, potentially leading to code execution when a ProxyCommand is used...

CVE-2011-10027

CVE-2011-10027 affects AOL Desktop 9.6. The vulnerability is a stack-based buffer overflow in the Tool\rich.rct component while parsing .rtx files, triggered by embedding an overly long string in a hyperlink tag and caused by unsafe strcpy usage. This can allow remote code execution when a user o...

PHPCMS 安全漏洞

PHPCMS is a web content management system based on PHP and Mysql architecture by Abel Personal Developer. The system includes modules for news, images, downloads, information, products and more. A security vulnerability exists in PHPCMS version 9.6.3, which stems from the presence of a cross-site...