CVE-2026-53694

Improper Neutralization of Argument Delimiters in a Command 'Argument Injection' vulnerability in Nomachine allows Argument Injection.This issue affects Nomachine: before 9.5.7, before 8.23.2...

CVE-2026-5412

In Juju versions prior to 2.9.57 and 3.6.21, an authorization issue exists in the Controller facade. An authenticated user can call the CloudSpec API method to extract the cloud credentials used to bootstrap the controller. This allows a low-privileged user to access sensitive credentials. This...

CVE-2026-32461

Missing Authorization vulnerability in Really Simple Plugins Really Simple SSL really-simple-ssl allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Really Simple SSL: from n/a through = 9.5.7...

CVE-2026-32461 WordPress Really Simple SSL plugin <= 9.5.7 - Broken Access Control vulnerability

Missing Authorization vulnerability in Really Simple Plugins Really Simple SSL really-simple-ssl allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Really Simple SSL: from n/a through = 9.5.7...

WordPress plugin Really Simple SSL 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...

CVE-2023-53943

GLPI 9.5.7 has a username-enumeration flaw in the lost-password recovery. Attackers can infer valid email addresses by observing response differences from the password-reset endpoint. CVSS metrics indicate network access with low complexity; impact on confidentiality is Low. Remediation details a...

CVE-2025-58690

Cross-Site Request Forgery CSRF vulnerability in ptibogxiv Doliconnect doliconnect allows Stored XSS.This issue affects Doliconnect: from n/a through = 9.5.7...

CVE-2025-58690

CVE-2025-58690 is a CSRF vulnerability in Doliconnect for WordPress that can lead to Stored XSS. Affected versions are listed as n/a through 9.5.7; CVSS v3.1 base score 7.1 (High). Patch status shown in connected data indicates a fix in Doliconnect 9.5.7 or later. Remediation: update Doliconnect ...

Linux Distros Unpatched Vulnerability : CVE-2022-21720

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - GLPI is a free asset and IT management software package. Prior to version 9.5.7, an entity administrator is capable of retrieving normally inaccessible data via...

PT-2022-1461 · Glpi +2 · Glpi +2

Name of the Vulnerable Software and Affected Versions: GLPI versions prior to 9.5.7 Description: The issue is related to reflected cross-site scripting in GLPI, a free asset and IT management software package. This can allow a remote attacker to perform cross-site scripting attacks by exploiting...

CVE-2021-30120

Kaseya VSA before 9.5.7 allows attackers to bypass the 2FA requirement. The need to use 2FA for authentication in enforce client-side instead of server-side and can be bypassed using a local proxy. Thus rendering 2FA useless. Detailed description --- During the login process, after the user...