CVE-2026-5935

IBM Total Storage Service Console TSSC / TS4500 IMC 9.2, 9.3, 9.4, 9.5, 9.6 TSSC/IMC could allow an unauthenticated user to execute arbitrary commands with normal user privileges on the system due to improper validation of user supplied input...

EUVD-2026-24439

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: GIS. Supported versions that are affected are 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of thi...

EUVD-2026-24346

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Group Replication Plugin. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to...

CVE-2026-35235

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: GIS. Supported versions that are affected are 9.0.0-9.6.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of thi...

CVE-2026-34303

Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.0-8.0.45, 8.4.0-8.4.8 and 9.0.0-9.6.0. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQ...

Fedora 43 : calibre (2026-9cc418c23e)

The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-9cc418c23e advisory. Update to 9.6.0. Fixes rhbz2452087 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessu...

EUVD-2025-204088

Missing Authorization vulnerability in 8theme XStore xstore allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects XStore: from n/a through 9.6...

CVE-2025-64192

CVE-2025-64192 affects the WordPress XStore theme (XStore) with versions prior to 9.6. The issue is a Missing Authorization vulnerability caused by broken access control, allowing exploitation due to improperly configured access levels. Public documentation in the connected sources confirms the i...

CVE-2025-64192 WordPress XStore theme < 9.6 - Broken Access Control vulnerability

Missing Authorization vulnerability in 8theme XStore xstore allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects XStore: from n/a through 9.6...

WordPress plugin XStore 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

Important: Red Hat Security Advisory: sssd security update

An update for sssd is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

EUVD-2025-35217

code16 Sharp v9.6.6 is vulnerable to Cross Site Scripting XSS src/Form/Fields/SharpFormUploadField.php...

EUVD-2025-33406

In xckk v9.6, there is a SQL injection vulnerability in which the cond parameter in notice/list is not securely filtered, resulting in a SQL injection vulnerability...

EUVD-2025-33409

In xckk v9.6, there is a SQL injection vulnerability in which the orderBy parameter in address/list is not securely filtered, resulting in a SQL injection vulnerability...

xckk 安全漏洞

xckk small dish low-code development platform is a low-code development platform open-sourced by China Cloud Network Software bestfeng. A security vulnerability exists in xckk v9.6, which originates from the cond parameter in notice/list is not securely filtered, which may lead to SQL injection...

CVE-2025-60265

In xckk v9.6, there is a SQL injection vulnerability in which the orderBy parameter in user/list is not securely filtered, resulting in a SQL injection vulnerability...

CVE-2025-60265

In xckk v9.6, there is a SQL injection vulnerability in which the orderBy parameter in user/list is not securely filtered, resulting in a SQL injection vulnerability...

CVE-2025-61985

ssh in OpenSSH before 10.1 allows the '\0' character in an ssh:// URI, potentially leading to code execution when a ProxyCommand is used...

CVE-2011-10027

CVE-2011-10027 affects AOL Desktop 9.6. The vulnerability is a stack-based buffer overflow in the Tool\rich.rct component while parsing .rtx files, triggered by embedding an overly long string in a hyperlink tag and caused by unsafe strcpy usage. This can allow remote code execution when a user o...

PHPCMS 安全漏洞

PHPCMS is a web content management system based on PHP and Mysql architecture by Abel Personal Developer. The system includes modules for news, images, downloads, information, products and more. A security vulnerability exists in PHPCMS version 9.6.3, which stems from the presence of a cross-site...