8507 matches found
PT-2026-56945
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in merkulove Speaker speaker allows Stored XSS.This issue affects Speaker: from n/a through = 4.1.13...
PT-2026-56948
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in jwsthemes Aqua aqua allows PHP Local File Inclusion.This issue affects Aqua: from n/a through = 5.1.2...
PT-2026-56959
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Select-Themes SetSail setsail allows PHP Local File Inclusion.This issue affects SetSail: from n/a through = 2.1...
PT-2026-56963
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Select-Themes Tonda tonda allows PHP Local File Inclusion.This issue affects Tonda: from n/a through = 2.5...
PT-2026-56951
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in Mikado-Themes Dør dor allows PHP Local File Inclusion.This issue affects Dør: from n/a through = 2.4.1...
PT-2026-56956
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in SaurabhSharma NewsPlus Shortcodes newsplus-shortcodes allows PHP Local File Inclusion.This issue affects NewsPlus Shortcodes: from n/a through = 4.2.0...
PT-2026-56946
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in CreativeWS CWS SVGicons cws-svgicons allows Blind SQL Injection.This issue affects CWS SVGicons: from n/a through = 1.5.5...
PT-2026-56955
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in VLThemes Leedo leedo allows PHP Local File Inclusion.This issue affects Leedo: from n/a through = 3.0.0...
PT-2026-56941
Missing Authorization vulnerability in themebeez Fascinate fascinate allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Fascinate: from n/a through = 1.1.5...
PT-2026-56953
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in uxper Golo Framework golo-framework allows PHP Local File Inclusion.This issue affects Golo Framework: from n/a through = 1.7.3...
PT-2026-56957
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in uxper Nuss nuss allows PHP Local File Inclusion.This issue affects Nuss: from n/a through = 1.3.6...
openSUSE 16: gstreamer-plugins-good / gstreamer-plugins-good-extra / etc (openSUSE-SU-2026:21240-1)
The remote openSUSE 16 host has packages installed that are affected by a vulnerability as referenced in the openSUSE- SU-2026:21240-1 advisory. - CVE-2026-53705: wavpackdec: Avoid integer overflow when calculating output buffer size and related fixes bsc1268449. Tenable has extracted the precedi...
Oracle Linux 8 : gstreamer1-plugins-good (ELSA-2026-36774)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-36774 advisory. 1.16.1-7 - Fix integer overflow vulnerabilities in wavpackdec CVE-2026-53705 Resolves: RHEL-184473 Tenable has extracted the preceding description block direct...
PT-2026-56943
Missing Authorization vulnerability in Sovlix MeetingHub meetinghub allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects MeetingHub: from n/a through = 1.25.10...
PT-2026-56942
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Plugin Envision Envision Page Builder envision-page-builder allows DOM-Based XSS.This issue affects Envision Page Builder: from n/a through = 0.22...
RHEL 9 : gstreamer1-plugins-ugly-free (RHSA-2026:36674)
The remote Redhat Enterprise Linux 9 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2026:36674 advisory. GStreamer is a streaming media framework, based on graphs of elements which operate on media data. This package contains plug-ins whose...
Oracle Linux 9 : gstreamer1-plugins-good (ELSA-2026-37129)
The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-37129 advisory. - Fix CVE-2026-53705: integer overflow in wavpack decoder, re-applied on top of the correct 1.22.12 base Resolves: RHEL-184477 - Apply patches for CVE-2026-308...
RockyLinux 8 : gstreamer1-plugins-good (RLSA-2026:36774)
The remote RockyLinux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:36774 advisory. gstreamer1-plugins-good: GStreamer: Heap buffer overflow in WavPack decoder via integer overflow CVE-2026-53705 Tenable has extracted the preceding description...
AlmaLinux 8 : gstreamer1-plugins-bad-free (ALSA-2026:37130)
The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:37130 advisory. gstreamer1-plugins-bad-free: GStreamer: Heap buffer overflow via crafted VNC server rectangle in librfb CVE-2026-52720 gstreamer1-plugins-bad-free:...
AlmaLinux 8 : gstreamer1-plugins-good (ALSA-2026:36774)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:36774 advisory. gstreamer1-plugins-good: GStreamer: Heap buffer overflow in WavPack decoder via integer overflow CVE-2026-53705 Tenable has extracted the preceding description...