2718 matches found
CVE-2026-3894 Out-of-bounds Read vulnerability in RTI Connext Professional (Core Libraries) allows Overread Buffers.
Out-of-bounds Read vulnerability in RTI Connext Professional Core Libraries allows Overread Buffers.This issue affects Connext Professional: from 7.4.0 before 7.7.0, from 7.0.0 before 7.3.1.3, from 6.1.0 before 6.1., from 6.0.0 before 6.0., from 5.3.0 before 5.3., from 5.0.0 before 5.2...
CVE-2026-2675
RTI Connext Professional (Security Plugins) is affected by CVE-2026-2675: Missing Authentication for a Critical Function. Affected Connext Professional versions include 5.3.* before 5.3., 6.0. before 6.0., 6.1. before 6.1.*, 7.0.0 before 7.3.1.3, and 7.4.0 before 7.7.0. The CVSS 4.0 base score is...
CVE-2026-2675 Missing Authentication for Critical Function vulnerability in RTI Connext Professional (Security Plugins) allows Fake the Source of Data.
Missing Authentication for Critical Function vulnerability in RTI Connext Professional Security Plugins allows Fake the Source of Data.This issue affects Connext Professional: from 7.4.0 before 7.7.0, from 7.0.0 before 7.3.1.3, from 6.1.0 before 6.1., from 6.0.0 before 6.0., from 5.3.0 before 5.3...
CVE-2026-2467
Technical details (affected products, versions, root cause, impact, or remediation) are not publicly provided in the supplied documents; monitor for updates.
PT-2026-50504
Name of the Vulnerable Software and Affected Versions RTI Connext Professional versions 6.1.0 through 6.1.x RTI Connext Professional versions 7.0.0 through 7.3.1.2 RTI Connext Professional versions 7.4.0 through 7.6.x Description An out-of-bounds write issue exists within the Queueing Service, Co...
PT-2026-50503
Name of the Vulnerable Software and Affected Versions Connext Professional versions 7.4.0 through 7.6.x Connext Professional versions 7.0.0 through 7.3.1.2 Connext Professional versions 6.1.0 through 6.1.x Connext Professional versions 6.0.0 through 6.0.x Connext Professional versions 5.3.0 throu...
PT-2026-50514
Name of the Vulnerable Software and Affected Versions RTI Connext Professional Web Integration Service versions 6.1.2 through 6.1.x RTI Connext Professional Web Integration Service versions 7.0.0 through 7.3.1.2 RTI Connext Professional Web Integration Service versions 7.4.0 through 7.x Descripti...
GHSA-WQCR-7RF3-F64M Singluarity: Incorrect path matching for 'limit container paths' directive
Impact The limit container paths directive in singularity.conf is intended to allow a system administrator limit the paths from which containers can be run, under setuid mode. Due to incorrect matching of a path string, sibling directories with similar names may incorrectly be allowed. For exampl...
CVE-2026-9241
The FOX – Currency Switcher Professional for WooCommerce plugin for WordPress is vulnerable to Authorization Bypass Through User-Controlled Key in all versions up to and including 1.4.6. This is due to the getvalue function in classes/fixed/fixeduserrole.php trusting the attacker-controlled...
CVE-2026-9241 FOX – Currency Switcher Professional for WooCommerce <= 1.4.6 - Authenticated (Subscriber+) Authorization Bypass via User-Controlled Key to 'wooc_order_user_roles' Parameter
The FOX – Currency Switcher Professional for WooCommerce plugin for WordPress is vulnerable to Authorization Bypass Through User-Controlled Key in all versions up to and including 1.4.6. This is due to the getvalue function in classes/fixed/fixeduserrole.php trusting the attacker-controlled...
CVE-2026-9241 FOX – Currency Switcher Professional for WooCommerce <= 1.4.6 - Authenticated (Subscriber+) Authorization Bypass via User-Controlled Key to 'wooc_order_user_roles' Parameter
The FOX – Currency Switcher Professional for WooCommerce plugin for WordPress is vulnerable to Authorization Bypass Through User-Controlled Key in all versions up to and including 1.4.6. This is due to the getvalue function in classes/fixed/fixeduserrole.php trusting the attacker-controlled...
Exploit for CVE-2025-39247
CVE-2025-39247 - Target: HikCentral Professional HCMP, c...
shadow-pentest
🖤 Shadow Pentest Framework v1.0 Automated CVE Discovery & E...
AMD多款产品 缓冲区错误漏洞
AMD Radeon is a set of device driver and utility software packages developed by American semiconductor company AMD for Advanced Micro Devices’ graphics cards and GPUs. Several AMD products have a buffer error vulnerability, which stems from insufficient parameter cleaning. This vulnerability may...
CVE-2026-1749
There is an Access Control Vulnerability in some HikCentral Professional versions. This could allow an unauthenticated user to obtain the admin permission...
CVE-2026-1749
There is an Access Control Vulnerability in some HikCentral Professional versions. This could allow an unauthenticated user to obtain the admin permission...
CVE-2026-1749
There is an Access Control Vulnerability in some HikCentral Professional versions. This could allow an unauthenticated user to obtain the admin permission...
CVE-2026-1749
There is an Access Control Vulnerability in some HikCentral Professional versions. This could allow an unauthenticated user to obtain the admin permission...
CVE-2026-1749
CVE-2026-1749 affects HikCentral Professional (some versions) with an Access Control vulnerability that could allow an unauthenticated user to obtain admin permissions. The NVD/Hikvision disclosures indicate the issue stems from inadequate access control, enabling elevated privileges and compromi...
EUVD-2026-28905
There is an Access Control Vulnerability in some HikCentral Professional versions. This could allow an unauthenticated user to obtain the admin permission...