21900 matches found
CGA-65HC-3F87-9R9R
Bulletin has no description...
CGA-2RX6-Q92R-6R9F
Bulletin has no description...
CGA-5JHV-V673-4W63
Bulletin has no description...
WordPress Fluent Forms - Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder plugin <= 6.1.21 - Insecure Direct Object Reference in Stripe SCA Confirmation to Unauthenticated Payment Status Modification vulnerability
WordPress Fluent Forms - Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder plugin = 6.1.21 - Insecure Direct Object Reference in Stripe SCA Confirmation to Unauthenticated Payment Status Modification vulnerability discovered by Prickly Cactus in WordPress Plugin FluentForm...
reconauto
reconauto Automated b...
EUVD-2026-23356
The LatePoint plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.3.2. The vulnerability exists because the OsStripeConnectController::createpaymentintentfortransaction action is registered as a public action no authentication required an...
CVE-2026-5234
The LatePoint plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.3.2. The vulnerability exists because the OsStripeConnectController::createpaymentintentfortransaction action is registered as a public action no authentication required an...
CVE-2026-5234
The LatePoint WordPress plugin (versions
CVE-2026-5234 LatePoint <= 5.3.2 - Insecure Direct Object Reference to Unauthenticated Sensitive Financial Data Exposure via Sequential Invoice ID
The LatePoint plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.3.2. The vulnerability exists because the OsStripeConnectController::createpaymentintentfortransaction action is registered as a public action no authentication required an...
WordPress LatePoint plugin <= 5.3.2 - Insecure Direct Object Reference to Unauthenticated Sensitive Financial Data Exposure via Sequential Invoice ID vulnerability
Insecure Direct Object Reference to Unauthenticated Sensitive Financial Data Exposure via Sequential Invoice ID vulnerability discovered by darkmode in WordPress Plugin LatePoint versions = 5.3.2...
AlmaLinux 9 : .NET 8.0 (ALSA-2026:8469)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:8469 advisory. dotnet: .NET: Security Bypass and Denial of Service Vulnerability CVE-2026-26171 dotnet: .NET: Denial of Service via stack overflow CVE-2026-32203 dotnet:...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007615)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007615 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: prevent A-MSDU attacks in mesh networks This patch is a mitigation to prevent the A-MSDU...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007460)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007460 advisory. In the Linux kernel, the following vulnerability has been resolved: mm/hwpoison: clear MFCOUNTINCREASED before retrying getanypage Hulk Robot reported a panic in...
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization in the ConfigMap context loader due to missing validation of the namespace value. An attacker can access sensitive data from ConfigMaps in unauthorized namespaces by creating a policy that references another...
EUVD-2026-23288
In OCaml opam before 2.5.1, a .install field containing a destination filepath can use ../ to reach a parent directory...
EUVD-2026-23237
The Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder plugin for WordPress is vulnerable to Insecure Direct Object Reference via the 'submissionid' parameter in versions up to, and including, 6.1.21. This is due to missing authorization and ownership validatio...
CVE-2026-4160
The Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder plugin for WordPress is vulnerable to Insecure Direct Object Reference via the 'submissionid' parameter in versions up to, and including, 6.1.21. This is due to missing authorization and ownership validatio...
CVE-2026-4160
The Fluent Forms – Customizable Contact Forms, Survey, Quiz, & Conversational Form Builder plugin for WordPress is vulnerable to Insecure Direct Object Reference via the 'submissionid' parameter in versions up to, and including, 6.1.21. This is due to missing authorization and ownership validatio...
Security Bulletin: IBM SOAR QRadar Plugin App is vulnerable to using components with known vulnerabilities
Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. IBM SOAR QRadar Plugin App has addressed the applicable CVEs with an update. Vulnerability Details CVEID:CVE-2025-68146 DESCRIPTION: filelock is a...
CVE-2026-33093
creationtimestamp| type| source ---|---|--- 2026-04-16 10:00:00+00:00| seen| https://www.cisa.gov/news-events/ics-advisories/icsa-26-106-03...