CVE-2026-6441 Canto <= 3.1.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Setting Modification

The Canto plugin for WordPress is vulnerable to Missing Authorization in versions up to and including 3.1.1. This is due to the absence of any capability check or nonce verification in the updateOptions function, which is exposed via two AJAX hooks: wpajaxupdateOptions class-canto.php line 231 an...

CVE-2026-6441

CVE-2026-6441 affects the WordPress Canto plugin up to version 3.1.1. The vulnerability arises from Missing Authorization in updateOptions(), which lacks any capability checks or nonce verification. The vulnerable function is exposed via two AJAX hooks (wp_ajax_updateOptions and wp_ajax_fbc_updat...

PT-2026-22846

Trend Micro Apex Central Scheduled Update Server-Side Request Forgery Vulnerability...

Trend Micro Apex Central Scheduled Update Server-Side Request Forgery Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Trend Micro Apex Central. Authentication is required to exploit this vulnerability. The specific flaw exists within the handling of URLs in the Scheduled Update feature. By providing a crafte...

Toolkit - The Essential Toolkit For Reversing, Malware Analysis, And Cracking

This tool compilation is carefully crafted with the purpose of being useful both for the beginners and veterans from the malware analysis world. It has also proven useful for people trying their luck at the cracking underworld. It's the ideal complement to be used with the manuals from the site,...

GHSA-4G27-Q2W9-M8M8 Magento affected by remote code execution vulnerability in the CMS page scheduled update feature

Magento versions 2.4.2 and earlier, 2.4.2-p1 and earlier and 2.3.7 and earlier are affected by an Improper input validation vulnerability within the CMS page scheduled update feature. An authenticated attacker with administrative privilege could leverage this vulnerability to achieve remote code...

CVE-2021-36021

CVE-2021-36021 affects Magento Commerce CMS Page due to an Improper Input Validation in the CMS page scheduled update feature. Affected versions include Magento 2.4.2 and earlier, 2.4.2-p1 and earlier, and 2.3.7 and earlier. An authenticated administrator could leverage this to achieve remote cod...

CVE-2022-36174

FreshService Windows Agent 2.11.0 and FreshService macOS Agent 4.2.0 and FreshService Linux Agent 3.3.0. are vulnerable to Broken integrity checking via the FreshAgent client and scheduled update service...

CVE-2022-36173

FreshService macOS Agent 4.4.0 and FreshServce Linux Agent 3.4.0 are vulnerable to TLS Man-in-The-Middle via the FreshAgent client and scheduled update service...

Input validation

FreshService Windows Agent 2.11.0 and FreshService macOS Agent 4.2.0 and FreshService Linux Agent 3.3.0. are vulnerable to Broken integrity checking via the FreshAgent client and scheduled update service...

CVE-2022-36173

FreshService macOS Agent 4.4.0 and FreshServce Linux Agent 3.4.0 are vulnerable to TLS Man-in-The-Middle via the FreshAgent client and scheduled update service...

CVE-2022-36174

FreshService Windows Agent 2.11.0 and FreshService macOS Agent 4.2.0 and FreshService Linux Agent 3.3.0. are vulnerable to Broken integrity checking via the FreshAgent client and scheduled update service...

PT-2021-6734 · Adobe · Magento

Name of the Vulnerable Software and Affected Versions: Magento versions 2.4.2 and earlier, 2.4.2-p1 and earlier Magento versions 2.3.7 and earlier Description: The issue is caused by improper input validation within the CMS page scheduled update feature. An authenticated attacker with...

Debian Security Advisory DSA 2953-1 (dpkg - security update)

Multiple vulnerabilities were discovered in dpkg that allow file modification through path traversal when unpacking source packages with specially crafted patch files. This update had been scheduled before the end of security support for the oldstable distribution squeeze, hence an exception has...

Fedora Update for ack FEDORA-2013-23206

Check for the Version of ack OpenVAS Vulnerability Test Fedora Update for ack FEDORA-2013-23206 Authors: System Generated Check Copyright: Copyright C 2013 Greenbone Networks GmbH, http://www.greenbone.net This program is free software; you can redistribute it and/or modify it under the terms of...

Adobe to Patch Reader Information Leak Bug

Adobe is planning to patch a fairly low severity security vulnerability in all of the current versions of Reader and Acrobat that could enable an attacker to track which users have opened a certain PDF document. The vulnerability can’t be used for code execution, but researchers say it could be...