EUVD-2020-30818

Various Ruijie Gateway EG and NBR models firmware versions 11.16B9P1 11.94B12P1 contain a code execution vulnerability in the EWEB management system that can be abused via front-end functionality. Attackers can exploit front-end code when features such as guest authentication, local server...

CVE-2020-36870

Various Ruijie Gateway EG and NBR models firmware versions 11.16B9P1 11.94B12P1 contain a code execution vulnerability in the EWEB management system that can be abused via front-end functionality. Attackers can exploit front-end code when features such as guest authentication, local server...

CVE-2020-36870 Ruijie Gateway EG & NBR Models v11.1(6)B9P1 - 11.9(4)B12P1 RCE

Various Ruijie Gateway EG and NBR models firmware versions 11.16B9P1 11.94B12P1 contain a code execution vulnerability in the EWEB management system that can be abused via front-end functionality. Attackers can exploit front-end code when features such as guest authentication, local server...

CVE-2020-36870 Ruijie Gateway EG & NBR Models v11.1(6)B9P1 - 11.9(4)B12P1 RCE

Various Ruijie Gateway EG and NBR models firmware versions 11.16B9P1 11.94B12P1 contain a code execution vulnerability in the EWEB management system that can be abused via front-end functionality. Attackers can exploit front-end code when features such as guest authentication, local server...

CVE-2020-36870

CVE-2020-36870 affects Ruijie Gateway EG and Ruijie NBR series (firmware versions 11.1(6)B9P1 through 11.9(4)B12P1 are vulnerable). Root cause is a code execution vulnerability in the EWEB management system that can be abused via front-end functionality; when features such as guest authentication...

PT-2025-45510

Name of the Vulnerable Software and Affected Versions Ruijie Gateway EG and NBR models versions 11.16B9P1 through 11.94B12P1 Description The EWEB management system in various Ruijie Gateway EG and NBR models contains a code execution issue. Attackers can exploit front-end code when features like...

VulnCheck KEV: CVE-2020-36870

Various Ruijie Gateway EG and NBR models firmware versions 11.16B9P1 11.94B12P1 contain a code execution vulnerability in the EWEB management system that can be abused via front-end functionality. Attackers can exploit front-end code when features such as guest authentication, local server...

Take control of your privacy with updates on Malwarebytes for Windows

It’s getting harder to keep your Windows space truly yours, as Microsoft increasingly serves annoying ads and tracks your data across third-party apps. Pushing back against your eroding privacy has been a scattered and sometimes complicated process… but we're making it easier for you. With the...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990549)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990549 advisory. In the Linux kernel, the following vulnerability has been resolved: tty: Fix out-of-bound vmalloc access in imageblit This issue happens when a userspace program doe...

CVE-2025-12069

The WP Global Screen Options plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.2. This is due to missing nonce validation on the updatewpglobalscreenoptions action handler. This makes it possible for unauthenticated attackers to modify global...

CVE-2025-43452

This issue was addressed by restricting options offered on a locked device. This issue is fixed in iOS 26.1 and iPadOS 26.1. Keyboard suggestions may display sensitive information on the lock screen...

CVE-2025-43408

This issue was addressed by restricting options offered on a locked device. This issue is fixed in macOS Sequoia 15.7.2, macOS Sonoma 14.8.2, macOS Tahoe 26.1. An attacker with physical access may be able to access contacts from the lock screen...

CVE-2025-43309

A logic issue was addressed with improved checks. This issue is fixed in iOS 26 and iPadOS 26. An attacker with physical access to an iOS device may be able to view notification contents from the Lock Screen...

CVE-2025-43350

A permissions issue was addressed with additional restrictions. This issue is fixed in iOS 26.1 and iPadOS 26.1. An attacker may be able to view restricted content from the lock screen...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989251)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989251 advisory. In the Linux kernel, the following vulnerability has been resolved: tty: Fix out-of-bound vmalloc access in imageblit This issue happens when a userspace program doe...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990071)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990071 advisory. In the Linux kernel, the following vulnerability has been resolved: vcscreen: move load of struct vcdata pointer in vcsread to avoid UAF After a call to consoleunloc...

WordPress WP Global Screen Options plugin <= 0.2 - Cross-Site Request Forgery to Screen Options Update vulnerability

Cross-Site Request Forgery to Screen Options Update vulnerability discovered by Nabil Irawan - Heroes Cyber Security in WordPress Plugin WP Global Screen Options versions = 0.2...

CVE-2025-12069

The WP Global Screen Options plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.2. This is due to missing nonce validation on the updatewpglobalscreenoptions action handler. This makes it possible for unauthenticated attackers to modify global...

CVE-2025-12069

CVE-2025-12069 concerns the WP Global Screen Options WordPress plugin (versions

CVE-2025-12069 WP Global Screen Options <= 0.2 - Cross-Site Request Forgery to Screen Options Update

The WP Global Screen Options plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.2. This is due to missing nonce validation on the updatewpglobalscreenoptions action handler. This makes it possible for unauthenticated attackers to modify global...