PT-2026-26855

The REST API TO MiniProgram plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 5.1.2. This is due to the permission callback update user wechatshop info permissions check only validating that the supplied 'openid' parameter corresponds to ...

CVE-2026-1336

The AI ChatBot with ChatGPT and Content Generator by AYS plugin for WordPress is vulnerable to unauthorized access and modification of data due to missing capability checks on the storedata and getchatgptapikey functions in all versions up to, and including, 2.7.5. This makes it possible for...

CVE-2026-1336

The CVE-2026-1336 entry concerns the AI ChatBot with ChatGPT and Content Generator by AYS WordPress plugin. It is vulnerable to unauthorized access and data modification due to missing capability checks in store_data() and get_chatgpt_api_key() for versions up to 2.7.5. Unauthenticated attackers ...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993250)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993250 advisory. In the Linux kernel, the following vulnerability has been resolved: s390/sclp: Prevent release of buffer in I/O When a task waiting for completion of a Store Data...

EUVD-2025-201413

File upload vulnerability in Fanvil x210 V2 2.12.20 allows unauthenticated attackers on the local network to store arbitrary files on the filesystem...

Siemens SCALANCE and RUGGEDCOM Devices Improper Input Validation (CVE-2024-44969)

s390/sclp: vulnerability could lead to data corruption if a Store Data operation is interrupted and the halt attempt fails, which was resolved by preventing the release of data buffers in such cases. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot...

CVE-2025-12979

The Welcart e-Commerce plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'uscesexport' action in all versions up to, and including, 2.11.24. This makes it possible for unauthenticated attackers to access configured payment credentials ex...

CVE-2025-12979

CVE-2025-12979 describes an unauthorized data exposure vulnerability in the WordPress plug‑in Welcart e-Commerce . A missing capability check on the usces_export action affects all versions up to and including 2.11.24 , allowing unauthenticated attackers to access sensitive data such as configure...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-990874)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990874 advisory. In the Linux kernel, the following vulnerability has been resolved: s390/sclp: Prevent release of buffer in I/O When a task waiting for completion of a Store Data...

Use of Hard-coded Cryptographic Key

Overview Affected versions of this package are vulnerable to Use of Hard-coded Cryptographic Key for encrypting sensitive configurations when NeuVector stores data. The static key can be used to retrieve configuration data. Remediation Upgrade github.com/neuvector/neuvector/controller/rest to...

EUVD-2004-2290

Malware in sbrugna...

pcp: pmcd heap corruption through metric pmstore operations

A vulnerability was found in Performance Co-Pilot PCP. This flaw allows an attacker to send specially crafted data to the system, which could cause the program to misbehave or crash...

SUSE CVE-2024-44969

In the Linux kernel, the following vulnerability has been resolved: s390/sclp: Prevent release of buffer in I/O When a task waiting for completion of a Store Data operation is interrupted, an attempt is made to halt this operation. If this attempt fails due to a hardware or firmware problem, ther...

AZL-49881 CVE-2024-44969 affecting package kernel for versions less than 5.15.167.1-1

In the Linux kernel, the following vulnerability has been resolved: s390/sclp: Prevent release of buffer in I/O When a task waiting for completion of a Store Data operation is interrupted, an attempt is made to halt this operation. If this attempt fails due to a hardware or firmware problem, ther...

DEBIAN-CVE-2024-44969

In the Linux kernel, the following vulnerability has been resolved: s390/sclp: Prevent release of buffer in I/O When a task waiting for completion of a Store Data operation is interrupted, an attempt is made to halt this operation. If this attempt fails due to a hardware or firmware problem, ther...

SUSE CVE-2021-47366

In the Linux kernel, the following vulnerability has been resolved: afs: Fix corruption in reads at fpos 2G-4G from an OpenAFS server AFS-3 has two data fetch RPC variants, FS.FetchData and FS.FetchData64, and Linux's afs client switches between them when talking to a non-YFS server if the read...

DEBIAN-CVE-2021-47366

In the Linux kernel, the following vulnerability has been resolved: afs: Fix corruption in reads at fpos 2G-4G from an OpenAFS server AFS-3 has two data fetch RPC variants, FS.FetchData and FS.FetchData64, and Linux's afs client switches between them when talking to a non-YFS server if the read...

SaaS in the Real World: How Global Food Chains Can Secure Their Digital Dish

The Quick Serve Restaurant QSR industry is built on consistency and shared resources. National chains like McDonald's and regional ones like Cracker Barrel grow faster by reusing the same business model, decor, and menu, with little change from one location to the next. QSR technology stacks mirr...

Important: kernel-livepatch-4.14.209-160.339

Issue Overview: A flaw was found in the Linux kernel's implementation of the Linux SCSI target host, where an authenticated attacker could write to any block on the exported SCSI device backing store. This flaw allows an authenticated attacker to send LIO block requests to the Linux system to...

Accusoft ImageGear Buffer Overflow Vulnerability (CNVD-2020-27757)

Accusoft ImageGear is a software development kit SDK for image processing from Accusoft, USA. A security vulnerability exists in the 'storedatabuffer' function of the igcore19d.dll library in Accusoft ImageGear version 19.5.0. An attacker can exploit the vulnerability to execute code with the hel...