WordPress New User Approve plugin <= 3.2.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Phat RiO in WordPress Plugin New User Approve versions = 3.2.3...

Fedora 42 : freerdp (2026-53fe996a57)

The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-53fe996a57 advisory. Update to 3.23.0 to fix CVE-2026-26965, CVE-2026-26955, CVE-2026-26271, CVE-2026-25997, CVE-2026-25959, CVE-2026-25955, CVE-2026-25954,...

CVE-2026-27951 FreeRDP has possible Integer overflow in Stream_EnsureCapacity

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to version 3.23.0, the function StreamEnsureCapacity can create an endless blocking loop. This may affect all client and server implementations using FreeRDP. For practical exploitation this will only work on 32bit systems whe...

PT-2026-22021

Name of the Vulnerable Software and Affected Versions FreeRDP versions prior to 3.23.0 Description FreeRDP is a free implementation of the Remote Desktop Protocol. A previous fix for a heap-use-after-free issue was incomplete. The vulnerable code exists in the SDL2 implementation, where a pointer...

CVE-2025-33237

creationtimestamp| type| source ---|---|--- 2026-01-28 20:01:21+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mdj2u5cl322r...

CVE-2022-49323

creationtimestamp| type| source ---|---|--- 2025-12-03 14:14:49+00:00| seen| https://vulnerability.circl.lu/bundle/816dcc8e-f25a-4895-9b59-1bbd9caeccb8...

CVE-2025-10295 Angel – Fashion Model Agency WordPress CMS Theme <= 3.2.3 - Authenticated (Subscriber+) Stored Cross-Site Scripting

The Angel – Fashion Model Agency WordPress CMS Theme theme for WordPress is vulnerable to Stored Cross-Site Scripting the profile media uploader in all versions up to, and including, 3.2.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...

CVE-2022-50323

In the Linux kernel, the following vulnerability has been resolved: net: do not sense pfmemalloc status in skbappendpagefrags skbappendpagefrags is used by afunix and udp sendpage implementation so far. In commit 326140063946 "tcp: TX zerocopy should not sense pfmemalloc status" we explained why ...

CVE-2023-37535

Insufficient URI protocol whitelist in HCL Domino Volt and Domino Leap allow script injection through query parameters...

WordPress Strong Testimonials plugin <= 3.2.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Revan Arifio Patchstack Alliance in WordPress Plugin Strong Testimonials versions = 3.2.3...

CVE-2023-37482

The login functionality of the web server in affected devices does not normalize the response times of login attempts. An unauthenticated remote attacker could exploit this side-channel information to distinguish between valid and invalid usernames...

CVE-2024-39551

An Uncontrolled Resource Consumption vulnerability in the H.323 ALG Application Layer Gateway of Juniper Networks Junos OS on SRX Series and MX Series with SPC3 and MS-MPC/MIC, allows an unauthenticated network-based attacker to send specific packets causing traffic loss leading to Denial of...

WordPress Fluid Notification Bar plugin <= 3.2.3 - Authenticated (Admin+) Stored Cross-Site Scripting vulnerability

Authenticated Admin+ Stored Cross-Site Scripting vulnerability discovered by Benedictus Jovan aillesiM in WordPress Plugin Fluid Notification Bar versions = 3.2.3...

UBUNTU-CVE-2024-31047

An issue in Academy Software Foundation openexr v.3.2.3 and before allows a local attacker to cause a denial of service DoS via the convert function of exrmultipart.cpp...

OpenEXR 安全漏洞

OpenEXR is an open standard for high dynamic range image HDR file formats. A security vulnerability exists in OpenEXR version v.3.2.3 and earlier. An attacker could exploit this vulnerability to cause a denial of service DoS via the conversion function in exrmultipart.cpp...

CVE-2023-32878

In battery, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308070; Issue ID: ALPS08307992...

CVE-2023-6174 Out-of-bounds Read in Wireshark

SSH dissector crash in Wireshark 4.0.0 to 4.0.10 allows denial of service via packet injection or crafted capture file...

CVE-2023-39805

creationtimestamp| type| source ---|---|--- 2023-08-11 00:16:11+00:00| seen| https://t.me/cibsecurity/68257...

DEBIAN-CVE-2023-32324

OpenPrinting CUPS is an open source printing system. In versions 2.4.2 and prior, a heap buffer overflow vulnerability would allow a remote attacker to launch a denial of service DoS attack. A buffer overflow vulnerability in the function formatlogline could allow remote attackers to cause a DoS ...

CVE-2023-31618

creationtimestamp| type| source ---|---|--- 2023-05-15 18:29:58+00:00| seen| https://t.me/cibsecurity/64158...