661 matches found
2026-07 Cumulative Update for Windows 10 Version 1607 for x64-based Systems (KB5099535)
2026-07 Cumulative Update for Windows 10 Version 1607 for x64-based Systems KB5099535...
2026-07 Security and Quality Rollup for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012 R2 for x64 (KB5102205)
2026-07 Security and Quality Rollup for .NET Framework 3.5, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012 R2 for x64 KB5102205...
2026-07 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 21H2 for x64 (KB5102202)
2026-07 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Windows 10 Version 21H2 for x64 KB5102202...
2026-07 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Microsoft server operating system version 21H2 for x64 (KB5102206)
2026-07 Cumulative Update for .NET Framework 3.5, 4.8 and 4.8.1 for Microsoft server operating system version 21H2 for x64 KB5102206...
July 14, 2026-KB5101000 Cumulative Update for .NET Framework 3.5 and 4.8.1 for Windows 10 Version 21H2 and Windows 10 Version 22H2
None None...
July 14, 2026-KB5101008 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10, version 1809 and Windows Server 2019
None None...
July 14, 2026-KB5101010 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows Server 2022
None None...
July 14, 2026-KB5101006 Cumulative Update for .NET Framework 3.5 and 4.8 for Windows 10 Version 21H2 and Windows 10 Version 22H2
None None...
WordPress WP Customer Area plugin <= 8.3.5 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by zaim in WordPress Plugin WP Customer Area versions = 8.3.5...
EUVD-2026-41469
The Cookie Banner for GDPR / CCPA – WPLP Cookie Consent plugin for WordPress is vulnerable to generic SQL Injection via the 's' parameter in all versions up to, and including, 4.3.5 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL...
PT-2026-55053
Name of the Vulnerable Software and Affected Versions WPIDE – File Manager & Code Editor versions prior to 3.5.7 Description An unauthenticated Cross Site Request Forgery CSRF issue exists. CSRF is a flaw that allows an attacker to trick a victim into performing actions they did not intend to do ...
CVE-2026-6953
CVE-2026-6953 describes an HTML injection in Intermark IT's WebControl CMS v3.5. The vulnerability allows an attacker to send HTML-containing content to a victim via the contact form by crafting a request to /processContact.do with parameters such as nombreApellidos, dirección, and comentarios. A...
EUVD-2026-38425
Totolink EX1200L router is vulnerable to Buffer Overflow in the login functionality in cgi-bin/cstecgi.cgi endpoint. This vulnerability could be exploited to cause the program to crash and to execute code remotely. This allows the attacker to perform actions as root including reading and editing...
CVE-2026-48997
e107 is a content management system CMS. Versions 2.3.5 and earlier contain a command injection vulnerability in the ImageMagick resize destination path. In resizeimage, the source path is escaped with escapeshellarg, but the destination path is inserted inside raw double quotes in the convert...
CVE-2026-22339
Unauthenticated Cross Site Scripting XSS in WPJobster = 6.3.5 versions...
CVE-2026-35327
creationtimestamp| type| source ---|---|--- 2026-06-16 21:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=1923 2026-06-17 05:31:59+00:00| seen| https://www.acn.gov.it/portale/w/critical-patch-update-di-oracle-8...
CVE-2026-35319
Technical details for CVE-2026-35319 are not provided in the supplied documents; no affected products, versions, or exploit information are disclosed here. Monitor for updates.
CVE-2026-35282
Technical details for CVE-2026-35282 are not publicly provided in the supplied documents. Monitor for updates from Oracle security alerts and CVE records.
PT-2026-49518
Unauthenticated SQL Injection in eCommerce Product Catalog = 3.5.5 versions...
CVE-2026-47260
Koel is a free, open-source music streaming solution. Prior to version 9.3.5, Koel validates the podcast feed URL via the SafeUrl rule DNS resolution + public IP check, but the individual episode values extracted from the RSS XML are stored directly into the database without any SSRF validation...