Security Bulletin: A vulnerability has been identified in IBM DevOps Plan that allows a Host Header Injection attack due to improper handling of the Host header in HTTP requests. (CVE-2026-4096)

Summary A vulnerability has been identified in IBM DevOps Plan that allows a Host Header Injection attack due to improper handling of the Host header in HTTP requests. Version 3.0.7 addresses the vulnerability. Vulnerability Details CVEID:CVE-2026-4096 DESCRIPTION: IBM DevOps Plan is vulnerable t...

CVE-2026-27071 WordPress WPCafe plugin <= 3.0.7 - Broken Access Control vulnerability

Missing Authorization vulnerability in Arraytics WPCafe wp-cafe allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WPCafe: from n/a through = 3.0.7...

CVE-2026-25391 WordPress WP Wand plugin <= 1.3.07 - Broken Access Control vulnerability

Missing Authorization vulnerability in WP Grids WP Wand ai-content-generation allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Wand: from n/a through = 1.3.07...

CVE-2025-10740 URL Shortener Plugin For WordPress <= 3.0.7 - Missing Authorization to Authenticated (Subscriber+) Link Manipulation

The URL Shortener Plugin For WordPress plugin for WordPress is vulnerable to unauthorized access to functionality provided by the API due to a missing capability check on the verifyRequest function in all versions up to, and including, 3.0.7. This makes it possible for authenticated attackers, wi...

Linux Distros Unpatched Vulnerability : CVE-2022-3602

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain...

IBM Tivoli Monitoring 安全漏洞

IBM Tivoli Monitoring is a suite of system monitoring software from International Business Machines IBM. The software supports detection of system bottlenecks and potential problems, performance monitoring of essential system resources, automatic recovery from critical situations, and more. A...

CVE-2024-49311

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WisdmLabs Edwiser Bridge edwiser-bridge allows Stored XSS.This issue affects Edwiser Bridge: from n/a through = 3.0.7...

CVE-2023-43037 IBM Maximo Application Suite improper access control

IBM Maximo Application Suite 8.11 and 9.0 could allow an authenticated user to perform unauthorized actions due to improper input validation...

Canon Multiple Products Buffer Error Vulnerability

Canon Color imageCLASS is a series of printers from Canon Japan. A security vulnerability exists in several Canon products. The vulnerability can be exploited by an attacker to execute arbitrary code. The following products and versions are affected: Satera LBP670C Series, Satera MF750C Series...

Canon Multiple Products Buffer Error Vulnerability

Canon Color imageCLASS is a series of printers from Canon Japan. A security vulnerability exists in several Canon products. The vulnerability can be exploited by an attacker to execute arbitrary code. The following products and versions are affected: Satera LBP670C Series, Satera MF750C Series...

CVE-2023-32878

In battery, there is a possible information disclosure due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS08308070; Issue ID: ALPS08307992...

CVE-2023-46307

Summary: CVE-2023-46307 affects etcd-browser (build 87ae63d75260). The vulnerability is in server.js and enables a directory traversal by supplying a /../../../ path in the URL in a remote-connection context, allowing retrieval of local operating system files on the remote system. Impact: potenti...

ALPINE-CVE-2022-3602

A buffer overrun can be triggered in X.509 certificate verification, specifically in name constraint checking. Note that this occurs after certificate chain signature verification and requires either a CA to have signed the malicious certificate or for the application to continue certificate...

CVE-2022-29307

creationtimestamp| type| source ---|---|--- 2022-05-12 20:42:16+00:00| seen| https://t.me/cibsecurity/42528...

UBUNTU-CVE-2019-5439

A Buffer Overflow in VLC Media Player 3.0.7 causes a crash which can possibly be further developed into a remote code execution exploit...