20857 matches found
PT-2026-49518
Unauthenticated SQL Injection in eCommerce Product Catalog = 3.5.5 versions...
PT-2026-49467
Unauthenticated Other Vulnerability Type in WpEvently = 5.3.3 versions...
PT-2026-49510
Unauthenticated Broken Authentication in Upsell Order Bump Offer for WooCommerce = 3.1.4 versions...
ROS-20260615-73-0042
The vulnerability of the persistentcachereadentryv3 function in the RDP client FreeRDP is related to buffer overflow in dynamic memory. Exploiting this vulnerability could allow an attacker to compromise the integrity and accessibility of protected information...
PT-2026-49449
Unauthenticated Cross Site Scripting XSS in Classified Listing = 5.3.8 versions...
PT-2026-49442
Unauthenticated Broken Access Control in Classified Listing = 5.3.8 versions...
PT-2026-49392
Unauthenticated Cross Site Scripting XSS in Paid Member Subscriptions = 2.17.3 versions...
PT-2026-49377
Name of the Vulnerable Software and Affected Versions ShortPixel Image Optimizer versions prior to 6.4.4 Description PHP Object Injection occurs in the software. This issue allows an attacker to inject malicious objects into the application, which can lead to unauthorized code execution or other...
PT-2026-49434
Unauthenticated SQL Injection in wpForo Forum = 3.0.4 versions...
PT-2026-49407
Unauthenticated Cross Site Scripting XSS in Notification for Telegram = 3.5 versions...
PT-2026-49488
Unauthenticated Broken Access Control in WPC Product Bundles for WooCommerce = 8.5.3 versions...
PT-2026-49445
Subscriber Broken Access Control in Classified Listing = 5.3.9 versions...
PT-2026-49422
Unauthenticated Broken Authentication in ReviewX = 2.3.6 versions...
PT-2026-49288
Name of the Vulnerable Software and Affected Versions OpenSIPS Control Panel versions prior to 9.3.3 Description A Time-Based Blind SQL Injection in the alias management module allows authenticated attackers to execute arbitrary SQL commands. This occurs via the 'table' GET parameter in the 'alia...
PT-2026-49479
Unauthenticated Cross Site Scripting XSS in MW WP Form = 5.1.3 versions...
Security update for cyrus-imapd (important)
openSUSE Security Update: Security update for cyrus-imapd Announcement ID: openSUSE-SU-2026:0204-1 Rating: important References: 1241536 1241543 1246165 1251788 Cross-References: CVE-2025-23394 CVE-2025-49812 CVSS scores: CVE-2025-49812 SUSE: 8.3...
python311-tornado6-6.5.7-1.1 on GA media (moderate)
python311-tornado6-6.5.7-1.1 on GA media Announcement ID: openSUSE-SU-2026:11027-1 Rating: moderate Cross-References: CVE-2026-49853 CVE-2026-49854 CVE-2026-49855 Affected Products: openSUSE Tumbleweed An update that solves 3 vulnerabilities can now be installed. Description: These are all securi...
python311-paramiko-5.0.0-1.1 on GA media (moderate)
python311-paramiko-5.0.0-1.1 on GA media Announcement ID: openSUSE-SU-2026:11025-1 Rating: moderate Cross-References: CVE-2018-1000805 CVE-2018-7750 CVE-2026-44405 CVSS scores: CVE-2018-1000805 SUSE : 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2018-7750 SUSE : 10...
CVE-2026-12197
The CVE-2026-12197 affects Ruijie EG105G-P (firmware 2.340). The issue resides in the nslookup function of /cgi-bin/luci/api/diagnose (JSON-RPC Diagnose Endpoint), where manipulating the params.target argument leads to command injection. It enables remote initiation of an attack, with an exploit ...
CVE-2026-54413
creationtimestamp| type| source ---|---|--- 2026-06-14 19:57:59+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mobkka4mwn22 2026-06-14 20:00:31+00:00| seen| https://infosec.exchange/users/offseq/statuses/116750236419774889 2026-06-14 20:00:33+00:00| seen|...