Unity Linux 20.1060e / 20.1070e Security Update: SDL (UTSA-2026-017566)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017566 advisory. SDL Simple DirectMedia Layer through 1.2.15 and 2.x through 2.0.9 has a heap-based buffer over-read in IMAADPCMdecode in audio/SDLwave.c. Tenable has extracted the...

Astra Linux - уязвимость в libsdl1.2, libsdl2

In SDLGetRGB in the video/SDLpixels.c file, there is a heap-based buffer over-read issue in versions from 1.2.15 up to 2.x, and from 2.0.9 onwards...

Astra Linux - уязвимость в libsdl1.2, libsdl2

SDL Simple DirectMediaLayer from version 1.2.15 to 2.x, and from version 2.0.9 to 2.0.9, has a heap-based buffer overflow issue in the MSADPCMDecode function within audio/SDLwave.c...

CVE-2026-24550

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Kaira Blockons blockons allows Stored XSS.This issue affects Blockons: from n/a through = 1.2.19...

CVE-2026-24550

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Kaira Blockons blockons allows Stored XSS.This issue affects Blockons: from n/a through = 1.2.19...

CVE-2026-24550

CVE-2026-24550 concerns the WordPress Blockons plugin (vulnerable: 1.2.15.

CVE-2026-24550

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Kaira Blockons blockons allows Stored XSS.This issue affects Blockons: from n/a through = 1.2.15...

PT-2026-4394

Name of the Vulnerable Software and Affected Versions Kaira Blockons versions through 1.2.15 Description The software contains a flaw related to improper input handling during web page generation, which allows for Stored Cross-site Scripting XSS. This means that malicious scripts can be stored on...

CVE-2025-69061 WordPress MoveMe theme <= 1.2.15 - Local File Inclusion vulnerability

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes MoveMe moveme allows PHP Local File Inclusion.This issue affects MoveMe: from n/a through = 1.2.15...

PT-2026-4149

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in AncoraThemes MoveMe moveme allows PHP Local File Inclusion.This issue affects MoveMe: from n/a through = 1.2.15...

CVE-2025-14360

Missing Authorization vulnerability in Kaira Blockons blockons allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Blockons: from n/a through = 1.2.19...

CVE-2025-14360 WordPress Blockons plugin <= 1.2.19 - Broken Access Control vulnerability

Missing Authorization vulnerability in Kaira Blockons blockons allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Blockons: from n/a through = 1.2.19...

PT-2026-1738

Name of the Vulnerable Software and Affected Versions Kaira Blockons versions through 1.2.15 Description A missing authorization issue exists in Kaira Blockons. The issue allows access to functionality that is not properly constrained by Access Control Lists ACLs. Recommendations Update Kaira...

WordPress MoveMe theme <= 1.2.15 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Bonds in WordPress Theme MoveMe versions = 1.2.15...

CVE-2025-14018

CVE-2025-14018 describes an Unquoted Search Path or Element vulnerability in NetBT Consulting Services Inc. E-Fatura prior to version 1.2.15. The root cause is unquoted configuration/file search paths that can be manipulated to redirect access to libraries. Impact per the sources is high confiden...

CVE-2025-14018 Unquoted Service Path in NetBT Consultancy's e-Fatura

Unquoted Search Path or Element vulnerability in NetBT Consulting Services Inc. E-Fatura allows Leveraging/Manipulating Configuration File Search Paths, Redirect Access to Libraries. This issue affects e-Fatura: before 1.2.15...

EUVD-2022-1657

Malicious code in bioql PyPI...

EUVD-2025-11744

Malicious code in bioql PyPI...

WordPress Credit Card Experience Theme <= 1.2.15 is vulnerable to Local File Inclusion

Software Credit Card Experience Type Theme Vulnerable versions = 1.2.15 Fixed in N/A OWASP Top 10 A3: Injection Classification Local File Inclusion CVE CVE-2025-26592 Patch priority High CVSS severity High 8.1 Developer Claim ownership PSID 660aaadb7556 Credits Tran Nguyen Bao Khanh VCI - VNPT...

CVE-2025-48914

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Drupal COOKiES Consent Management allows Cross-Site Scripting XSS.This issue affects COOKiES Consent Management: from 0.0.0 before 1.2.15...