CVE-2026-6964 Video Conferencing with Zoom <= 4.6.7 - Missing Authorization to Unauthenticated Zoom SDK Credential Exposure via 'get_auth' AJAX Action

The Video Conferencing with Zoom plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 4.6.7. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for unauthenticated attackers to obtain...

WordPress Video Conferencing with Zoom plugin <= 4.6.7 - Missing Authorization to Unauthenticated Zoom SDK Credential Exposure vulnerability

Missing Authorization to Unauthenticated Zoom SDK Credential Exposure vulnerability discovered by aetta in WordPress Plugin Video Conferencing with Zoom versions = 4.6.7...

CVE-2026-1434

Omega-PSIR is affected by a Reflected XSS vulnerability in the lang parameter. An attacker can craft a malicious URL that, when opened by a user, causes arbitrary JavaScript to execute in the victim’s browser. The issue has a fixed version: 4.6.7. The CVSS data indicates Network attack vector, lo...

CVE-2026-1434

Omega-PSIR is vulnerable to Reflected XSS via the lang parameter. An attacker can craft a malicious URL that, when opened, causes arbitrary JavaScript to execute in the victim’s browser. This issue was fixed in 4.6.7...

CVE-2025-69024

Missing Authorization vulnerability in bizswoop BizPrint print-google-cloud-print-gcp-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects BizPrint: from n/a through = 4.6.7...

CVE-2025-69024

Technical details for CVE-2025-69024 are not provided in the supplied documents; no product/version, exploitation, or remediation specifics are available here—monitor for official updates.

PT-2025-53905

Name of the Vulnerable Software and Affected Versions bizswoop BizPrint versions through 4.6.7 Description An authorization issue exists within bizswoop BizPrint, allowing exploitation due to incorrectly configured access control security levels. This allows unauthorized access. Recommendations...

EUVD-2006-6277

Malware in sbrugna...

EUVD-2023-49370

Malicious code in bioql PyPI...

SUSE CVE-2019-10195

A flaw was found in IPA, all 4.6.x versions before 4.6.7, all 4.7.x versions before 4.7.4 and all 4.8.x versions before 4.8.3, in the way that FreeIPA's batch processing API logged operations. This included passing user passwords in clear text on FreeIPA masters. Batch processing of commands with...

WordPress YouTube Playlist Player Plugin <= 4.6.7 is vulnerable to Cross Site Scripting (XSS)

Software YouTube Playlist Player Type Plugin Vulnerable versions = 4.6.7 Fixed in 4.6.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-45049 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID a841ece82073 Credits yuyudhn Require...

PYSEC-2019-168

A flaw was found in IPA, all 4.6.x versions before 4.6.7, all 4.7.x versions before 4.7.4 and all 4.8.x versions before 4.8.3, in the way that FreeIPA's batch processing API logged operations. This included passing user passwords in clear text on FreeIPA masters. Batch processing of commands with...

MGASA-2017-0326 Updated samba packages fix security vulnerability

Jeffrey Altman, Viktor Dukhovni, and Nicolas Williams discovered that Samba clients incorrectly trusted unauthenticated portions of Kerberos tickets. A remote attacker could use this to impersonate trusted network servers or perform other attacks CVE-2017-11103. The samba package has been updated...

GLSA-200612-12 : F-PROT Antivirus: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200612-12 F-PROT Antivirus: Multiple vulnerabilities F-Prot Antivirus version 4.6.7 fixes a heap-based buffer overflow, an infinite loop, and other unspecified vulnerabilities. Impact : Among other weaker impacts, a remote attacke...

CVE-2006-6294

Multiple unspecified vulnerabilities in FRISK Software F-Prot Antivirus before 4.6.7 have unspecified impact and attack vectors. NOTE: this might be related to CVE-2006-6293, but it is not clear due to the vagueness of the report...