CVE-2026-32453

Missing Authorization vulnerability in ThemeFusion Avada Core fusion-core allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Avada Core: from n/a through 5.15.0...

CVE-2026-32454 WordPress Avada Core plugin < 5.15.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in ThemeFusion Avada Core fusion-core allows DOM-Based XSS.This issue affects Avada Core: from n/a through 5.15.0...

WordPress plugin Avada Core 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There wa...

EUVD-2026-5120

Cross-site scripting vulnerability exists in Message function of Cybozu Garoon 5.15.0 to 6.0.3, which may allow an attacker to reset arbitrary users’ passwords...

CVE-2026-22881

Cross-site scripting vulnerability exists in Message function of Cybozu Garoon 5.15.0 to 6.0.3, which may allow an attacker to reset arbitrary users’ passwords...

CVE-2019-20859

An issue was discovered in Mattermost Server before 5.15.0. Login access control can be bypassed via crafted input...

CVE-2025-68398

Weblate is a web based localization tool. In versions prior to 5.15.1, it was possible to overwrite Git configuration remotely and override some of its behavior. Version 5.15.1 fixes the issue...

EUVD-2019-11396

Malware in sbrugna...

Unbreakable Enterprise kernel security update

5.15.0-304.171.4 - Revert 'unicode: Don't special case ignorable code points' Linus Torvalds - Revert 'mmc: dwmmc: Fix IDMAC operation with pages bigger than 4K' Aurelien Jarno - tcp: Fix use-after-free of nreq in reqsktimerhandler. Kuniyuki Iwashima - lib/buildid: Fix build ID parsing logic Jiri...

Unbreakable Enterprise kernel security update

5.15.0-300.163.18.1 - vhost/scsi: null-ptr-dereference in vhostscsigetreq Haoran Zhang Orabug: 37132350...

CVE-2023-36536

Untrusted search path in the installer for Zoom Rooms for Windows before version 5.15.0 may allow an authenticated user to enable an escalation of privilege via local access...

Zoom Rooms 安全漏洞

Zoom Rooms is a software-based conferencing system from Zoom USA. system that allows web conferencing on fixed endpoints, similar to traditional video conferencing systems. A security vulnerability previously existed in Zoom Rooms version 5.15.0, which stemmed from improper access control. It cou...

Zoom Client 安全漏洞

Zoom Client is a video conferencing client application from Zoom USA that supports multiple platforms. A security vulnerability previously existed in Zoom Client version 5.15.0 that stemmed from incorrect input validation. It could allow unauthorized users to achieve privilege escalation via...

CVE-2023-27384

Operation restriction bypass vulnerability in MultiReport of Cybozu Garoon 5.15.0 allows a remote authenticated attacker to alter the data of MultiReport...

Cybozu Garoon 安全漏洞

Cybozu Garoon is a portal-type OA office system from Cybozu Japan. The system provides portal, e-mail, bookmarks, scheduling, bulletin board, document management, and other functions. A security vulnerability exists in Cybozu Garoon version 5.15.0, which can be exploited by attackers to modify...

PT-2023-2934 · Cybozu · Cybozu Garoon

Name of the Vulnerable Software and Affected Versions: Cybozu Garoon version 5.15.0 Description: The issue is related to an operation restriction bypass vulnerability in the MultiReport component of Cybozu Garoon, which is associated with inadequate access control. This vulnerability can be...

Authentication flaw

European Chemicals Agency IUCLID 6.x before 6.27.6 allows authentication bypass because a weak hard-coded secret is used for JWT signing. The affected versions are 5.15.0 through 6.27.5...

Unbreakable Enterprise kernel security update

5.15.0-5.76.5.1 - proc: procskipspaces shouldn't think it is working on C strings Linus Torvalds Orabug: 34883037 CVE-2022-4378 - proc: avoid integer type confusion in getproclong Linus Torvalds Orabug: 34883037 CVE-2022-4378 5.15.0-5.76.5 - KVM: x86: Use SRCU to protect zap in...