EUVD-2026-11901

Missing Authorization vulnerability in linethemes SmartFix smartfix allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SmartFix: from n/a through 1.2.4...

CVE-2026-32391 WordPress SmartFix theme < 1.2.4 - Broken Access Control vulnerability

Missing Authorization vulnerability in linethemes SmartFix smartfix allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects SmartFix: from n/a through 1.2.4...

CVE-2026-22228

An authenticated user with high privileges may trigger a denial‑of‑service condition in TP-Link Archer BE230 v1.2 by restoring a crafted configuration file containing an excessively long parameter. Restoring such a file can cause the device to become unresponsive, requiring a reboot to restore...

CVE-2026-0631

The CVE-2026-0631 issue affects TP-Link Archer BE230 v1.2 (vpn modules) with firmware older than 1.2.4 Build 20251218 rel.70420. It is described as an OS Command Injection that allows an adjacent authenticated attacker to execute arbitrary code, potentially gaining full administrative control and...

PT-2026-5691

A command injection vulnerability may be exploited after the admin's authentication via the configuration backup restoration function of the TP-Link Archer BE230 v1.2. Successful exploitation could allow an attacker to gain full administrative control of the device, resulting in severe compromise...

ZimaOS 安全漏洞

ZimaOS is an open source operating system project from IceWhaleTech that aims to provide a lightweight, high-performance, secure operating system environment. A security vulnerability exists in ZimaOS prior to version 1.2.4, which stems from the API endpoint /v21/file in ZimaOS being vulnerable t...

Yaklang Security Vulnerability

Yaklang is an open source programming language designed for network security by the yaklang.io Project. A security vulnerability exists in versions prior to Yaklang 1.2.4-sp1. Attackers can use the vulnerability to obtain sensitive information...

WordPress plugin Themify Portfolio Post 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

SUSE CVE-2017-6820

rcubeutils.php in Roundcube before 1.1.8 and 1.2.x before 1.2.4 is susceptible to a cross-site scripting vulnerability via a crafted Cascading Style Sheets CSS token sequence within an SVG element...

CVE-2022-2128

Unrestricted Upload of File with Dangerous Type in GitHub repository polonel/trudesk prior to 1.2.4...

PT-2022-14454 · Unknown · Polonel/Trudesk

Name of the Vulnerable Software and Affected Versions: polonel/trudesk versions prior to 1.2.4 Description: The issue concerns the incorrect use of privileged APIs in the GitHub repository polonel/trudesk. Recommendations: For versions prior to 1.2.4, update to version 1.2.4 or later to resolve t...

CVE-2016-1148

Akerun - Smart Lock Robot App for iOS before 1.2.4 does not verify SSL certificates...