CVE-2026-20767

Improper input validation for some IntelR QAT software drivers for Windows before version 1.13 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable escalation of privilege...

WordPress Granola theme <= 1.13 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Bonds in WordPress Theme Granola versions = 1.13...

CVE-2026-20881

Divide by zero for some IntelR QAT software drivers for Windows before version 1.13 within Ring 3: User Applications may allow a denial of service. Unprivileged software adversary with an authenticated user combined with a low complexity attack may enable denial of service. This result may...

CVE-2026-20793

CVE-2026-20793 concerns some Intel(R) QAT software drivers for Windows prior to version 1.13. The root cause is an unchecked return value in Ring 3 (User Applications), which may allow a local, low-complexity attack by an authenticated, unprivileged user to cause a denial of service. Impact is li...

CVE-2026-43504

An issue was discovered in Prosody before 0.12.6 and 1.0.0 through 13.0.0 before 13.0.5, when modproxy65 is enabled. Because modproxy65 mishandles access control in a paused scenario, relaying of unauthenticated traffic can occur...

CVE-2025-70027

An issue pertaining to CWE-918: Server-Side Request Forgery was discovered in Sunbird-Ed SunbirdEd-portal v1.13.4. This allows attackers to obtain sensitive information...

EUVD-2025-208435

An issue pertaining to CWE-79: Improper Neutralization of Input During Web Page Generation was discovered in Sunbird-Ed SunbirdEd-portal v1.13.4...

CVE-2025-70030

An issue pertaining to CWE-1333: Inefficient Regular Expression Complexity 4.19 was discovered in Sunbird-Ed SunbirdEd-portal v1.13.4...

PT-2026-24103

Name of the Vulnerable Software and Affected Versions Sunbird-Ed SunbirdEd-portal version 1.13.4 Description The software contains an issue related to inefficient regular expression complexity. The complexity of the regular expressions may lead to performance issues. Recommendations Update...

CVE-2026-26023

CVE-2026-26023 affects Dify’s web chat frontend when using echarts prior to version 1.13.0, enabling a client-side DOM XSS via inputs containing a specific JavaScript payload. The vulnerability, exploitable with network access and passive user interaction, has no confidentiality/integrity/availab...

[SECURITY] Fedora 43 Update: rust-rbw-1.13.2-5.fc43

Unofficial Bitwarden CLI...

Edimax EW-7438RPn 跨站请求伪造漏洞

The Edimax EW-7438RPn is a wireless signal extender produced by Edimax Corporation of Taiwan, China. Version 1.13 of the Edimax EW-7438RPn contains a cross-site request forgeing vulnerability. This vulnerability stems from a cross-site request forgeing flaw in the MAC filtering configuration...

CVE-2023-25068

Missing Authorization vulnerability in Mapro Collins Magazine Edge allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Magazine Edge: from n/a through 1.13...

WordPress BERTHA AI plugin <= 1.13 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin BERTHA AI versions = 1.13...

EUVD-2025-32704

A vulnerability was detected in jakowenko double-take up to 1.13.1. The impacted element is the function app.use of the file api/src/app.js of the component API. The manipulation of the argument X-Ingress-Path results in cross site scripting. The attack can be executed remotely. Upgrading to...

WordPress Chakra Theme <= 1.13.0 - Local File Inclusion Vulnerability

Local File Inclusion Vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Chakra versions = 1.13.0...

CVE-2025-7482

A vulnerability was found in PHPGurukul Vehicle Parking Management System 1.13. It has been declared as critical. This vulnerability affects unknown code of the file /users/print.php. The manipulation of the argument vid leads to sql injection. The attack can be initiated remotely. The exploit ha...

PT-2023-30783 · WordPress · Edoc Employee Job Application

Name of the Vulnerable Software and Affected Versions: eDoc Employee Job Application – Best WordPress Job Manager for Employees versions 1.13 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allo...

PT-2023-30145 · Jenkins · Jenkins Edgewall Trac Plugin +1

Name of the Vulnerable Software and Affected Versions: Jenkins Edgewall Trac Plugin versions 1.13 and earlier Description: The issue results in a stored cross-site scripting XSS vulnerability because the Trac website URL on the build page is not escaped. This vulnerability is exploitable by...

D-Link DAP-2660 安全漏洞

The D-Link DAP-2660 is a wireless device from China AUO D-Link. A security vulnerability exists in D-Link DAP-2660 v1.13, which stems from a buffer overflow vulnerability in the parameter fipv6enable. An attacker can exploit the vulnerability by designing a POST request...