9 matches found
CVE-2026-8491
Improper Check for Unusual or Exceptional Conditions vulnerability in Drupal Node View Permissions allows Forceful Browsing. This issue affects Node View Permissions: from 0.0.0 before 1.7.0, from 2.0.0 before 2.0.1...
CVE-2026-8491
CVE-2026-8491 involves an improper check in the Drupal Node View Permissions module that permits forceful browsing. Affected are Node View Permissions 0.0.0–1.6.x and 2.0.0–2.0.0, where cancelled users’ content reassigned to anonymous users could be exposed. Remediation: upgrade to 1.7.0 (for 0.0...
Unity Linux 20.1060e / 20.1070e Security Update: linuxptp (UTSA-2026-017411)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017411 advisory. A flaw was found in the ptp4l program of the linuxptp package. When ptp4l is operating on a little-endian architecture as a PTP transparent clock, a remote attacker...
WordPress Lendiz theme < 2.0.1 - Arbitrary File Upload vulnerability
Arbitrary File Upload vulnerability discovered by Tran Nguyen Bao Khanh VCI - VNPT Cyber Immunity in WordPress Theme Lendiz versions 2.0.1...
CVE-2025-13984 Next.js - Critical - Access bypass - SA-CONTRIB-2025-122
Permissive Cross-domain Security Policy with Untrusted Domains vulnerability in Drupal Next.Js allows Cross-Site Scripting XSS.This issue affects Next.Js: from 0.0.0 before 1.6.4, from 2.0.0 before 2.0.1...
Drupal Block Attributes 安全漏洞
Drupal Block Attributes is a configuration interface plugin for the Drupal community. A security vulnerability exists in Drupal Block Attributes versions prior to 1.1.0 and prior to 2.0.1, which stems from improper input neutralization during page generation and could lead to a cross-site scripti...
Drupal Obfuscate module < 2.0.1 - Authenticated Cross Site Scripting (XSS) vulnerability
Authenticated Cross Site Scripting XSS vulnerability discovered by Pierre Rudloff prudloff in WordPress Module Obfuscate versions 2.0.1...
PT-2024-28950
Name of the Vulnerable Software and Affected Versions Fastapi OPA versions prior to 2.0.1 Description The issue allows unauthenticated attackers to discover which entities exist within an application by sending HTTP OPTIONS requests. This is because OpaMiddleware allows all HTTP OPTIONS requests...
Smb4K Local Elevation of Privilege Vulnerability
Smb4K is a set of tools that use Samba software to access SMB/CIFS shares in the local network neighborhood. A security vulnerability exists in versions of Smb4K prior to 2.0.1. A local attacker could exploit this vulnerability to gain root privileges...