CVE-2026-7568

In PHP versions 8.2. before 8.2.31, 8.3. before 8.3.31, 8.4. before 8.4.21, and 8.5. before 8.5.6, the metaphone function in ext/standard/metaphone.c uses a signed int variable to track the current position within the input string. If a string longer than 2,147,483,647 bytes is passed, a signed...

CVE-2026-6914

Computing the MD5 checksum of a malformed BSON object under specific conditions may cause loss of availability in MongoDB server. This issue affects all MongoDB Server v8.2 versions, all MongoDB Server v8.1 versions, MongoDB Server v8.0 versions prior to 8.0.21, MongoDB Server v7.0 versions prior...

CVE-2026-6914

CVE-2026-6914 : The vulnerability arises from computing the MD5 checksum of a malformed BSON object, potentially causing loss of availability on MongoDB Server. Affected are all MongoDB Server v8.2, all v8.1, v8.0 prior to 8.0.21, and v7.0 prior to 7.0.32. The provided documents do not specify ex...

CVE-2026-33674

PrestaShop versions prior to 8.2.5 and 9.1.0 improperly use the validation framework. The issue is addressed by a fix in 8.2.5 and 9.1.0; no public workarounds are listed. Upgrading to 8.2.5, 9.1.0, or newer versions is recommended. The available documents do not provide exploit details or in-the...

CVE-2026-25597

PrestaShop is an open source e-commerce web application. Prior to 8.2.4 and 9.0.3, there is a time-based user enumeration vulnerability in the user authentication functionality of PrestaShop. This vulnerability allows an attacker to determine whether a customer account exists in the system by...

EUVD-2025-202133

Cross-Site Request Forgery CSRF vulnerability in Saad Iqbal Quick Contact Form quick-contact-form allows Cross Site Request Forgery.This issue affects Quick Contact Form: from n/a through = 8.2.5...

WordPress WP Visitor Statistics (Real Time Traffic) Plugin <= 8.2 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Peter Thaleikis in WordPress Plugin WP Visitor Statistics Real Time Traffic versions = 8.2...

Linux Distros Unpatched Vulnerability : CVE-2024-20961

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Optimizer. Supported versions that are affected are 8.0.35 and prior and 8.2.0 and...

WordPress CartBounty plugin <= 8.2 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Mika Patchstack Alliance in WordPress Plugin CartBounty – Save and recover abandoned carts for WooCommerce versions = 8.2...

QEMU 安全漏洞

QEMU Quick Emulator is a suite of simulation processor software by Fabrice Bellard, an individual developer in France. The software is fast and cross-platform. A security vulnerability exists in QEMU versions 8.2.3 and 9.0.0, which stems from a flaw found in QEMU in the Virtio PCI binding...

Pegasystem PEGA Platform Security Vulnerability

Pegasystem PEGA Platform is a suite of application development platforms from the US-based Pegasystem. The platform is used to develop applications such as BPM Business Process Management, Case Management, Real-Time Decision Making and CRM Customer Relationship Management. A security vulnerabilit...

PT-2023-20261 · WordPress · Rextheme Wp Vr – 360 Panorama/Virtual Tour Builder

Name of the Vulnerable Software and Affected Versions: Rextheme WP VR – 360 Panorama and Virtual Tour Builder For WordPress plugin versions = 8.2.7 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user...

PT-2023-2473 · Php +10 · Php +10

Name of the Vulnerable Software and Affected Versions: PHP versions 8.0.0 through 8.0.27 PHP versions 8.1.0 through 8.1.15 PHP versions 8.2.0 through 8.2.2 Description: The issue is related to an excessive number of parts in HTTP form upload, which can cause high resource consumption and excessiv...

CVE-2022-33934

Dell PowerScale OneFS, versions 8.2.x through 9.4.x contain multiple stored cross-site scripting vulnerabilities. A remote authenticated malicious user with high privileges may potentially exploit these vulnerabilities to store malicious HTML or JavaScript code through multiple affected fields...

CVE-2021-38969

IBM Spectrum Virtualize 8.2, 8.3, and 8.4 could allow an attacker to allow unauthorized access due to the reuse of support generated credentials. IBM X-Force ID: 212609...

CVE-2022-22550

Dell PowerScale OneFS, versions 8.2.2 and above, contain a password disclosure vulnerability. An unprivileged local attacker could potentially exploit this vulnerability, leading to account take over...

ZZCMS SQL注入漏洞

ZZCMS is a content management system CMS by China Zzcms team. A security vulnerability exists in ZZCMS 8.2, 8.3, 2020, 2021, which originates from a SQL injection when registering a regular user in dl/dlprint.php...

DELL EMC PowerScale 安全漏洞

Dell EMC PowerScale OneFS is an API-driven file system. an information disclosure vulnerability exists in Dell EMC PowerScale OneFS versions 8.2.-9.2.. The vulnerability stems from improper handling of exception conditions. An attacker could use the vulnerability to obtain information out of...

Unspecified Vulnerability in Oracle Enterprise Session Border Controller

Oracle Enterprise Session Border Controller E-SBC connects disparate Internet Protocol IP communications networks while mitigating security threats, resolving interoperability issues, and ensuring reliable communications. A security vulnerability exists in the File Upload component in Oracle...

Cisco Adaptive Security Appliance Software License Issue Vulnerability

Cisco Adaptive Security Appliances Software ASA Software is a set of firewalls and network security platforms from the U.S. company Cisco Cisco. The platform provides highly secure access to data and network resources and other features. An authorization issue vulnerability exists in Cisco ASA...