CVE-2026-46249

CVE-2026-46249 (octeontx2-af) describes a fault in the Linux kernel where, during a kexec reboot, the AF state from the old kernel may persist and be misinterpreted by the PF driver if both drivers are built as modules. The PF driver can probe before AF reinitializes hardware; it uses the RVUM bl...

CVE-2025-12821

The NewsBlogger theme for WordPress is vulnerable to Cross-Site Request Forgery in versions 0.2.5.6 to 0.2.6.1. This is due to missing or incorrect nonce validation on the newsbloggerinstallandactivateplugin function. This makes it possible for unauthenticated attackers to upload arbitrary files...

CVE-2009-4851

The activation resend function in the Profiles module in XOOPS before 2.4.1 sends activation codes in response to arbitrary activation requests, which allows remote attackers to bypass administrative approval via a request involving activate.php...

CVE-2025-11587

CVE-2025-11587 refers to the WordPress plugin “Call Now Button – The #1 Click to Call Button for WordPress.” The advisory states a missing capability check in the activate function across all versions up to 1.5.3, allowing authenticated users with Subscriber-level access or higher to modify data ...

Efficient Blockchain-Based Steganography Via Backcalculating Generative Adversarial Network

Blockchain-based steganography enables data hiding via encoding the covert data into a specific blockchain transaction field. However, previous works focus on the specific field-embedding methods while lacking a consideration on required field-generation embedding. In this paper, we propose a...

CVE-2021-37498

CVE-2021-37498 describes a server-side request forgery (SSRF) in the Reprise License Manager (RLM) web interface (up to version 14.2BL4 and prior). The vulnerability allows remote attackers to trigger outbound requests to intranet servers and perform port scanning via the actserver parameter in t...