9767 matches found
EUVD-2026-32510
Jenkins Active Directory Plugin 2.41 and earlier deserializes data from LDAP referrals without validation...
CVE-2026-48918
Jenkins Active Directory Plugin 2.41 and earlier follows LDAP referrals by default...
EUVD-2026-32509
Jenkins Active Directory Plugin 2.41 and earlier follows LDAP referrals by default...
CVE-2026-48918
Technical details about CVE-2026-48918 are not publicly available in the provided documents; monitor for updates from official advisories (e.g., Jenkins security notices) for new information.
CVE-2026-48919
CVE-2026-48919 affects Jenkins’ Active Directory Plugin (2.41 and earlier). The root cause is that the plugin deserializes data from LDAP referrals without validation. This leads to potential impact on confidentiality, integrity, and availability (CVSS v3.1 base score 6.6, MEDIUM). The exploitati...
CVE-2026-48919
Jenkins Active Directory Plugin 2.41 and earlier deserializes data from LDAP referrals without validation...
EUVD-2026-32502
libusb before version 1.0.30 contains a NULL pointer dereference vulnerability that allows attackers to crash applications by supplying a malformed USB configuration descriptor where an interface claims bNumEndpoints greater than zero but is followed by a class-specific descriptor whose bLength...
EUVD-2026-32458
In the Linux kernel, the following vulnerability has been resolved: KVM: nSVM: Raise UD if unhandled VMMCALL isn't intercepted by L1 Explicitly synthesize a UD for VMMCALL if L2 is active, L1 does NOT want to intercept VMMCALL, nestedsvml2tlbflushenabled is true, and the hypercall is something...
CVE-2026-46065 fbdev: defio: Disconnect deferred I/O from the lifetime of struct fb_info
In the Linux kernel, the following vulnerability has been resolved: fbdev: defio: Disconnect deferred I/O from the lifetime of struct fbinfo Hold state of deferred I/O in struct fbdeferrediostate. Allocate an instance as part of initializing deferred I/O and remove it only after the final mapping...
EUVD-2026-32447
In the Linux kernel, the following vulnerability has been resolved: fbdev: defio: Disconnect deferred I/O from the lifetime of struct fbinfo Hold state of deferred I/O in struct fbdeferrediostate. Allocate an instance as part of initializing deferred I/O and remove it only after the final mapping...
CVE-2026-42761
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in RealMag777 Active Products Tables for WooCommerce profit-products-tables-for-woocommerce allows Blind SQL Injection.This issue affects Active Products Tables for WooCommerce: from n/a through = 1.0...
Identity Exposure Management: Why It Matters
Millions of corporate credentials leak onto the public internet every single week. These exposed credentials act as open doors for threat actors looking to breach hybrid networks. When security teams rely only on legacy tools, they remain blind to these silent entry points. Book a HivePro demo to...
Company bragged phone mics could listen to conversations. They couldn’t.
A media company and two of its marketing partners have been fined for selling a service which, they said, listened in to people's conversations through their phones. Actually they did nothing of the sort. Most people have worried at some point that their phone has been listening to them through t...
CVE-2026-42761 WordPress Active Products Tables for WooCommerce plugin <= 1.0.9 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in RealMag777 Active Products Tables for WooCommerce profit-products-tables-for-woocommerce allows Blind SQL Injection.This issue affects Active Products Tables for WooCommerce: from n/a through = 1.0...
CVE-2026-42761
The CVE concerns WordPress plugin Profit Products Tables for WooCommerce (RealMag777)
CVE-2026-42761 WordPress Active Products Tables for WooCommerce plugin <= 1.0.9 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in RealMag777 Active Products Tables for WooCommerce profit-products-tables-for-woocommerce allows Blind SQL Injection.This issue affects Active Products Tables for WooCommerce: from n/a through = 1.0...
CVE-2026-42727 WordPress Active Products Tables for WooCommerce plugin <= 1.0.8 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in RealMag777 Active Products Tables for WooCommerce profit-products-tables-for-woocommerce allows Blind SQL Injection.This issue affects Active Products Tables for WooCommerce: from n/a through = 1.0...
CVE-2026-42727 WordPress Active Products Tables for WooCommerce plugin <= 1.0.8 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in RealMag777 Active Products Tables for WooCommerce profit-products-tables-for-woocommerce allows Blind SQL Injection.This issue affects Active Products Tables for WooCommerce: from n/a through = 1.0...
CVE-2026-42727
CVE-2026-42727 affects the WordPress plugin Profit-Products-Tables-for-WooCommerce (Active Products Tables for WooCommerce) ≤ 1.0.8. The root cause is improper neutralization of special elements used in SQL commands, enabling Blind SQL Injection. The impact is described as Blind SQL Injection; no...
CVE-2025-66592
An origin validation error vulnerability in Synology Active Backup for Business Agent before 3.1.0-4967 allows local users to write arbitrary files with restricted content and conduct denial-of-service during installation...