CVE-2026-23416

The CVE-2026-23416 issue affects the Linux kernel (mm/mseal) where vm_area_struct end handling could become stale during VMA merges. The root cause is curr_end not staying in sync when a VMA is updated via vma_modify_flags(), leading to an incorrect curr_start on the next iteration. The fix uncon...

CVE-2025-15118

A security vulnerability has been detected in macrozheng mall up to 1.0.3. This vulnerability affects unknown code of the file /member/address/update/ of the component Member Endpoint. The manipulation leads to improper authorization. Remote exploitation of the attack is possible. The exploit has...

EUVD-2025-205491

A security vulnerability has been detected in macrozheng mall up to 1.0.3. This vulnerability affects unknown code of the file /member/address/update/ of the component Member Endpoint. The manipulation leads to improper authorization. Remote exploitation of the attack is possible. The exploit has...

CVE-2025-15118

A security vulnerability has been detected in macrozheng mall up to 1.0.3. This vulnerability affects unknown code of the file /member/address/update/ of the component Member Endpoint. The manipulation leads to improper authorization. Remote exploitation of the attack is possible. The exploit has...

CVE-2025-15118

A security vulnerability has been detected in macrozheng mall up to 1.0.3. This vulnerability affects unknown code of the file /member/address/update/ of the component Member Endpoint. The manipulation leads to improper authorization. Remote exploitation of the attack is possible. The exploit has...

CVE-2025-15118

CVE-2025-15118 affects macrozheng mall (up to v1.0.3), specifically the Member Endpoint’s /member/address/update/ path. The underlying issue is improper authorization caused by manipulation of that file, enabling remote exploitation. Public exploit information is noted in multiple sources. Affect...

CVE-2025-15118 macrozheng mall Member Endpoint update improper authorization

A security vulnerability has been detected in macrozheng mall up to 1.0.3. This vulnerability affects unknown code of the file /member/address/update/ of the component Member Endpoint. The manipulation leads to improper authorization. Remote exploitation of the attack is possible. The exploit has...

CVE-2025-15118 macrozheng mall Member Endpoint update improper authorization

A security vulnerability has been detected in macrozheng mall up to 1.0.3. This vulnerability affects unknown code of the file /member/address/update/ of the component Member Endpoint. The manipulation leads to improper authorization. Remote exploitation of the attack is possible. The exploit has...

mall 授权问题漏洞

mall is an e-commerce system for macro individual developers, including frontend mall system and backend management system. An authorization issue vulnerability exists in macrozheng mall 1.0.3 and earlier versions, which stems from incorrect manipulation of the file /member/address/update/, which...

PT-2025-53633

Name of the Vulnerable Software and Affected Versions macrozheng mall versions up to 1.0.3 Description A security issue has been identified in macrozheng mall. The issue relates to improper authorization within the Member Endpoint component, specifically affecting unknown code within the...

WordPress Cryptocurrency (Token), Launchpad (Presale), ICO & IDO, Airdrop by TokenICO plugin <= 2.4.7 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Jonas Benjamin Friedli in WordPress Plugin Cryptocurrency Token, Launchpad Presale, ICO & IDO, Airdrop by TokenICO versions = 2.4.7...

Service Provider Migration to Unified Veeam Data Cloud FAQ

Below are the most commonly asked questions. What is changing with my Veeam Data Cloud for Microsoft 365 experience? Veeam is transitioning Veeam Cloud Service Providers VCSPs and their customers to Veeam Data Cloud, a unified multi-workload interface. This new experience allows you to manage...

EUVD-2024-53596

Malicious code in bioql PyPI...

EUVD-2024-49421

Malicious code in bioql PyPI...

CVE-2025-10014 elunez eladmin Email Address updateEmail updateUserEmail improper authorization

A flaw has been found in elunez eladmin up to 2.7. This impacts the function updateUserEmail of the file /api/users/updateEmail/ of the component Email Address Handler. Executing manipulation of the argument id/email can lead to improper authorization. The attack may be performed from remote...

CVE-2025-20911

Improper access control in semwifi service prior to SMR Mar-2025 Release 1 allows privileged local attackers to update MAC address of Galaxy Watch...

CVE-2025-27579

In Bitaxe ESP-Miner before 2.5.0 with AxeOS, one can use an /api/system CSRF attack to update the payout address aka stratumUser for a Bitaxe Bitcoin miner, or change the frequency and voltage settings...

CVE-2025-27579

CVE-2025-27579 affects Bitaxe ESP-Miner with AxeOS prior to firmware 2.5.0. The issue is a CSRF vulnerability in the /api/system endpoint that allows an attacker to update the payout address (stratumUser) and modify frequency and voltage settings. The impact is limited to the documented changes t...

PT-2025-21185

Name of the Vulnerable Software and Affected Versions: Thunderbird versions prior to 128.10.1 Thunderbird versions prior to 138.0.1 Description: The issue allows sender spoofing if the server permits an invalid From address. For example, if the From header contains an invalid value, Thunderbird...

CVE-2024-57479

H3C N12 V100R005 contains a buffer overflow vulnerability due to the lack of length verification in the mac address update function. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute arbitrary commands by sending a POST request to /bin/we...