5182 matches found
WordPress plugin B Blocks 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Versions...
PT-2026-28003
Name of the Vulnerable Software and Affected Versions bPlugins B Blocks versions prior to 2.0.30 Description An authorization issue exists in bPlugins B Blocks that allows exploitation of incorrectly configured access control security levels. Recommendations Update bPlugins B Blocks to version...
WordPress B Blocks plugin < 2.0.30 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by w41bu1 in WordPress Plugin B Blocks versions 2.0.30...
Malicious Package
Overview sap-b is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...
Unity Linux 20.1070e Security Update: kernel (UTSA-2026-005551)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005551 advisory. In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential null-ptr-deref in nilfsbtreeinsert Patch series nilfs2: fix potential issue...
keycloak: Incorrect ownership checks in /uma-policy/
A flaw was found in Keycloak. A significant Broken Access Control vulnerability exists in the UserManagedPermissionService UMA Protection API. When updating or deleting a UMA policy associated with multiple resources, the authorization check only verifies the caller's ownership against the first...
CVE-2026-20704
Cross-site request forgery vulnerability exists in ELECOM wireless LAN products. If a user accesses a malicious page while logged-in to the affected product, unintended operations may be performed...
CVE-2026-22550
OS command injection vulnerability exists in ELECOM wireless LAN products. A crafted request from a logged-in user may lead to an arbitrary OS command execution...
CVE-2026-20704
Cross-site request forgery vulnerability exists in ELECOM wireless LAN products. If a user accesses a malicious page while logged-in to the affected product, unintended operations may be performed...
CVE-2026-24449
For WRC-X1500GS-B and WRC-X1500GSA-B, the initial passwords can be calculated easily from the system information...
CVE-2026-22550
OS command injection vulnerability exists in ELECOM wireless LAN products. A crafted request from a logged-in user may lead to an arbitrary OS command execution...
CVE-2026-24449
For WRC-X1500GS-B and WRC-X1500GSA-B, the initial passwords can be calculated easily from the system information...
EUVD-2026-5271
For WRC-X1500GS-B and WRC-X1500GSA-B, the initial passwords can be calculated easily from the system information...
CVE-2026-24449
For WRC-X1500GS-B and WRC-X1500GSA-B, the initial passwords can be calculated easily from the system information...
CVE-2026-24449
CVE-2026-24449 affects WRC- X1500GS-B and WRC-X1500GSA-B. The initial passwords can be calculated from system information, indicating weak default credential handling. The available documents confirm affected devices and the easy-recovery of initial passwords; no public details on a fix or update...
CVE-2026-24449
For WRC-X1500GS-B and WRC-X1500GSA-B, the initial passwords can be calculated easily from the system information...
EUVD-2026-5270
OS command injection vulnerability exists in WRC-X1500GS-B and WRC-X1500GSA-B. A crafted request from a logged-in user may lead to an arbitrary OS command execution...
CVE-2026-22550
OS command injection vulnerability exists in ELECOM wireless LAN products. A crafted request from a logged-in user may lead to an arbitrary OS command execution...
CVE-2026-22550
OS command injection vulnerability exists in ELECOM wireless LAN products. A crafted request from a logged-in user may lead to an arbitrary OS command execution...
CVE-2026-20704
Cross-site request forgery vulnerability exists in ELECOM wireless LAN products. If a user accesses a malicious page while logged-in to the affected product, unintended operations may be performed...