2321 matches found
CVE-2025-54155
An allocation of resources without limits or throttling vulnerability has been reported to affect File Station 5. If a remote attacker gains an administrator account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of...
CVE-2025-57710 Qsync Central
An allocation of resources without limits or throttling vulnerability has been reported to affect Qsync Central. If a remote attacker gains an administrator account, they can then exploit the vulnerability to prevent other systems, applications, or processes from accessing the same type of...
CVE-2025-57710
The CVE-2025-57710 issue affects Qsync Central and is a resource-allocation vulnerability with no throttling. A remote attacker who has an administrator account can exhaust resources, potentially blocking other systems, applications, or processes from accessing the same resource. The root cause i...
CVE-2026-1833 WaMate Confirm <= 2.0.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Phone Number Blocking/Unblocking
The WaMate Confirm – Order Confirmation plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 2.0.1. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with...
CVE-2026-25916
CVE-2026-25916 affects Roundcube Webmail: versions prior to 1.5.13 and prior to 1.6.13 fail to block SVG feImage usage when “Block remote images” is enabled, enabling a DOM-based attack via SVG href/feImage that can bypass remote-image blocking. The exploit path described involves SVG handling wh...
Roundcube Webmail 安全漏洞
Roundcube Webmail is an open-source browser-based IMAP client developed by Roundcube. It supports address book management, information search, spelling checking, and more. Versions of Roundcube Webmail prior to 1.5.13, as well as versions 1.6 through 1.6.13, had security vulnerabilities. These...
CVE-2026-1675
The Advanced Country Blocker plugin for WordPress is vulnerable to Authorization Bypass in all versions up to, and including, 2.3.1 due to the use of a predictable default value for the secret bypass key created during installation without requiring users to change it. This makes it possible for...
Roundcube -- Multiple vulnerabilities
The Roundcube project reports: Unspecified CSS injection vulnerability. Remote image blocking bypass via SVG content...
CVE-2026-1675
The CVE-2026-1675 entry concerns the WordPress plugin Advanced Country Blocker. Affects all versions up to 2.3.1 where a predictable default value for the secret bypass key is created during installation and not required to be changed, enabling unauthenticated attackers to bypass the geolocation ...
CVE-2026-1675 Advanced Country Blocker <= 2.3.1 - Unauthenticated Authorization Bypass via Insecure Default Secret Key
The Advanced Country Blocker plugin for WordPress is vulnerable to Authorization Bypass in all versions up to, and including, 2.3.1 due to the use of a predictable default value for the secret bypass key created during installation without requiring users to change it. This makes it possible for...
CVE-2026-1675 Advanced Country Blocker <= 2.3.1 - Unauthenticated Authorization Bypass via Insecure Default Secret Key
The Advanced Country Blocker plugin for WordPress is vulnerable to Authorization Bypass in all versions up to, and including, 2.3.1 due to the use of a predictable default value for the secret bypass key created during installation without requiring users to change it. This makes it possible for...
PT-2026-6896
Name of the Vulnerable Software and Affected Versions Advanced Country Blocker plugin for WordPress versions prior to 2.3.2 Description The Advanced Country Blocker plugin for WordPress is susceptible to an authorization bypass. This is due to the use of a predictable default value for the secret...
io.quarkus/quarkus-rest: Quarkus REST Worker Thread Exhaustion Vulnerability
A flaw was found in the Quarkus REST HTTP layer. This vulnerability allows remote attackers to cause an application level denial of service by repeatedly dropping client connections while response chunks are being transmitted, leading to worker thread exhaustion...
SUSE CVE-2026-23050
In the Linux kernel, the following vulnerability has been resolved: pNFS: Fix a deadlock when returning a delegation during open Ben Coddington reports seeing a hang in the following stack trace: 0 ffffd0b50e1774e0 schedule at ffffffff9ca05415 1 ffffd0b50e177548 schedule at ffffffff9ca05717 2...
CVE-2026-23050
In the Linux kernel, the following vulnerability has been resolved: pNFS: Fix a deadlock when returning a delegation during open Ben Coddington reports seeing a hang in the following stack trace: 0 ffffd0b50e1774e0 schedule at ffffffff9ca05415 1 ffffd0b50e177548 schedule at ffffffff9ca05717 2...
AZL-77139 CVE-2026-23050 affecting package kernel 6.6.126.1-1
In the Linux kernel, the following vulnerability has been resolved: pNFS: Fix a deadlock when returning a delegation during open Ben Coddington reports seeing a hang in the following stack trace: 0 ffffd0b50e1774e0 schedule at ffffffff9ca05415 1 ffffd0b50e177548 schedule at ffffffff9ca05717 2...
CVE-2026-23050
In the Linux kernel, the following vulnerability has been resolved: pNFS: Fix a deadlock when returning a delegation during open Ben Coddington reports seeing a hang in the following stack trace: 0 ffffd0b50e1774e0 schedule at ffffffff9ca05415 1 ffffd0b50e177548 schedule at ffffffff9ca05717 2...
CVE-2026-23050 pNFS: Fix a deadlock when returning a delegation during open()
In the Linux kernel, the following vulnerability has been resolved: pNFS: Fix a deadlock when returning a delegation during open Ben Coddington reports seeing a hang in the following stack trace: 0 ffffd0b50e1774e0 schedule at ffffffff9ca05415 1 ffffd0b50e177548 schedule at ffffffff9ca05717 2...
CVE-2026-23050
CVE-2026-23050 is a Linux kernel issue affecting pNFS: a deadlock when returning a delegation during open(). The provided documents describe a hang in the nfsv4 delegation return path where a state recovery waits for open() to finish delegations. Root cause: delegation return is waiting on a layo...
CVE-2026-23050 pNFS: Fix a deadlock when returning a delegation during open()
In the Linux kernel, the following vulnerability has been resolved: pNFS: Fix a deadlock when returning a delegation during open Ben Coddington reports seeing a hang in the following stack trace: 0 ffffd0b50e1774e0 schedule at ffffffff9ca05415 1 ffffd0b50e177548 schedule at ffffffff9ca05717 2...