MINI-QM66-V7CJ-V2R9

Bulletin has no description...

Exploit for Deserialization of Untrusted Data in Presstigers Simple_Job_Board

CVE-2024-1813 - Simple Job Board ≤ 2.11.0 WordPress - Unauth...

WordPress Simple Job Board - Unauthorized Data Access

The Simple Job Board plugin for WordPress is vulnerable to unauthorized data access due to insufficient authorization checking in the fetchquickjob function in all versions up to and including 2.10.8. This makes it possible for unauthenticated attackers to fetch arbitrary posts, which can be...

WordPress Support Board plugin < 3.8.9 - Privilege Escalation vulnerability

Privilege Escalation vulnerability discovered by Phat RiO in WordPress Plugin Support Board versions 3.8.9...

CVE-2026-46128

The CVE covers a Linux kernel IPMI issue where event message buffer data size was only validated later in processing instead of immediately after the response. Some BMCs may return an empty message rather than signaling an error when fetching events. The available connected documents indicate thi...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: Staging: For gpib, a bug was fixed where an unset padding field was copied back to the user space. The introduction of a padding field in the gpibboardinfoioctl function appears as initialized data on the stack frame that is copi...

Astra Linux - уязвимость в linux-5.10, linux

In the Linux kernel, the following vulnerability has been resolved: media: usb: go7007: s2250-board: fix leak in probe Call i2cunregisterdeviceaudio on this error path...

Astra Linux - уязвимость в linux-5.10

In the Linux kernel, the following vulnerability has been resolved: ARM: In the dts section, for the qcom device, replace the gcc PXO parameter with pxoboard fixed clock. Replace the gcc PXO handle with pxoboard fixed clock, which is declared in the dts file. The gcc driver does not provide PXOSR...

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerabilities have been resolved: Bluetooth: qca – fixed an issue where information was leaked when retrieving the board ID. A missing sanity check was added when retrieving the board ID to prevent the leakage of slab data when requesting the firmware later...

@antv/lite-insight (>=2.1.0 <=2.1.1), @antv/narrative-text-editor (>=0.1.1 <=0.2.20) +3 more potentially affected by unknown CVE via @antv/narrative-text-schema (>=0.1.5 <=0.3.7)

@antv/narrative-text-schema NPM version =0.1.5, =2.1.0, =0.1.1, =0.1.6, =2.0.0, =0.1.0-alpha.16, =0.1.0-alpha.22 Source cves: unknown CVE Source advisory: OSV:MAL-2026-4073...

@antv/smart-board (>=2.0.0 <=2.1.0-alpha.0) potentially affected by unknown CVE via @antv/lite-insight (=2.1.1)

@antv/lite-insight NPM version =2.1.1 is affected by a known vulnerability. The following packages have a transitive dependency on @antv/lite-insight and may be impacted: - @antv/smart-board =2.0.0, =2.1.0-alpha.0 Source cves: unknown CVE Source advisory: OSV:MAL-2026-4066...

@antv/auto-chart (>=2.0.0 <=2.1.0-alpha.0), @antv/chart-advisor (>=2.0.0 <=2.1.0-alpha.1) +4 more potentially affected by unknown CVE via @antv/data-wizard (>=2.0.4 <=2.1.0-alpha.5)

@antv/data-wizard NPM version =2.0.4, =2.0.0, =2.0.0, =1.2.0-beta.0, =2.0.0, =2.0.0, =0.0.1, =0.1.0-beta.57 Source cves: unknown CVE Source advisory: OSV:MAL-2026-3869...

@antv/auto-chart (>=2.0.0 <=2.0.5-alpha.0), @antv/chart-advisor (>=2.0.4 <=2.0.5-alpha.0) +1 more potentially affected by unknown CVE via @antv/data-samples (=1.0.1)

@antv/data-samples NPM version =1.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on @antv/data-samples and may be impacted: - @antv/auto-chart =2.0.0, =2.0.4, =2.0.4, =2.0.5-alpha.0 Source cves: unknown CVE Source advisory: OSV:MAL-2026-3867...

bleak

BLEAK — Bluetooth Link Exploitation & Attack Knowledgebase...

CVE-2026-6225

The Taskbuilder – Project Management & Task Management Tool With Kanban Board plugin for WordPress is vulnerable to time-based blind SQL Injection via the 'projectsearch' parameter in all versions up to, and including, 5.0.6 due to insufficient escaping on the user supplied parameter and lack of...

CVE-2020-37222

Kuicms Php EE 2.0 is affected by a persistent cross-site scripting (XSS) vulnerability. The issue allows unauthenticated attackers to inject arbitrary scripts by submitting crafted content through the bbs reply endpoint (POST to /web/?c=bbs&a=reply) with HTML/JavaScript payloads in the content pa...

CVE-2026-44341

GoJobs is a REST API for a Job Board platform. The application exposes a job retrieval endpoint that allows unauthenticated users to access job details by directly manipulating object identifiers. The endpoint lacks proper authentication and authorization checks, resulting in unauthorized access ...

EUVD-2026-29445

Insecure generation of credentials in the local SAT Technical Support access functionality of the Ingecon Sun EMS Board. The vulnerability arose because the secret access credentials were not based on a secure cryptographic scheme, but rather on a weak hashing algorithm, which could allow an...

CVE-2026-8072 Insecure generation of SAT access credentials in Ingecon EMS Board

Insecure generation of credentials in the local SAT Technical Support access functionality of the Ingecon Sun EMS Board. The vulnerability arose because the secret access credentials were not based on a secure cryptographic scheme, but rather on a weak hashing algorithm, which could allow an...

CVE-2026-8072

Insecure generation of credentials in the local SAT Technical Support access functionality of the Ingecon Sun EMS Board. The vulnerability arose because the secret access credentials were not based on a secure cryptographic scheme, but rather on a weak hashing algorithm, which could allow an...