33550 matches found
EUVD-2026-43596
SAP Change and Transport System Attach Tool ctsattach allows an authenticated attacker to supply a specially crafted archive file which, when processed by the application�s library, can trigger insecure deserialization and lead to remote code execution RCE on the system. Successful exploitation...
EUVD-2026-43284
The User Registration & Membership WordPress plugin before 5.2.2 does not perform an authorization check on a membership-upgrade action and derives the user to modify from a caller-supplied identifier instead of the current user, allowing any authenticated user such as a subscriber to change...
CVE-2026-11963
The User Registration & Membership WordPress plugin before 5.2.2 does not perform an authorization check on a membership-upgrade action and derives the user to modify from a caller-supplied identifier instead of the current user, allowing any authenticated user such as a subscriber to change...
WordPress Frontend Login and Registration Blocks Plugin 1.0.7 - Privilege Escalation
Privilege escalation vulnerability exists in the Frontend Login and Registration Blocks plugin for WordPress versions = 1.0.7. An unauthenticated attacker can exploit the AJAX endpoint flrblocksusersettingshandleajaxcallback to change the administrator's email address. Subsequently, the attacker...
Lotus Domino R5 and R6 WebMail - Information Disclosure
Lotus Domino R5 and R6 WebMail with 'Generate HTML for all fields' enabled which is by default allows remote attackers to read the HTML source to obtain sensitive information including the password hash in the HTTPPassword field, the password change date in the HTTPPasswordChangeDate field, and t...
LG LED Assistant - Unauthenticated Password Reset
The /api/changePw endpoint in LG LED Assistant allows unauthenticated password resets when requests are considered to come from localhost. An attacker can spoof the X-Forwarded-For header with value 127.0.0.1 to trigger the behavior and receive a success response. id: CVE-2024-2862 info: name: LG...
LatePoint <= 5.0.11 - SQL Injection
The LatePoint plugin for WordPress is vulnerable to Arbitrary User Password Change via SQL Injection in versions up to, and including, 5.0.11. This is due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible f...
ChangeDetection.io <= v0.50.33 - Stored XSS via Watch API
changedetection.io = 0.50.34 contains a stored cross site scripting caused by insufficient security checks in the Watch update API, letting attackers execute arbitrary JavaScript when users preview malicious links, exploit requires user interaction id: CVE-2025-62780 info: name: ChangeDetection.i...
Nokri – Job Board WordPress Theme <= 1.6.2 - Unauthenticated Arbitrary Password Change
The Nokri – Job Board WordPress Theme theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 1.6.2. This is due to the plugin not properly checking for an empty token value prior updating their details like password. This makes it...
WordPress Select All Categories and Taxonomies <1.3.2 - Cross-Site Scripting
WordPress Select All Categories and Taxonomies plugin before 1.3.2 contains a cross-site scripting vulnerability. The settings page of the plugin does not properly sanitize the tab parameter before outputting it back. An attacker can inject arbitrary script in the browser of an unsuspecting user ...
WordPress Automatic Plugin - Unauthenticated Options Change
WordPress Automatic Plugin versions 3.53.2 and below contains a critical vulnerability that allows unauthenticated users to change arbitrary WordPress options through the processform.php script. The vulnerable script uses updateoption on all POST parameters without authentication or capability...
Important: Red Hat Security Advisory: xorg-x11-server-Xwayland security update
An update for xorg-x11-server-Xwayland is now available for Red Hat Enterprise Linux 8.8 Update Services for SAP Solutions and Red Hat Enterprise Linux 8.8 Telecommunications Update Service. Red Hat Product Security has rated this update as having a security impact of Important. A Common...
xorg-x11-server: xorg-x11-server-Xwayland: xorg-x11-server: out-of-bounds read/write in GLX ChangeDrawableAttributes
An out-of-bounds read flaw was found in the X.Org X server and Xwayland in glXDispChangeDrawableAttributes. A wrong size validation check can read a client-controlled number of bytes, exceeding the request buffer, leading to information disclosure. A write path also exists but requires byte-swapp...
CVE-2026-56308 Capgo - Insufficient Authentication in Email Change Endpoint
Capgo before 12.128.2 allows email address changes without requiring current password re-authentication or verification of the existing email address. An attacker with access to a valid session cookie or authenticated browser can change the account email to gain control of account recovery and...
CVE-2026-56308
Capgo before 12.128.2 contains an insufficient authentication flaw in the email-change endpoint: an attacker with a valid session cookie or authenticated browser can change the account email without re-authenticating the current password or verifying the existing mailbox. This can enable control ...
EUVD-2026-43230
Capgo before 12.128.2 allows email address changes without requiring current password re-authentication or verification of the existing email address. An attacker with access to a valid session cookie or authenticated browser can change the account email to gain control of account recovery and...
CVE-2026-15479
A vulnerability was found in H3C NX15 V100R017. Affected by this vulnerability is the function changepasswd of the file /api/login/modify of the component Administrator Password Modification Endpoint. The manipulation of the argument newPass results in weak password recovery. The attack may be...
EUVD-2026-43201
A vulnerability was found in H3C NX15 V100R017. Affected by this vulnerability is the function changepasswd of the file /api/login/modify of the component Administrator Password Modification Endpoint. The manipulation of the argument newPass results in weak password recovery. The attack may be...
CVE-2026-15479
The vulnerability CVE-2026-15479 affects H3C NX15 V100R017. The vulnerable component is the Administrator Password Modification Endpoint, specifically the change_passwd function at /api/login/modify. Manipulating the newPass parameter results in weak password recovery. The issue can be exploited ...
PT-2026-57524
Name of the Vulnerable Software and Affected Versions H3C NX15 version V100R017 Description A flaw exists in the Administrator Password Modification Endpoint within the change passwd function of the '/api/login/modify' endpoint. Remote manipulation of the newPass argument can lead to weak passwor...