EUVD-2026-27567

In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - Fix page reassignment overflow in afalgpulltsgl When page reassignment was added to afalgpulltsgl the original loop wasn't updated so it may try to reassign one more page than necessary. Add the check to the...

CVE-2026-43078 crypto: af_alg - Fix page reassignment overflow in af_alg_pull_tsgl

In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - Fix page reassignment overflow in afalgpulltsgl When page reassignment was added to afalgpulltsgl the original loop wasn't updated so it may try to reassign one more page than necessary. Add the check to the...

CVE-2026-33290

WPGraphQL provides a GraphQL API for WordPress sites. Prior to version 2.10.0, an authorization flaw in updateComment allows an authenticated low-privileged user including a custom role with zero capabilities to change moderation status of their own comment for example to APPROVE without the...

CVE-2022-23387

An issue was discovered in taocms 3.0.2. This is a SQL blind injection that can obtain database data through the Comment Update field...

CVE-2024-50123 bpf: Add the missing BPF_LINK_TYPE invocation for sockmap

In the Linux kernel, the following vulnerability has been resolved: bpf: Add the missing BPFLINKTYPE invocation for sockmap There is an out-of-bounds read in bpflinkshowfdinfo for the sockmap link fd. Fix it by adding the missing BPFLINKTYPE invocation for sockmap link Also add comments for...

Cross-site Scripting (XSS)

Overview johnpbloch/wordpress-core is a web software you can use to create a website or blog. Affected versions of this package are vulnerable to Cross-site Scripting XSS due to insufficient escaping and sanitization of the values stored during a comment update. An attacker can execute malicious...

Taocms SQL Injection Vulnerability (CNVD-2022-31825)

Taocms is a micro Cms Content Management System in China. A SQL injection vulnerability exists in Taocms version 3.0.2, which originates from a lack of validation of externally entered SQL statements in the Comment Update field. An attacker can exploit this vulnerability to execute illegal SQL...

CVE-2022-23387

An issue was discovered in taocms 3.0.2. This is a SQL blind injection that can obtain database data through the Comment Update field...

Design/Logic Flaw

An issue was discovered in taocms 3.0.2. This is a SQL blind injection that can obtain database data through the Comment Update field...

Taocms SQL注入漏洞

Taocms is a micro Cms Content Management System in China. A SQL injection vulnerability exists in Taocms version 3.0.2, which originates from a lack of validation of externally entered SQL statements in the Comment Update field. An attacker can exploit this vulnerability to execute illegal SQL...