752 matches found
CVE-2026-3300
The CVE-2026-3300 entry applies to the Everest Forms Pro WordPress plugin. Affected component: Calculation Addon’s process_filter() function, which concatenates user-supplied form field values into a PHP code string and passes it to eval() without proper escaping. Root cause: insufficient escapin...
CVE-2026-3300 Everest Forms Pro <= 1.9.12 - Unauthenticated Remote Code Execution via Calculation Field
The Everest Forms Pro plugin for WordPress is vulnerable to Remote Code Execution via PHP Code Injection in all versions up to, and including, 1.9.12. This is due to the Calculation Addon's processfilter function concatenating user-submitted form field values into a PHP code string without proper...
PT-2026-29180
Name of the Vulnerable Software and Affected Versions Everest Forms Pro plugin for WordPress versions up to and including 1.9.12 Description The Everest Forms Pro plugin for WordPress is susceptible to Remote Code Execution via PHP Code Injection. This occurs because the process filter function...
EUVD-2026-14408
A flaw has been found in Shenzhen HCC Technology MPOS M6 PLUS 1V.31-N. This affects an unknown part of the component Cardholder Data Handler. Executing a manipulation can lead to cleartext transmission of sensitive information. The attack requires access to the local network. The attack requires ...
Intel Processors 输入验证错误漏洞
Intel Processors are a series of processors developed by the American company Intel. Intel Processors have a vulnerability related to input validation, which stems from improper input validation and may lead to privilege escalation. System software attackers with privileged access can potentially...
Intel Processors 输入验证错误漏洞
Intel Processors are a series of processors developed by the American company Intel. Intel Processors have a vulnerability related to input validation, which arises from improper input validation and may lead to privilege escalation. System software attackers with privileged access can potentiall...
BIT-MONGODB-2026-1850 An authorized user may disable the MongoDB server by issuing a certain type of complex query due to boolean expression simplification
Complex queries can cause excessive memory usage in MongoDB Query Planner resulting in an Out-Of-Memory Crash...
Inefficient Algorithmic Complexity
Overview minimatch is a minimal matching utility. Affected versions of this package are vulnerable to Inefficient Algorithmic Complexity via the matchOne function. An attacker can cause significant delays in processing and stall the event loop by supplying specially crafted glob patterns containi...
bus: fsl-mc: fix use-after-free in driver_override_show()
...
CVE-2026-1850
Complex queries can cause excessive memory usage in MongoDB Query Planner resulting in an Out-Of-Memory Crash...
CVE-2026-1850
Complex queries can cause excessive memory usage in MongoDB Query Planner resulting in an Out-Of-Memory Crash...
UBUNTU-CVE-2026-1850
Complex queries can cause excessive memory usage in MongoDB Query Planner resulting in an Out-Of-Memory Crash...
An authorized user may disable the MongoDB server by issuing a certain type of complex query due to boolean expression simplification
Complex queries can cause excessive memory usage in MongoDB Query Planner resulting in an Out-Of-Memory Crash...
CVE-2026-1850
Complex queries can cause excessive memory usage in MongoDB Query Planner resulting in an Out-Of-Memory Crash...
CVE-2026-1850 An authorized user may disable the MongoDB server by issuing a certain type of complex query due to boolean expression simplification
Complex queries can cause excessive memory usage in MongoDB Query Planner resulting in an Out-Of-Memory Crash...
Allocation of Resources Without Limits or Throttling
Overview Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling in the matchpattern function due to inefficient processing of the complex regular expressions. An attacker can cause resource exhaustion by supplying specially crafted input that...
MongoDB Server 安全漏洞
MongoDB Server is an open-source NoSQL database developed by MongoDB, a company based in the United States. This database offers features such as collection-oriented storage, dynamic querying, data replication, and automatic failover. There is a security vulnerability in MongoDB Server, which ste...
CVE-2025-2134
IBM Jazz Reporting Service could allow an authenticated user on the network to affect the system's performance using complicated queries due to insufficient resource pooling...
CVE-2025-2134
IBM Jazz Reporting Service could allow an authenticated user on the network to affect the system's performance using complicated queries due to insufficient resource pooling...
CVE-2025-2134
IBM Jazz Reporting Service could allow an authenticated user on the network to affect the system's performance using complicated queries due to insufficient resource pooling...