CVE-2026-33222

A flaw was found in NATS-Server, a high-performance messaging system. This vulnerability allows users with JetStream admin API access to restore data from one stream to unintended stream names. This can lead to unauthorized modification or overwriting of data that should have been protected,...

PT-2025-47662

The ELEX WordPress HelpDesk & Customer Ticketing System plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the eh crm restore data function in all versions up to, and including, 3.3.1. This makes it possible for authenticated attackers, wi...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989340)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989340 advisory. In the Linux kernel, the following vulnerability has been resolved: tcp: add sanity tests to TCPQUEUESEQ Qingyu Li reported a syzkaller bug where the repro changes R...

CVE-2024-43437

CVE-2024-43437 affects Moodle and is described in connected sources as a cross-site scripting (XSS) risk caused by insufficient sanitization of data during restoration of backup files. The vulnerability arises when processing malicious backups, enabling XSS. The connected documents (OSV, GHSA, CN...

UBUNTU-CVE-2024-26798

In the Linux kernel, the following vulnerability has been resolved: fbcon: always restore the old font data in fbcondosetfont Commit a5a923038d70 fbdev: fbcon: Properly revert changes when vcresize failed started restoring old font data upon failure of vcresize. But it performs so only for user...

kernel: tcp: add sanity tests to TCP_QUEUE_SEQ

In the Linux kernel, the following vulnerability has been resolved: tcp: add sanity tests to TCPQUEUESEQ Qingyu Li reported a syzkaller bug where the repro changes RCV SEQ after restoring data in the receive queue. mprotect0x4aa000, 12288, PROTREAD = 0 mmap0x1ffff000, 4096, PROTNONE,...

Denial of Service Vulnerability in JeeCMS v8.1 Data Restore Function

JEECMS is Jiangxi Jinlei Technology Development Co., Ltd. developed a support for WeChat small program , WeChat public number / service number , column model , content model cross-customization , as well as with payment and financial settlement of the content of the e-commerce as one of the conte...

PT-2015-3834 · Ibm · Domino +1

Name of the Vulnerable Software and Affected Versions: IBM Tivoli Storage Manager TSM Backup-Archive client versions 5.4 through 5.5 before 5.5.4.4 IBM Tivoli Storage Manager TSM Backup-Archive client versions 5.4.x and 5.5.x on Windows and z/OS IBM Tivoli Storage Manager TSM Backup-Archive clien...

Report: Virus Infects U.S. Military Drones

Wired’s ThreatLevel Blog reported on Friday that a computer virus is plaguing the systems used to remotely control the U.S. military’s fleet of unmanned drone aircraft. According to the report, which is unconfirmed, personnel at Creech Air Force Base in Nevada have been battling the persistent an...

JXCMS 0day generate the cache file when the variable untreated leads directly write WebShell-vulnerability warning-the black bar safety net

By: anonymous he ID called anonymous, the JXCMS 0day, the JXCMS to generate the cache file when the variable untreated leads directly write the WebShell script vulnerability. Fine fast CMS（Jxcms is based on the use of a network already Mature, stable technology PHP+MYSQL development, the use of...