ADB Explorer 安全漏洞

ADB Explorer is a ADB user interface developed by Alex B as an individual developer. Versions of ADB Explorer prior to 0.9.26020 contain security vulnerabilities. These vulnerabilities stem from the lack of verification of the integrity or authenticity of the ADB binary path before execution, whi...

PT-2026-21279

ADB Explorer is a fluent UI for ADB on Windows. Versions 0.9.26020 and below have an unvalidated command-line argument that allows any user to trigger recursive deletion of arbitrary directories on the Windows filesystem. ADB Explorer accepts an optional path argument to set a custom data...

ADB Explorer 安全漏洞

ADB Explorer is a ADB user interface developed by Alex B as an individual developer. Versions of ADB Explorer prior to 0.9.26020 contain security vulnerabilities, which stem from unvalidated command-line parameters and could lead to recursive deletion of directories...

CVE-2026-26959

Affected software : ADB Explorer (Windows). Vulnerability : Versions ≤ 0.9.26020 fail to validate the integrity/authenticity of the ADB binary path specified in the ManualAdbPath setting before execution, enabling arbitrary code execution with the user’s privileges. An attacker can craft a malici...

CVE-2025-11725

The Aruba HiSpeed Cache plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability checks on the multiple functions in all versions up to, and including, 3.0.2. This makes it possible for unauthenticated attackers to modify plugin's configuration settings,...

CVE-2026-2502

The xmlrpc attacks blocker plugin for WordPress is vulnerable to Stored Cross-Site Scripting in versions up to, and including, 1.0, via the 'X-Forwarded-For' HTTP header. This is due to the plugin trusting and logging attacker-controlled IP header data and rendering debug log entries without outp...

CVE-2026-2502

CVE-2026-2502 concerns the WordPress plugin xmlrpc-attacks-blocker (versions up to and including 1.0). The vulnerability is a Stored XSS via the X-Forwarded-For header, caused by trusting attacker-controlled header data and rendering unescaped entries in the debug log. This allows unauthenticated...

CVE-2025-13113

CVE-2025-13113 concerns the WordPress plugin “Web Accessibility by accessiBe.” The issue is an unauthenticated sensitive information exposure caused by the function accessibe_render_js_in_footer() logging the full plugin options array to the browser console on public pages. This output is not res...

CVE-2025-11725

The CVE-2025-11725 entry concerns the Aruba HiSpeed Cache WordPress plugin, affected up to version 3.0.2. The vulnerability arises from missing capability checks in multiple functions, allowing unauthenticated attackers to modify the plugin’s configuration settings and enable/disable features. Im...

SUSE CVE-2026-23219

In the Linux kernel, the following vulnerability has been resolved: mm/slab: Add alloctaggingslabfreehook for memcgallocabortsingle When CONFIGMEMALLOCPROFILINGDEBUG is enabled, the following warning may be noticed: 3959.023862 ------------ cut here ------------ 3959.023891 alloctag was not clear...

PT-2026-20574

Name of the Vulnerable Software and Affected Versions Aruba HiSpeed Cache versions up to and including 3.0.2 Description The Aruba HiSpeed Cache plugin for WordPress is susceptible to unauthorized data modification because of absent capability checks in several functions. This allows...

PT-2026-20641

Name of the Vulnerable Software and Affected Versions xmlrpc attacks blocker plugin for WordPress versions prior to 1.1 Description The xmlrpc attacks blocker plugin for WordPress is susceptible to Stored Cross-Site Scripting. This occurs due to the plugin trusting and logging attacker-controlled...

UBUNTU-CVE-2026-23219

In the Linux kernel, the following vulnerability has been resolved: mm/slab: Add alloctaggingslabfreehook for memcgallocabortsingle When CONFIGMEMALLOCPROFILINGDEBUG is enabled, the following warning may be noticed: 3959.023862 ------------ cut here ------------ 3959.023891 alloctag was not clear...

CVE-2026-23219 mm/slab: Add alloc_tagging_slab_free_hook for memcg_alloc_abort_single

In the Linux kernel, the following vulnerability has been resolved: mm/slab: Add alloctaggingslabfreehook for memcgallocabortsingle When CONFIGMEMALLOCPROFILINGDEBUG is enabled, the following warning may be noticed: 3959.023862 ------------ cut here ------------ 3959.023891 alloctag was not clear...

CVE-2026-23219

CVE-2026-23219 concerns the Linux kernel (mm/slab) where alloc_tagging_slab_free_hook was not invoked in memcg_alloc_abort_single, causing a spurious warning: “alloc_tag was not cleared …” when CONFIG_MEM_ALLOC_PROFILING_DEBUG is enabled. The issue arises because the existing __memcg_slab_post_al...

Linux Distros Unpatched Vulnerability : CVE-2026-23219

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - mm/slab: Add alloctaggingslabfreehook for memcgallocabortsingle When CONFIGMEMALLOCPROFILINGDEBUG is enabled, the following warning may be noticed: 3959.023862...

PT-2026-20431

In the Linux kernel, the following vulnerability has been resolved: mm/slab: Add alloc tagging slab free hook for memcg alloc abort single When CONFIG MEM ALLOC PROFILING DEBUG is enabled, the following warning may be noticed: 3959.023862 ------------ cut here ------------ 3959.023891 alloc tag w...

CVE-2024-36319

Debug code left active in AMD's Video Decoder Engine Firmware VCN FW could allow a attacker to submit a maliciously crafted command causing the VCN FW to perform read/writes HW registers, potentially impacting confidentiality, integrity and availabilability of the system...

UBUNTU-CVE-2026-23131

In the Linux kernel, the following vulnerability has been resolved: platform/x86: hp-bioscfg: Fix kobject warnings for empty attribute names The hp-bioscfg driver attempts to register kobjects with empty names when the HP BIOS returns attributes with empty name strings. This causes multiple kerne...

CVE-2026-23131

In the Linux kernel, the following vulnerability has been resolved: platform/x86: hp-bioscfg: Fix kobject warnings for empty attribute names The hp-bioscfg driver attempts to register kobjects with empty names when the HP BIOS returns attributes with empty name strings. This causes multiple kerne...