86 matches found
CVE-2026-37579
An issue in SMSGate sms-core=2.1.13.6 allows a remote attacker to execute arbitrary code via the Cmpp7FDeliverRequestMessageCodec.java component...
CVE-2026-37579
An issue in SMSGate sms-core=2.1.13.6 allows a remote attacker to execute arbitrary code via the Cmpp7FDeliverRequestMessageCodec.java component...
PT-2026-44371
An issue in SMSGate sms-core=2.1.13.6 allows a remote attacker to execute arbitrary code via the Cmpp7FDeliverRequestMessageCodec.java component...
CVE-2026-5426
Hard-coded ASP.NET/IIS machineKey value in Digital Knowledge KnowledgeDeliver deployments prior to February 24, 2026 allows adversaries to circumvent ViewState validation mechanisms and achieve remote code execution via malicious ViewState deserialization attacks...
EUVD-2026-23271
Hard-coded ASP.NET/IIS machineKey value in Digital Knowledge KnowledgeDeliver deployments prior to February 24, 2026 allows adversaries to circumvent ViewState validation mechanisms and achieve remote code execution via malicious ViewState deserialization attacks...
CVE-2026-5426
Hard-coded ASP.NET/IIS machineKey value in Digital Knowledge KnowledgeDeliver deployments prior to February 24, 2026 allows adversaries to circumvent ViewState validation mechanisms and achieve remote code execution via malicious ViewState deserialization attacks...
PT-2026-33340
Name of the Vulnerable Software and Affected Versions Digital Knowledge KnowledgeDeliver versions prior to February 24, 2026 Description Hard-coded ASP.NET/IIS machineKey values in standardized web.config files allow unauthenticated remote code execution. Attackers can use these shared keys to...
CVE-2026-23083
In the Linux kernel, the following vulnerability has been resolved: fou: Don't allow 0 for FOUATTRIPPROTO. fouudprecv has the same problem mentioned in the previous patch. If FOUATTRIPPROTO is set to 0, skb is not freed by fouudprecv nor "resubmit"-ted in ipprotocoldeliverrcu. Let's forbid 0 for...
Linux Distros Unpatched Vulnerability : CVE-2026-23083
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - fou: Don't allow 0 for FOUATTRIPPROTO. fouudprecv has the same problem mentioned in the previous patch. If FOUATTRIPPROTO is set to 0, skb is not freed by...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-002243)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002243 advisory. The ioapicdeliver function in virt/kvm/ioapic.c in the Linux kernel through 3.14.1 does not properly validate the kvmirqdeliverytoapic return value, which allows gue...
EUVD-2025-11670
Malicious code in bioql PyPI...
EUVD-2025-30722
Malicious code in bioql PyPI...
CVE-2025-57914
Cross-Site Request Forgery CSRF vulnerability in Matat Technologies Deliver via Shipos for WooCommerce wc-shipos-delivery allows Cross Site Request Forgery.This issue affects Deliver via Shipos for WooCommerce: from n/a through = 3.0.2...
WordPress Deliver via Shipos for WooCommerce plugin <= 3.0.2 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by Nabil Irawan in WordPress Plugin Deliver via Shipos for WooCommerce versions = 3.0.2...
CVE-2025-57914
Cross-Site Request Forgery CSRF vulnerability in Matat Technologies Deliver via Shipos for WooCommerce wc-shipos-delivery allows Cross Site Request Forgery.This issue affects Deliver via Shipos for WooCommerce: from n/a through = 3.0.2...
CVE-2025-57914 WordPress Deliver via Shipos for WooCommerce plugin <= 3.0.2 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Matat Technologies Deliver via Shipos for WooCommerce wc-shipos-delivery allows Cross Site Request Forgery.This issue affects Deliver via Shipos for WooCommerce: from n/a through = 3.0.2...
CVE-2025-57914
CVE-2025-57914 : CSRF flaw in Deliver via Shipos for WooCommerce (Matat Technologies) affects the Deliver via Shipos for WooCommerce plugin up to version 3.0.2. The description confirms a Cross-Site Request Forgery vulnerability, but the provided documents do not supply exploitation details, affe...
CVE-2025-57914 WordPress Deliver via Shipos for WooCommerce plugin <= 3.0.2 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Matat Technologies Deliver via Shipos for WooCommerce wc-shipos-delivery allows Cross Site Request Forgery.This issue affects Deliver via Shipos for WooCommerce: from n/a through = 3.0.2...
WordPress plugin Deliver via Shipos for WooCommerce 跨站请求伪造漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin that provides the ability to host a personal blog site on a PHP and MySQL based server. A cross-site...
PT-2025-38765
Name of the Vulnerable Software and Affected Versions Deliver via Shipos for WooCommerce versions through 3.0.2 Description A Cross-Site Request Forgery CSRF issue exists in Deliver via Shipos for WooCommerce. This allows attackers to perform actions on behalf of authenticated users...