24 matches found
2026-06 Dynamic Cumulative Update for Windows 10 Version 21H2 for ARM64-based Systems (KB5094127)
ComponentUpdate: A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft...
CVE-2026-5032
The W3 Total Cache plugin for WordPress is vulnerable to information exposure in all versions up to, and including, 2.9.3. This is due to the plugin bypassing its entire output buffering and processing pipeline when the request's User-Agent header contains "W3 Total Cache", which causes raw...
CVE-2026-5032
The W3 Total Cache plugin for WordPress is vulnerable to information exposure in all versions up to, and including, 2.9.3. This is due to the plugin bypassing its entire output buffering and processing pipeline when the request's User-Agent header contains "W3 Total Cache", which causes raw...
CVE-2026-5032
CVE-2026-5032 affects the WordPress plugin W3 Total Cache (versions
CVE-2026-5032 W3 Total Cache <= 2.9.3 - Unauthenticated Security Token Exposure via User-Agent Header
The W3 Total Cache plugin for WordPress is vulnerable to information exposure in all versions up to, and including, 2.9.3. This is due to the plugin bypassing its entire output buffering and processing pipeline when the request's User-Agent header contains "W3 Total Cache", which causes raw...
CVE-2026-5032
The W3 Total Cache plugin for WordPress is vulnerable to information exposure in all versions up to, and including, 2.9.3. This is due to the plugin bypassing its entire output buffering and processing pipeline when the request's User-Agent header contains "W3 Total Cache", which causes raw...
PT-2026-29688
Name of the Vulnerable Software and Affected Versions W3 Total Cache versions up to and including 2.9.3 Description The W3 Total Cache plugin for WordPress is susceptible to information disclosure. The plugin bypasses its output buffering and processing when the User-Agent header contains "W3 Tot...
WordPress plugin W3 Total Cache 信息泄露漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...
EUVD-2021-21090
Malware in sbrugna...
Wing Security SaaS Pulse: Continuous Security & Actionable Insights — For Free
Designed to be more than a one-time assessment— Wing Security's SaaS Pulse provides organizations with actionable insights and continuous oversight into their SaaS security posture—and it's free! Introducing SaaS Pulse: Free Continuous SaaS Risk Management Just like waiting for a medical issue to...
Information Disclosure
mosquitto is vulnerable to Information Disclosure. This vulnerability occurs when the dynamic security plugin is used and a client is revoked the ability to make subscriptions on a topic while it is offline. In this case, the existing subscriptions for that client are not revoked, which allows th...
SUSE CVE-2021-34434
In Eclipse Mosquitto versions 2.0 to 2.0.11, when using the dynamic security plugin, if the ability for a client to make subscriptions on a topic is revoked when a durable client is offline, then existing subscriptions for that client are not revoked...
The vulnerability of the Dynamic Security plugin of the Mosquitto messaging broker allows a hacker to gain access to confidential data.
The vulnerability of the Dynamic Security plugin of the Mosquitto messaging broker is related to improper authentication. Exploiting this vulnerability allows a malicious actor, operating remotely, to gain access to confidential data...
Exploring a New Class of Kernel Exploit Primitive
The security landscape is dynamic, changing often and as a result, attack surfaces evolve. MSRC receives a wide variety of cases spanning different products, bug types and exploit primitives. One particularly interesting primitive we see is an arbitrary kernel pointer read. These often happen whe...
Eclipse Mosquitto License Issue Vulnerability
Eclipse Mosquitto is a set of open source messaging agent software from the Eclipse Foundation. eclipse Mosquitto has a security vulnerability that stems from the fact that in Eclipse mosquito versions 2.0 through 2.0.11, when using the dynamic security plugin, if a client is unsubscribed from a...
CVE-2021-34434
In Eclipse Mosquitto versions 2.0 to 2.0.11, when using the dynamic security plugin, if the ability for a client to make subscriptions on a topic is revoked when a durable client is offline, then existing subscriptions for that client are not revoked...
CVE-2021-34434
In Eclipse Mosquitto versions 2.0 to 2.0.11, when using the dynamic security plugin, if the ability for a client to make subscriptions on a topic is revoked when a durable client is offline, then existing subscriptions for that client are not revoked...
Design/Logic Flaw
In Eclipse Mosquitto versions 2.0 to 2.0.11, when using the dynamic security plugin, if the ability for a client to make subscriptions on a topic is revoked when a durable client is offline, then existing subscriptions for that client are not revoked...
UBUNTU-CVE-2021-34434
In Eclipse Mosquitto versions 2.0 to 2.0.11, when using the dynamic security plugin, if the ability for a client to make subscriptions on a topic is revoked when a durable client is offline, then existing subscriptions for that client are not revoked...
CVE-2021-34434
In Eclipse Mosquitto versions 2.0 to 2.0.11, when using the dynamic security plugin, if the ability for a client to make subscriptions on a topic is revoked when a durable client is offline, then existing subscriptions for that client are not revoked...