6104 matches found
WordPress Plugin 'LA Studio Element Kit for Elementor' < 1.6.0 Unauthenticated Privilege Escalation via Backdoor
The WordPress application running on the remote host has a version of the 'LA Studio Element Kit for Elementor' plugin that is prior to 1.6.0. It is, therefore, affected by an unauthenticated privilege escalation vulnerability. The plugin contains a backdoor that allows unauthenticated attackers ...
php: heap-based buffer overflow in array_merge()
A flaw was found in PHP. A heap-based buffer overflow occurs in the arraymerge function when the total element count of packed arrays exceeds the 32-bit limit or the internal HTMAXSIZE due to an integer overflow in the precomputation of element counts using the zendhashnumelements function, causi...
BIT-DOTNET-SDK-2026-21218 .NET Spoofing Vulnerability
Improper handling of missing special element in .NET allows an unauthorized attacker to perform spoofing over a network...
CVE-2026-1793
The Element Pack Addons for Elementor plugin for WordPress is vulnerable to arbitrary file reads in all versions up to, and including, 8.3.17 via the SVG widget and a lack of sufficient file validation in the 'rendersvg' function. This makes it possible for authenticated attackers, with...
CVE-2026-1793
The Element Pack Addons for Elementor plugin for WordPress is vulnerable to arbitrary file reads in all versions up to, and including, 8.3.17 via the SVG widget and a lack of sufficient file validation in the 'rendersvg' function. This makes it possible for authenticated attackers, with...
CVE-2026-1793 Element Pack Addons for Elementor <= 8.3.17 - Authenticated (Contributor+) Arbitrary File Read
The Element Pack Addons for Elementor plugin for WordPress is vulnerable to arbitrary file reads in all versions up to, and including, 8.3.17 via the SVG widget and a lack of sufficient file validation in the 'rendersvg' function. This makes it possible for authenticated attackers, with...
CVE-2026-1793
The Element Pack Addons for Elementor plugin for WordPress is vulnerable to arbitrary file reads in all versions up to, and including, 8.3.17 via the SVG widget and a lack of sufficient file validation in the 'rendersvg' function. This makes it possible for authenticated attackers, with...
CVE-2026-1793 Element Pack Addons for Elementor <= 8.3.17 - Authenticated (Contributor+) Arbitrary File Read
The Element Pack Addons for Elementor plugin for WordPress is vulnerable to arbitrary file reads in all versions up to, and including, 8.3.17 via the SVG widget and a lack of sufficient file validation in the 'rendersvg' function. This makes it possible for authenticated attackers, with...
EUVD-2026-5833
The Element Pack Addons for Elementor plugin for WordPress is vulnerable to arbitrary file reads in all versions up to, and including, 8.3.17 via the SVG widget and a lack of sufficient file validation in the 'rendersvg' function. This makes it possible for authenticated attackers, with...
CVE-2026-1793
The CVE-2026-1793 entry concerns the Element Pack Addons for Elementor plugin for WordPress. All versions up to and including 8.3.17 are vulnerable via the SVG widget due to insufficient file validation in the render_svg function, enabling authenticated attackers with contributor-level access or ...
WordPress plugin Element Pack Addons for Elementor 路径遍历漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that extends the...
Linux kernel 安全漏洞
The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from improper parsing of the TID-To-Link Mapping element, potentially leading to out-of-bounds reads...
CVE-2026-24044
Element Server Suite Community Edition ESS Community deploys a Matrix stack using the provided Helm charts and Kubernetes distribution. The ESS Community Helm Chart secrets initialization hook using matrix-tools container before 0.5.7 is using an insecure Matrix server key generation method,...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a logical error in the reverse generation mask check logic within the nftmapcatchallactivate...
CVE-2026-24044
Element Server Suite Community Edition ESS Community deploys a Matrix stack using the provided Helm charts and Kubernetes distribution. The ESS Community Helm Chart secrets initialization hook using matrix-tools container before 0.5.7 is using an insecure Matrix server key generation method,...
CVE-2026-24044
Element Server Suite Community Edition ESS Community deploys a Matrix stack using the provided Helm charts and Kubernetes distribution. The ESS Community Helm Chart secrets initialization hook using matrix-tools container before 0.5.7 is using an insecure Matrix server key generation method,...
Element Server Suite 安全漏洞
Element Server Suite is a community edition of the Element open-source server suite. There are security vulnerabilities in Element Server Suite Community Edition ESS Community, which stem from an insecure method for generating Matrix server keys. This could allow network attackers to recreate the...
Linux Distros Unpatched Vulnerability : CVE-2026-21218
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper handling of missing special element in .NET allows an unauthorized attacker to perform spoofing over a network. CVE-2026-21218 Note that Nessus relies ...
CVE-2026-21218
Improper handling of missing special element in .NET allows an unauthorized attacker to perform spoofing over a network...
Improper Handling of Missing Special Element
Overview Affected versions of this package are vulnerable to Improper Handling of Missing Special Element in DecodeUnprotectedBucket in CoseMessage.cs. An attacker can gain unauthorized access or manipulate data by supplying a malicious payload that bypasses security mechanisms. Remediation...