CVE-2026-29974

An issue was discovered in kosma minmea 0.3.0. The minmeascan functions format specifier copies NMEA field data to a caller-provided buffer without a size parameter. Applications using minmeascan on untrusted input are vulnerable to a stack buffer overflow...

PT-2026-39143

Name of the Vulnerable Software and Affected Versions kosma minmea version 0.3.0 Description A stack buffer overflow exists in the minmea scan function. The format specifier within this function copies NMEA field data into a buffer provided by the caller without utilizing a size parameter. This c...

AI Survey: 50% of Organizations Struggle to Maintain Latency at Scale

The Akamai State of AI Inference report captures real data from the field that describes how AI inference is being built and scaled in production today...

CVE-2026-3642

The e-shot™ form builder plugin for WordPress is vulnerable to Missing Authorization in all versions up to and including 1.0.2. The eshotformbuilderupdatefielddata AJAX handler lacks any capability checks currentusercan or nonce verification checkajaxreferer/wpverifynonce. The function is...

Statamic 安全漏洞

Statamic is a powerful flat-file CMS built using Laravel by Statamic Inc. It allows all content, templates, assets, and settings to be stored in files rather than in a database. There were security vulnerabilities in versions prior to Statamic 5.73.16 and 6.7.2. These vulnerabilities allowed...

DRUPAL-CONTRIB-2025-113

CivicTheme is a design system and theme framework used to build content-rich Drupal websites. It includes editorial workflows, structured content types, and flexible theming components. CivicTheme does not sufficiently filter field data before rendering them in Twig templates. This combined with...

EUVD-2022-1150

Malicious code in bioql PyPI...

Siemens SCALANCE LPE9403 安全漏洞

Siemens SCALANCE LPE9403 is a local processing engine for industrial field data processing from Siemens. It is used to capture, collect and pre-process industrial field data. A security bypass vulnerability exists in the Siemens SCALANCE LPE9403, which is caused by bypassing authentication. An...

Siemens SCALANCE LPE9403 Operating System Command Injection Vulnerability

Siemens SCALANCE LPE9403 is a local processing engine for industrial field data processing from Siemens. It is used to capture, collect and pre-process industrial field data. The SCALANCE LPE9403 6GK5998-3GS00-2AC2 suffers from an operating system command injection vulnerability that originates...

Siemens SCALANCE LPE9403 Elevation of Privilege Vulnerability

Siemens SCALANCE LPE9403 is a local processing engine for industrial field data processing from Siemens. It is used to capture, collect and pre-process industrial field data. An elevation of privilege vulnerability exists in the Siemens SCALANCE LPE9403, which can be exploited by an attacker to...

ForgeRock OpenIDM 安全漏洞

ForgeRock OpenIDM is an identity management system from ForgeRock USA. A security vulnerability exists in ForgeRock OpenIDM that stems from improper input validation of query search results for private field data, allowing an attacker to cause an information disclosure through the use of...

BIT-DRUPAL-2020-13676

The QuickEdit module does not properly check access to fields in some circumstances, which can lead to unintended disclosure of field data. Sites are only affected if the QuickEdit module which comes with the Standard profile is installed...

WordPress theme Divi security vulnerability

WordPress is a blogging platform developed in PHP by the WordPress Foundation. The platform supports personal blog sites on servers running PHP and MySQL.WordPress theme is a theme for WordPress. A security vulnerability exists in WordPress theme Divi version 4.23.1 and earlier versions, which...

CVE-2023-21183

In ForegroundUtils of ForegroundUtils.java, there is a possible way to read NFC tag data while the app is still in the background due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

CVE-2023-30843

Payload is a free and open source headless content management system. In versions prior to 1.7.0, if a user has access to documents that contain hidden fields or fields they do not have access to, the user could reverse-engineer those values via brute force. Version 1.7.0 contains a patch. As a...

PT-2023-22998 · Pyload · Pyload

Name of the Vulnerable Software and Affected Versions: Payload versions prior to 1.7.0 Description: The issue allows a user to reverse-engineer hidden field values via brute force if they have access to documents containing these fields. This can be done by attempting to access hidden field data...

SUSE CVE-2015-7554

The TIFFVGetField function in tifdir.c in libtiff 4.0.6 allows attackers to cause a denial of service invalid memory write and crash or possibly have unspecified other impact via crafted field data in an extension tag in a TIFF image...

Incorrect Authorization in Drupal core

The QuickEdit module does not properly check access to fields in some circumstances, which can lead to unintended disclosure of field data. Sites are only affected if the QuickEdit module which comes with the Standard profile is installed...

GHSA-QFHG-M6R8-XXPJ Incorrect Authorization in Drupal core

The QuickEdit module does not properly check access to fields in some circumstances, which can lead to unintended disclosure of field data. Sites are only affected if the QuickEdit module which comes with the Standard profile is installed...

UBUNTU-CVE-2020-13676

The QuickEdit module does not properly check access to fields in some circumstances, which can lead to unintended disclosure of field data. Sites are only affected if the QuickEdit module which comes with the Standard profile is installed...