3649 matches found
CVE-2025-58924 WordPress Geya theme <= 1.15 - Local File Inclusion vulnerability
Technical details for CVE-2025-58924 are not provided in the supplied documents. No specifics on affected versions beyond
CVE-2026-12289
Privilege escalation in the Graphics: WebRender component. This vulnerability was fixed in Firefox 152, Firefox ESR 140.12, and Firefox ESR 115.37...
EUVD-2026-37008
Slim is a PHP micro framework that enables users to write simple web applications and APIs. In versions 4.4.0 through 4.15, if an application uses HttpException::setTitle and/or setDescription to include untrusted/request-derived data in the error title or description e.g. "No products found...
CVE-2026-48157
Slim PHP framework (versions 4.4.0–4.15) is affected by an HTML/JavaScript injection in error pages when HttpException::setTitle() and/or setDescription() are fed with untrusted data. The issue can occur in HTML error pages generated by Slim and is present even with displayErrorDetails = false; v...
EUVD-2026-36865
Unauthenticated Cross Site Scripting XSS in Funnel Builder by FunnelKit = 3.15.0.2 versions...
CVE-2026-9862
creationtimestamp| type| source ---|---|--- 2026-06-15 16:30:14+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3modpfnfc6n2a 2026-06-15 16:30:18+00:00| seen| https://infosec.exchange/users/offseq/statuses/116755071710658685 2026-06-15 16:42:13+00:00| seen|...
Microsoft Defender email security benchmarking: Key insights from one year of data
Microsoft publishes quarterly email security benchmarking data comparing Microsoft Defender against secure email gateway SEG and integrated cloud email security ICES vendors using real-world threat telemetry. A year ago, we set out to change how email security effectiveness is measured. With our...
CVE-2026-12193
creationtimestamp| type| source ---|---|--- 2026-06-15 00:00:36+00:00| seen| https://bsky.app/profile/offseq.bsky.social/post/3moby42wvt52y 2026-06-15 00:00:38+00:00| seen| https://infosec.exchange/users/offseq/statuses/116751180370821217 2026-06-15 01:00:26+00:00| seen|...
PT-2026-49615
CVE ID :CVE-2026-54294 Published : June 15, 2026, 6:33 p.m. | 1 hour, 17 minutes ago Description :None Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...
SUSE SLES15 Security Update : kubernetes1.24 (SUSE-SU-2026:2343-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2343-1 advisory. This update for kubernetes1.24 fixes the following issues - CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transpo...
SUSE SLES15 Security Update : kubernetes (SUSE-SU-2026:2342-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2342-1 advisory. This update for kubernetes fixes the following issues - CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport...
SUSE SLES15 Security Update : tomcat10 (SUSE-SU-2026:2377-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2377-1 advisory. This update for tomcat10 fixes the following issues Update to Tomcat 10.1.55: - CVE-2026-41284: Unbounded read in WebDAV LOCK and...
SUSE SLES15 Security Update : kubernetes1.26 (SUSE-SU-2026:2325-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2325-1 advisory. This update for kubernetes1.26 fixes the following issues - CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transpo...
SUSE SLES15 Security Update : kubernetes1.25 (SUSE-SU-2026:2345-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2345-1 advisory. Security fixes: - CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport when given bad SETTINGSMAXFRAMESIZE...
SUSE SLES15 Security Update : kubernetes1.27 (SUSE-SU-2026:2339-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2339-1 advisory. This update for kubernetes1.27 fixes the following issues - CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transpo...
SUSE SLED15 / SLES15 Security Update : xen (SUSE-SU-2026:2364-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2364-1 advisory. - CVE-2026-42487: x86 HVM I/O port list traversal bsc1266952. - CVE-2026-42488: x86: mismatched mapcache...
SUSE SLES15 Security Update : kernel (SUSE-SU-2026:2310-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2310-1 advisory. The SUSE Linux Enterprise 15 SP6 kernel was updated to fix various security issues The following security issues were fixed: -...
SUSE SLES15 Security Update : postgresql17 (SUSE-SU-2026:2303-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2303-1 advisory. This update for postgresql17 fixes the following issues Update to version 17.10. Security issues: - CVE-2026-6472: ensure the user...
SUSE SLES15 Security Update : google-cloud-sap-agent (SUSE-SU-2026:2372-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has a package installed that is affected by a vulnerability as referenced in the SUSE-SU-2026:2372-1 advisory. This update for google-cloud-sap-agent fixes the following issue - CVE-2026-33814: golang.org/x/net/http2: infinite loop in HTTP/2 transport...
CVE-2026-44207 Frappe: Insecure Direct Object Reference for email accounts
Frappe is a full-stack web application framework. Prior to versions 15.107.0 and 16.17.0, an IDOR vulnerability allows authenticated users to access other users' email configuration details. This issue has been patched in versions 15.107.0 and 16.17.0...