733 matches found
CVE-2026-6541
creationtimestamp| type| source ---|---|--- 2026-07-13 13:19:19+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqjrrssiwv27 2026-07-13 13:34:43+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqjsnlua352g 2026-07-13 18:19:01+00:00| seen|...
CVE-2026-40553
Buffer overflow vulnerability has been found in "extension/readdir.c" program file of gawk ftype routine. This issue could be used to crash the program and potentially to achieve code execution, although the latter has not been confirmed to be feasible. It affects gawk in versions 5.4.0 and below...
CVE-2026-40469
In the provided documents, CVE-2026-40469 affects gawk, specifically 32-bit builds in versions 5.4.0 and earlier. The root cause is an integer overflow in the do_sub (subroutine) path within builtin.c, which could allow overwriting heap metadata and related objects, potentially causing the progra...
CVE-2026-40469 Heap buffer overflow in gawk
Integer overflow vulnerability has been found in "builtin.c" program file of gawk dosub routine. This issue could be used to overwrite gawk heap metadata and objects causing the program to crash. It affects 32-bit builds of gawk in versions 5.4.0 and below...
CVE-2026-40469
Integer overflow vulnerability has been found in "builtin.c" program file of gawk dosub routine. This issue could be used to overwrite gawk heap metadata and objects causing the program to crash. It affects 32-bit builds of gawk in versions 5.4.0 and below...
CVE-2026-40468
The CVE-2026-40468 entry concerns gawk (versions 5.4.0 and earlier) with an integer overflow in the builtin.c file. The flaw can cause memory exhaustion and may enable overwriting heap metadata and objects with attacker-controlled bytes. This is described across multiple feeds (NVD/NIST entry and...
CVE-2026-40467
Use After Free vulnerability has been found in "io.c" program file of gawk dogetlineredir routine. This issue may lead to a crash. It affects gawk in versions 5.4.0 and below...
CVE-2026-57734
The CVE concerns WordPress tagDiv Composer (td-composer). Affected: tagDiv Composer
CVE-2026-15300
CVE-2026-15300 affects the GEO my WP WordPress plugin up to version 4.5.4. An SQL injection exists via the distance, lat, and lng parameters. Values are read from $_SERVER['QUERY_STRING'] with parse_str(), then passed through bare esc_sql() and interpolated into unquoted numeric positions in the ...
CVE-2026-54002 Kirby: Cross-site scripting (XSS) from incomplete HTML/XML sanitization in `Dom::sanitize()`
Kirby is an open-source content management system. Prior to 4.9.4 and 5.4.4, Kirby sites and plugins that use the writer or list fields or call Dom::sanitize, Sane::sanitize, Sane::Html::sanitize, Sane::Svg::sanitize, Sane::Xml::sanitize, Sane::sanitizeFile, or file sanitizeContents with untruste...
CVE-2026-54402
creationtimestamp| type| source ---|---|--- 2026-07-02 18:19:42+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mponh36wia2z 2026-07-03 07:08:02+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mppyewqvlf2d 2026-07-03 21:36:06+00:00| seen|...
CVE-2026-57355
Subscriber Broken Access Control in Classified Listing = 5.4.2 versions...
CVE-2026-57344
Summary: Unauthenticated Cross Site Scripting (XSS) vulnerability in the WordPress Classified Listing plugin (versions <= 5.4.2). Affected product: WordPress Classified Listing plugin.Versions:
CVE-2025-69156 WordPress Kids Zone - Children WordPress Theme theme <= 5.4 - Cross Site Scripting (XSS) vulnerability
Unauthenticated Cross Site Scripting XSS in Kids Zone - Children WordPress Theme = 5.4 versions...
CVE-2025-69133
Subscriber Local File Inclusion in Tourmaster = 5.4.5 versions...
PT-2026-54969
Unauthenticated Cross Site Scripting XSS in Kids Zone - Children WordPress Theme = 5.4 versions...
WordPress Kids Zone - Children WordPress Theme theme <= 6.9 - Cross Site Scripting (XSS) vulnerability
WordPress Kids Zone - Children WordPress Theme theme = 6.9 - Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Theme Kids Zone - Children WordPress Theme versions = 6.9...
Security Bulletin: Multiple vulnerabilities in IBM Watsonx BI Assistant for CP4D
Summary Multiple vulnerabilities were addressed in IBM Watsonx BI Assistant for CP4D version 5.4.0 Vulnerability Details CVEID:CVE-2026-26996 DESCRIPTION: minimatch is a minimal matching utility for converting glob expressions into JavaScript RegExp objects. Versions 10.2.0 and below are vulnerab...
EUVD-2026-39615
The Groundhogg — CRM, Newsletters, and Marketing Automation plugin for WordPress is vulnerable to generic SQL Injection via the 'after' parameter in all versions up to, and including, 4.5.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the...
CVE-2026-42389
This fix provides extra hardening for the 5.4.x branch by doing extra validation of incoming answers from authoritative servers...