20 matches found
EUVD-2026-29954
The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the pminviteuser function in all versions up to, and including, 5.9.8.4. This makes it possible for authenticated attackers, with Subscriber-level...
CVE-2026-4609
The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the pminviteuser function in all versions up to, and including, 5.9.8.4. This makes it possible for authenticated attackers, with Subscriber-level...
CVE-2026-25417
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Metagauss ProfileGrid profilegrid-user-profiles-groups-and-communities allows Stored XSS.This issue affects ProfileGrid : from n/a through = 5.9.8.1...
EUVD-2026-15723
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Metagauss ProfileGrid profilegrid-user-profiles-groups-and-communities allows Stored XSS.This issue affects ProfileGrid : from n/a through = 5.9.8.1...
CVE-2025-66489
Cal.com is open-source scheduling software. Prior to 5.9.8, A flaw in the login credentials provider allows an attacker to bypass password verification when a TOTP code is provided, potentially gaining unauthorized access to user accounts. This issue exists due to problematic conditional logic in...
EUVD-2025-201128
Cal.com is open-source scheduling software. Prior to 5.9.8, A flaw in the login credentials provider allows an attacker to bypass password verification when a TOTP code is provided, potentially gaining unauthorized access to user accounts. This issue exists due to problematic conditional logic in...
CVE-2025-66489 Cal.com Authentication Bypass via bad TOTP + password checks
Cal.com is open-source scheduling software. Prior to 5.9.8, A flaw in the login credentials provider allows an attacker to bypass password verification when a TOTP code is provided, potentially gaining unauthorized access to user accounts. This issue exists due to problematic conditional logic in...
PT-2025-48991
Name of the Vulnerable Software and Affected Versions Cal.com versions prior to 5.9.8 Description Cal.com, an open-source scheduling software, has a flaw in its login credentials provider. This issue allows an attacker to bypass password verification if a TOTP Time-Based One-Time Password code is...
SUSE CVE-2025-60361
radare2 v5.9.8 and before contains a memory leak in the function bochsopen...
CVE-2025-60360
radare2 v5.9.8 and before contains a memory leak in the function r2rsubprocessinit...
CVE-2025-60360
radare2 v5.9.8 and before contains a memory leak in the function r2rsubprocessinit...
CVE-2025-60360
radare2 v5.9.8 and before contains a memory leak in the function r2rsubprocessinit...
CVE-2025-60361
radare2 v5.9.8 and before contains a memory leak in the function bochsopen...
EUVD-2025-34833
radare2 v.5.9.8 and before contains a memory leak in the function loadrelocations...
CVE-2025-60358
radare2 v.5.9.8 and before contains a memory leak in the function loadrelocations...
PT-2024-17728 · WordPress · Essential Addons For Elementor
Name of the Vulnerable Software and Affected Versions: The Essential Addons for Elementor plugin for WordPress versions up to, and including, 5.9.8 Description: The issue is related to Stored Cross-Site Scripting due to insufficient input sanitization and output escaping, specifically via the...
AZL-26300 CVE-2023-26463 affecting package strongswan for versions less than 5.9.10-1
strongSwan 5.9.8 and 5.9.9 potentially allows remote code execution because it uses a variable named "public" for two different purposes within the same function. There is initially incorrect access control, later followed by an expired pointer dereference. One attack vector is sending an untrust...
strongSwan 信任管理问题漏洞
strongSwan is a Swiss Andreas Steffen personal developer of a Linux platform to use the open source IPsec-based VPN solution. The solution includes authentication mechanisms such as X.509 public key certificates, securely stored private keys, and smart cards. A security vulnerability exists in...
CVE-2021-36908
Cross-Site Request Forgery CSRF vulnerability in WebFactory Ltd. WP Reset PRO plugin = 5.98 versions...
Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012 (KB4598501)
Security and Quality Rollup for .NET Framework 3.5, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 for Windows Server 2012 KB4598501 Applies to: Microsoft .NET Framework 3.5 Microsoft .NET Framework 4.5.2 Microsoft .NET Framework 4.6 Microsoft .NET Framework 4.6.1 Microsoft .NET Framework 4.6.2...