Security Bulletin: IBM InfoSphere Optim Archive Viewer is affected by multiple vulnerabilities in minimatch (CVE-2026-26996, CVE-2026-27903, CVE-2026-27904)

Summary Multiple vulnerabilities in the minimatch matching utility CVE-2026-26996, CVE-2026-27903, CVE-2026-27904 used by IBM InfoSphere Optim Archive Viewer have been addressed by upgrading the component to version 5.1.8. Vulnerability Details CVEID:CVE-2026-26996 DESCRIPTION: minimatch is a...

CVE-2026-7705

A flaw has been found in JD Cloud JDCOS 4.5.1.r4518. This vulnerability affects the function setiptvinfo of the file /jdcap of the component Service Interface. Executing a manipulation of the argument vid can lead to command injection. It is possible to launch the attack remotely. The exploit has...

PT-2026-31125

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in WP Chill Download Monitor download-monitor allows Blind SQL Injection.This issue affects Download Monitor: from n/a through = 5.1.8...

WordPress plugin Download Monitor SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003817)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003817 advisory. An issue was discovered in the Linux kernel before 5.1.8. There is a double-free caused by a malicious USB device in the drivers/usb/misc/rio500.c driver. Tenable ha...

SQL Injection

Overview fosslight-binary is a FOSSLight Binary Scanner Affected versions of this package are vulnerable to SQL Injection due to unsanitized string formatting of filename-, hecksum-, and TLSH-derived values into SQL queries. An attacker can view, modify, or delete data in the underlying database,...

WordPress Essential Real Estate plugin <= 5.1.8 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Dhabaleshwar Das in WordPress Plugin Essential Real Estate versions = 5.1.8...

PT-2025-1970 · WordPress · Adforest

Name of the Vulnerable Software and Affected Versions: AdForest theme for WordPress versions up to, and including, 5.1.8 Description: The AdForest theme for WordPress is vulnerable to authentication bypass due to the plugin not properly verifying a user's identity prior to logging them in as that...

CVE-2021-3038

A denial-of-service DoS vulnerability in Palo Alto Networks GlobalProtect app on Windows systems allows a limited Windows user to send specifically-crafted input to the GlobalProtect app that results in a Windows blue screen of death BSOD error. This issue impacts: GlobalProtect app 5.1 versions...

Linux kernel code issue vulnerability

Linux kernel is the kernel used by Linux, an open source operating system released by the Linux Foundation in the U.S. A code issue vulnerability exists in the sound/usb/line6/driver.c file in versions of Linux kernel prior to 5.1.8. The vulnerability stems from an improperly designed or...

Linux kernel code issue vulnerability (CNVD-2019-29599)

Linux kernel is the kernel used by Linux, the open source operating system released by the Linux Foundation in the United States. A code issue vulnerability exists in the drivers/usb/misc/sisusbvga/sisusb.c file in versions of Linux kernel prior to 5.1.8. The vulnerability stems from an improperl...

PT-2019-3349 · Linux +4 · Linux Kernel +4

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 5.1.8 Description: The issue is related to a NULL pointer dereference in the sound/usb/line6/driver.c driver, which can be caused by a malicious USB device. This can lead to a denial of service. Recommendations:...

CVE-2018-1002000

There is blind SQL injection in WordPress Arigato Autoresponder and Newsletter v2.5.1.8 These vulnerabilities require administrative privileges to exploit. There is an exploitable blind SQL injection vulnerability via the delids variable by POST request...

Momentum Axel 720P Buffer Overflow Vulnerability

The Momentum Axel 720P is a dual-band HD camera that supports WiFi connectivity. A buffer overflow vulnerability exists in Momentum Axel 720P version 5.1.8. An attacker can exploit this vulnerability to gain access to user accounts...