CVE-2026-3694

CVE-2026-3694 affects the Bold Page Builder plugin for WordPress. The vulnerability is a Stored Cross-Site Scripting (XSS) flaw in the bt_bb_button shortcode’s 'text' attribute across all versions up to and including 5.6.8. It stems from insufficient input sanitization and output escaping for use...

CVE-2026-3694 Bold Page Builder <= 5.6.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via bt_bb_button Shortcode

The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'text' attribute of the btbbbutton shortcode in all versions up to, and including, 5.6.8. This is due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

EUVD-2025-209714

Missing Authorization vulnerability in Magepeople inc. Bus Ticket Booking with Seat Reservation allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Bus Ticket Booking with Seat Reservation: from n/a before 5.6.8...

CVE-2025-66105 WordPress Bus Ticket Booking with Seat Reservation plugin < 5.6.8 - Broken Access Control vulnerability

Missing Authorization vulnerability in Magepeople inc. Bus Ticket Booking with Seat Reservation allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Bus Ticket Booking with Seat Reservation: from n/a before 5.6.8...

Astra Linux – Vulnerability in Puma

Puma is a web server for Ruby/Rack applications built for parallelism. Prior to version 6.4.2, Puma exhibited incorrect behavior when parsing chunked transfer encoding bodies, allowing HTTP request smuggling. The fixed versions limit the size of chunk extensions. Without this limitation, an...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003935)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003935 advisory. usbsgcancel in drivers/usb/core/message.c in the Linux kernel before 5.6.8 has a use-after-free because a transfer occurs without a reference, aka CID-056ad39ee925...

@luxos/share-panel (>=1.0.0 <=1.0.3), @types/cordova-plugin-x-socialsharing (>=5.4.5 <=5.4.8) +4 more potentially affected by CVE-2025-65835 via cordova-plugin-x-socialsharing (>=5.6.8 <=6.0.4)

cordova-plugin-x-socialsharing NPM version =5.6.8, =1.0.0, =5.4.5, =0.0.1, =1.0.0 - radoo-odc-app =0.0.1 Source cves: CVE-2025-65835 Source advisory: SNYK:JS-CORDOVAPLUGINXSOCIALSHARING-14426472...

SUSE CVE-2024-21647

Puma is a web server for Ruby/Rack applications built for parallelism. Prior to version 6.4.2, puma exhibited incorrect behavior when parsing chunked transfer encoding bodies in a way that allowed HTTP request smuggling. Fixed versions limits the size of chunk extensions. Without this limit, an...

Telit Cinterion BGS5 Security Vulnerability

Telit Cinterion BGS5 is a mobile communication module from Telit Communications Telit. A security vulnerability exists in Telit Cinterion that originates from allowing an attacker with physical access privileges to gain read and write access to any file and directory on the target system. Affecte...

SUSE CVE-2022-1238

Out-of-bounds Write in libr/bin/format/ne/ne.c in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is heap overflow and may be exploitable. For more general description of heap buffer overflow, see CWE...

SUSE CVE-2022-1244

heap-buffer-overflow in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is capable of inducing denial of service...

CVE-2022-3568

creationtimestamp| type| source ---|---|--- 2023-02-10 16:57:50+00:00| seen| https://t.me/cibsecurity/57906...

UBUNTU-CVE-2022-1382

NULL Pointer Dereference in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is capable of making the radare2 crash, thus affecting the availability of the system...

CVE-2022-1297

Out-of-bounds Read in rbinnegetentrypoints function in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability may allow attackers to read sensitive information or cause a crash...

UBUNTU-CVE-2022-1283

NULL Pointer Dereference in rbinnegetentrypoints function in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability allows attackers to cause a denial of service application crash...

CVE-2022-1244

heap-buffer-overflow in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is capable of inducing denial of service...

UBUNTU-CVE-2022-1207

Out-of-bounds read in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability allows attackers to read sensitive information from outside the allocated buffer boundary...

radare2 缓冲区错误漏洞

radare2 is a set of libraries and tools for working with binary files. radare2 versions prior to 5.6.8 contain an out-of-bounds read vulnerability that can be exploited by attackers to read sensitive information from outside the allocated buffer boundary...

DEBIAN-CVE-2020-12464

usbsgcancel in drivers/usb/core/message.c in the Linux kernel before 5.6.8 has a use-after-free because a transfer occurs without a reference, aka CID-056ad39ee925...