CVE-2026-34642 After Effects | Heap-based Buffer Overflow (CWE-122)

After Effects versions 26.0, 25.6.4 and earlier are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file...

Security Bulletin: IBM SOAR QRadar Plugin App is vulnerable to using components with known vulnerabilities

Summary The product includes vulnerable components e.g., framework libraries that may be identified and exploited with automated tools. IBM SOAR QRadar Plugin App has addressed the applicable CVEs with an update. Vulnerability Details CVEID:CVE-2026-24049 DESCRIPTION: wheel is a command line tool...

CVE-2026-25306

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in 8theme XStore Core et-core-plugin allows Reflected XSS.This issue affects XStore Core: from n/a through = 5.6.4...

VulnCheck KEV: CVE-2026-25306

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in 8theme XStore Core et-core-plugin allows Reflected XSS.This issue affects XStore Core: from n/a through = 5.6.4...

EUVD-2026-11253

devalue has prototype pollution in devalue.parse and devalue.unflatten...

CVE-2026-30226 devalue has prototype pollution in devalue.parse and devalue.unflatten

Svelte devalue is a JavaScript library that serializes values into strings when JSON.stringify isn't sufficient for the job. In devalue v5.6.3 and earlier, devalue.parse and devalue.unflatten were susceptible to prototype pollution via maliciously crafted payloads. Successful exploitation could...

CVE-2026-25451

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in boldthemes Bold Page Builder bold-page-builder allows Stored XSS.This issue affects Bold Page Builder: from n/a through = 5.6.9...

CVE-2026-25451

CVE-2026-25451 describes a stored XSS flaw in WordPress Bold Page Builder (bold-page-builder) due to improper neutralization during web page generation. Affected: Bold Page Builder versions up to 5.6.9 (as per initial description). Root cause: improper input neutralization leading to stored paylo...

CVE-2026-25451 WordPress Bold Page Builder plugin <= 5.6.9 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in boldthemes Bold Page Builder bold-page-builder allows Stored XSS.This issue affects Bold Page Builder: from n/a through = 5.6.9...

EUVD-2025-27956

Malicious code in bioql PyPI...

CVE-2025-56432

creationtimestamp| type| source ---|---|--- 2025-08-26 16:15:50+00:00| seen| Telegram/LOoWECzn7KtgJ9KtXQPPq-BQMFnKnGfzqQY-oeJaNmgVmQ...

WordPress Eduma theme <= 5.6.4 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Ananda Dhakal Patchstack in WordPress Theme Eduma versions = 5.6.4...

Linux Distros Unpatched Vulnerability : CVE-2020-25645

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in the Linux kernel in versions before 5.9-rc7. Traffic between two Geneve endpoints may be unencrypted when IPsec is configured to encrypt...

WordPress Shopping Cart & eCommerce Store plugin <= 5.6.4 - Sensitive Information Exposure vulnerability

Sensitive Information Exposure vulnerability discovered by rptl in WordPress Plugin WP EasyCart versions = 5.6.4...

CVE-2023-38400

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Kriesi Enfold - Responsive Multi-Purpose Theme allows Reflected XSS.This issue affects Enfold - Responsive Multi-Purpose Theme: from n/a through 5.6.4...

SUSE CVE-2022-0676

Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.6.4...

radare2 资源管理错误漏洞

radare2 is a set of libraries and tools for working with binary files. A security vulnerability exists in radare2 versions prior to 5.6.4, which stems from a missing initialization assignment to an array in the software code, and can be exploited by an attacker to achieve a denial of service...

CVE-2022-0713

Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.6.4...

UBUNTU-CVE-2022-0676

Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.6.4...

GHSA-JFF2-QJW8-5476 Command Injection Vulnerability in systeminformation

Impact command injection vulnerability Patches Problem was fixed with a parameter check. Please upgrade to version = 5.6.4 Workarounds If you cannot upgrade, be sure to check or sanitize service parameters that are passed to si.inetLatency, si.inetChecksite, si.services, si.processLoad ... do onl...