CVE-2026-42658

Unauthenticated Cross Site Scripting XSS in Classified Listing = 5.3.8 versions...

CVE-2026-42658 WordPress Classified Listing plugin <= 5.3.8 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in Classified Listing = 5.3.8 versions...

EUVD-2026-36823

Unauthenticated Cross Site Scripting XSS in Classified Listing = 5.3.8 versions...

EUVD-2026-36816

Unauthenticated Broken Access Control in Classified Listing = 5.3.8 versions...

PT-2026-49449

Unauthenticated Cross Site Scripting XSS in Classified Listing = 5.3.8 versions...

CVE-2026-42679

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Mamunur Rashid Classified Listing allows Path Traversal. This issue affects Classified Listing: from n/a through 5.3.8...

CVE-2026-42679 WordPress Classified Listing plugin <= 5.3.8 - Arbitrary File Download vulnerability

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Mamunur Rashid Classified Listing allows Path Traversal. This issue affects Classified Listing: from n/a through 5.3.8...

PT-2026-45466

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Mamunur Rashid Classified Listing allows Path Traversal. This issue affects Classified Listing: from n/a through 5.3.8...

WordPress Classified Listing plugin <= 5.3.8 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Cruzer in WordPress Plugin Classified Listing versions = 5.3.8...

EUVD-2026-8811

fast-xml-parser has stack overflow in XMLBuilder with preserveOrder...

GHSA-FJ3W-JWP8-X2G3 fast-xml-parser has stack overflow in XMLBuilder with preserveOrder

Impact Application crashes with stack overflow when user use XML builder with prserveOrder:true for following or similar input 'foo': 'bar': '@V': 'baz' Cause: arrToStr was not validating if the input is an array or a string and treating all non-array values as text content. What kind of...

CVE-2026-27942

fast-xml-parser allows users to validate XML, parse XML to JS object, or build XML from JS object without C/C++ based libraries and no callback. Prior to version 5.3.8, the application crashes with stack overflow when user use XML builder with preserveOrder:true. Version 5.3.8 fixes the issue. As...

PT-2026-22099

Name of the Vulnerable Software and Affected Versions fast-xml-parser versions prior to 5.3.8 Description fast-xml-parser is a tool for XML validation, parsing XML to JavaScript objects, and building XML from JavaScript objects without relying on C/C++ libraries or callbacks. Prior to version...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003701)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003701 advisory. A memory leak in the komedawbconnectoradd function in drivers/gpu/drm/arm/display/komeda/komedawbconnector.c in the Linux kernel before 5.3.8 allows attackers to cau...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003586)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003586 advisory. In the Linux kernel through 5.3.8, f-fmt.sdr.reserved is uninitialized in rcardrifgfmtsdrcap in drivers/media/platform/rcardrif.c, which could cause a memory...

CVE-2023-53848

In the Linux kernel, the following vulnerability has been resolved: md/raid5-cache: fix a deadlock in r5lexitlog Commit b13015af94cf "md/raid5-cache: Clear conf-log after finishing work" introduce a new problem: // caller hold reconfigmutex r5lexitlog flushwork&log-disablewritebackwork...

Contao 安全漏洞

Contao is an open source Content Management System CMS developed in PHP by Contao Open Source. The system supports search engines, rights management, and CSS frameworks. A security vulnerability exists in Contao version 5.3.38 and versions prior to 5.6.1, which stems from the possibility of...

CVE-2024-33557

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in 8theme XStore Core allows PHP Local File Inclusion.This issue affects XStore Core: from n/a through 5.3.8...

WordPress Plugin Modal Window 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A security vulnerability exists in...

SUSE CVE-2012-0781

The tidydiagnose function in PHP 5.3.8 might allow remote attackers to cause a denial of service NULL pointer dereference and application crash via crafted input to an application that attempts to perform Tidy::diagnose operations on invalid objects, a different vulnerability than CVE-2011-4153...