655 matches found
Drupal Entity Share security vulnerability
Drupal Entity Share is a content sharing plugin for the Drupal community. Versions of Drupal Entity Share prior to 3.13.0 contained a security vulnerability, which was caused by improper authorization and could lead to forced browsing...
Drupal HTTP Client Manager security vulnerability
The Drupal HTTP Client Manager is an HTTP client management plugin for the Drupal community. Versions prior to 9.3.13, 10.0.2, and 11.0.1 of the Drupal HTTP Client Manager contained security vulnerabilities. These vulnerabilities were due to improper exception condition checks, which could lead t...
SUSE CVE-2026-22980
In the Linux kernel, the following vulnerability has been resolved: nfsd: provide locking for v4endgrace Writing to v4endgrace can race with server shutdown and result in memory being accessed after it was freed - reclaimstrhashtbl in particularly. We cannot hold nfsdmutex across the nfsd4endgrac...
IObit Uninstaller code-related vulnerabilities
IObit Uninstaller is a Windows software tool provided by IObit for forced uninstallation of programs. IObit Uninstaller 10 Pro has a code vulnerability that stems from an issue with service paths not being enclosed in quotes, which may lead to an increase in local privileges...
CVE-2026-22980
In the Linux kernel, the following vulnerability has been resolved: nfsd: provide locking for v4endgrace Writing to v4endgrace can race with server shutdown and result in memory being accessed after it was freed - reclaimstrhashtbl in particularly. We cannot hold nfsdmutex across the nfsd4endgrac...
AZL-78458 CVE-2026-22980 affecting package kernel for versions less than 5.15.200.1-1
In the Linux kernel, the following vulnerability has been resolved: nfsd: provide locking for v4endgrace Writing to v4endgrace can race with server shutdown and result in memory being accessed after it was freed - reclaimstrhashtbl in particularly. We cannot hold nfsdmutex across the nfsd4endgrac...
CVE-2026-22980
In the Linux kernel, the following vulnerability has been resolved: nfsd: provide locking for v4endgrace Writing to v4endgrace can race with server shutdown and result in memory being accessed after it was freed - reclaimstrhashtbl in particularly. We cannot hold nfsdmutex across the nfsd4endgrac...
UBUNTU-CVE-2026-22980
In the Linux kernel, the following vulnerability has been resolved: nfsd: provide locking for v4endgrace Writing to v4endgrace can race with server shutdown and result in memory being accessed after it was freed - reclaimstrhashtbl in particularly. We cannot hold nfsdmutex across the nfsd4endgrac...
CVE-2026-22980 nfsd: provide locking for v4_end_grace
In the Linux kernel, the following vulnerability has been resolved: nfsd: provide locking for v4endgrace Writing to v4endgrace can race with server shutdown and result in memory being accessed after it was freed - reclaimstrhashtbl in particularly. We cannot hold nfsdmutex across the nfsd4endgrac...
$15 Billion Pig Butchering Scam Boss Chen Zhi Extradited to China
Billionaire Chen Zhi and associates Xu Ji Liang and Shao Ji Hui have been extradited to China. This exclusive report details the collapse of the Prince Group's global scam network, the seizure of $15 billion in Bitcoin, and the forced labour camps behind the billion-dollar pig butchering fraud...
CVE-2020-7541
A CWE-425: Direct Request 'Forced Browsing' vulnerability exists in the Web Server on Modicon M340, Legacy Offers Modicon Quantum and Modicon Premium and associated Communication Modules see security notification for affected versions, that could cause disclosure of sensitive data when sending a...
CVE-2023-45598
A CWE-425 “Direct Request 'Forced Browsing'” vulnerability in the “measure” functionality of the web application allows a remote unauthenticated attacker to access confidential measure information. This issue affects: AiLux imx6 bundle below version imx61.0.7-2...
EUVD-2026-0757
Emlog is an open source website building system. In version 2.5.23, article creation functionality is vulnerable to cross-site request forgery CSRF. This can lead to a user being forced to post an article with arbitrary, attacker-controlled content. This, when combined with stored cross-site...
PT-2026-1117
Name of the Vulnerable Software and Affected Versions Emlog version 2.5.23 Description Emlog version 2.5.23’s article creation functionality is susceptible to cross-site request forgery CSRF. This allows an attacker to force a user to post an article containing arbitrary content. When combined wi...
PT-2026-4480
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the NFS daemon nfsd related to handling grace periods during server shutdown. Specifically, writing to the v4 end grace structure can occur concurrently with...
Fedora 42 : chromium (2025-0805619c28)
The remote Fedora 42 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2025-0805619c28 advisory. Update to 143.0.7499.146 High CVE-2025-14765: Use after free in WebGPU High CVE-2025-14766: Out of bounds read and write in V8 Force dark mode when...
CVE-2025-1885
URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Restajet Information Technologies Inc. Online Food Delivery System allows Phishing, Forceful Browsing. This issue affects Online Food Delivery System: through 19122025. NOTE: The vendor was contacted early about this disclosure bu...
PT-2025-52441
URL Redirection to Untrusted Site 'Open Redirect' vulnerability in Restajet Information Technologies Inc. Online Food Delivery System allows Phishing, Forceful Browsing.This issue affects Online Food Delivery System: through 19122025...
CVE-2025-57823
A direct request 'forced browsing' vulnerability in Fortinet FortiAuthenticator 6.6.0 through 6.6.6, FortiAuthenticator 6.5 all versions, FortiAuthenticator 6.4 all versions, FortiAuthenticator 6.3 all versions may allow an authenticated attacker with at least sponsor permissions to read and...
CVE-2025-57823
A direct request 'forced browsing' vulnerability in Fortinet FortiAuthenticator 6.6.0 through 6.6.6, FortiAuthenticator 6.5 all versions, FortiAuthenticator 6.4 all versions, FortiAuthenticator 6.3 all versions may allow an authenticated attacker with at least sponsor permissions to read and...