4105 matches found
Linux Distros Unpatched Vulnerability : CVE-2026-8521
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Use after free in Tab Groups in Google Chrome prior to 148.0.7778.168 allowed a remote attacker to execute arbitrary code via malicious network traffic. Chromiu...
EUVD-2026-29954
The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the pminviteuser function in all versions up to, and including, 5.9.8.4. This makes it possible for authenticated attackers, with Subscriber-level...
SUSE CVE-2026-7813
Authorization vulnerability in pgAdmin 4 server mode affecting Server Groups, Servers, Shared Servers, Background Processes, and Debugger modules. Multiple endpoints fetched user-owned objects without filtering by the requesting user's identity. An authenticated user could access another user's...
EUVD-2026-29831
PowerSYSTEM Center feature for device project groups allows an authenticated user with limited permissions to perform an unauthorized deletion of project groups...
WordPress plugin ProfileGrid 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
PT-2026-40611
The ProfileGrid – User Profiles, Groups and Communities plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the pm invite user function in all versions up to, and including, 5.9.8.4. This makes it possible for authenticated attackers, with Subscriber-lev...
CVE-2026-35555
PowerSYSTEM Center feature for device project groups allows an authenticated user with limited permissions to perform an unauthorized deletion of project groups...
CVE-2026-44224
Wiki.js is an open source wiki app built on Node.js. Prior to 2.5.313, the users.update GraphQL mutation accepts an arbitrary groups array and applies it directly to the database with no validation of the group IDs supplied. The resolver passes the caller's arguments straight to the model without...
CVE-2026-35555 Subnet Solutions PowerSYSTEM Center Incorrect Authorization
PowerSYSTEM Center feature for device project groups allows an authenticated user with limited permissions to perform an unauthorized deletion of project groups...
CVE-2026-35555
CVE-2026-35555 affects Subnet Solutions PowerSYSTEM Center: the device project groups feature permits an authenticated user with limited permissions to perform an unauthorized deletion of project groups. The description identifies an authorization issue in the project groups workflow without deta...
CVE-2026-35555
PowerSYSTEM Center feature for device project groups allows an authenticated user with limited permissions to perform an unauthorized deletion of project groups...
CVE-2026-35555 Subnet Solutions PowerSYSTEM Center Incorrect Authorization
PowerSYSTEM Center feature for device project groups allows an authenticated user with limited permissions to perform an unauthorized deletion of project groups...
CVE-2026-44224 Wiki.js: Privilege Escalation via Missing Group Validation in users.update
Wiki.js is an open source wiki app built on Node.js. Prior to 2.5.313, the users.update GraphQL mutation accepts an arbitrary groups array and applies it directly to the database with no validation of the group IDs supplied. The resolver passes the caller's arguments straight to the model without...
EUVD-2026-29838
Wiki.js is an open source wiki app built on Node.js. Prior to 2.5.313, the users.update GraphQL mutation accepts an arbitrary groups array and applies it directly to the database with no validation of the group IDs supplied. The resolver passes the caller's arguments straight to the model without...
CVE-2026-44224
Wiki.js is an open source wiki app built on Node.js. Prior to 2.5.313, the users.update GraphQL mutation accepts an arbitrary groups array and applies it directly to the database with no validation of the group IDs supplied. The resolver passes the caller's arguments straight to the model without...
Update 25.18 for Microsoft Dynamics 365 Business Central 2024 Release Wave 2 (Application Build 25.18.48229, Platform Build 25.2.48119)
Update 25.18 for Microsoft Dynamics 365 Business Central 2024 Release Wave 2 Application Build 25.18.48229, Platform Build 25.2.48119 Overview This update replaces previously released updates. You should always install the latest update.After you install this hotfix, you might have to update your...
Apple Safari Regular Expression Duplicate Named Groups Heap-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Apple Safari. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of regul...
Google Chrome 资源管理错误漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.168 contained a resource management vulnerability. This vulnerability stemmed from a problem with the Tab Groups component regarding the reuse of resources after release. It could allow remote...
Subnet Solutions PowerSYSTEM Center 安全漏洞
Subnet Solutions PowerSYSTEM Center is a power solution offered by Subnet Solutions Corporation. There is a security vulnerability present in Subnet Solutions PowerSYSTEM Center, which allows authenticated users with limited privileges to perform unauthorized project group deletions...
PT-2026-40432
Wiki.js is an open source wiki app built on Node.js. Prior to 2.5.313, the users.update GraphQL mutation accepts an arbitrary groups array and applies it directly to the database with no validation of the group IDs supplied. The resolver passes the caller's arguments straight to the model without...