9 matches found
CVE-2026-63922 ipv6: exthdrs: refresh nh after handling HAO option
In the Linux kernel, the following vulnerability has been resolved: ipv6: exthdrs: refresh nh after handling HAO option ip6parsetlv caches skbnetworkheaderskb in nh while walking IPv6 TLVs. ipv6desthao may call pskbexpandhead for a cloned skb, which can move the skb head and invalidate the cached...
CVE-2026-63922
The CVE-2026-63922 issue affects the Linux kernel IPv6 path, specifically the exthdrs handling of the HAO option. The vulnerability arises because ip6_parse_tlv() caches skb_network_header(skb) in nh while traversing IPv6 TLVs, and ipv6_dest_hao() can trigger pskb_expand_head() on a cloned skb, p...
CVE-2026-27892
FacturaScripts Library module stores and serves uploaded images without stripping EXIF/IPTC/XMP metadata, allowing any authenticated user who downloads an image to extract GPS coordinates, device information, timestamps, and other PII embedded in metadata. This is a design-level omission affectin...
Your Digital Footprint Can Lead Right to Your Front Door
You lock your doors at night. You avoid sketchy phone calls. You're careful about what you post on social media. But what about the information about you that's already out there—without your permission? Your name. Home address. Phone number. Past jobs. Family members. Old usernames. It's all sti...
How to Remove Your Personal Info From Google by Using Its ‘Results About You’ Tool
You can now set up alerts for whenever your home address, phone number, and email address appears in Search...
WordPress Business Directory Plugin Cross-Site Request Forgery Vulnerability
WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports setting up personal blog sites on servers with PHP and MySQL. A cross-site request forgery vulnerability exists in WordPress Business Directory Plugin versions...
Ring Plagued by Security Issues, Flood of Hacks
Serious security holes in the Ring smart doorbell have been uncovered, according to a new investigation. For instance, Ring owners aren’t notified of suspicious login alerts when devices are accessed on various IP addresses — and there are seemingly no limitations for incorrect login attempts. Th...
PT-2018-12614 · Thomson Reuters · Thomson Reuters Ultratax Cs
Name of the Vulnerable Software and Affected Versions: Thomson Reuters UltraTax CS version 2017 Description: The software has a password protection option, but the level of protection may not meet some customers' expectations because the data is stored in cleartext. Customer data is stored in...
Guizhou Provincial People's Hospital's Android App Has Override Access Vulnerability
Guizhou Provincial People's Hospital APP is a medical app for local people in Guizhou, making it easier and faster for people to see a doctor. Download Guizhou Provincial People's Hospital APP to utilize ID cards, visiting cards and other identification to get all the information about the visit,...