WordPress plugin LearnPress has a cross-site scripting vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

Google Android security vulnerabilities

Google Android is an open-source operating system based on Linux, developed by Google Inc. There are security vulnerabilities in Google Android, which stem from improper input validation in multiple functions within DevicePolicyManagerService.java. These vulnerabilities may lead to local...

Google Android security vulnerabilities

Google Android is an open-source operating system based on Linux, developed by Google Inc. There is a security vulnerability in Google Android, which stems from improper input validation in multiple functions within AccessibilityManagerService.java. This vulnerability may lead to local persistent...

Qualcomm Chipsets Buffer Error Vulnerability

Qualcomm Chipsets are a series of chipset developed by Qualcomm Incorporated in the United States. Qualcomm Chipsets have a buffer error vulnerability, which stems from insufficient input validation in the diagnostic service, leading to memory corruption...

Qualcomm Chipsets security vulnerabilities

Qualcomm Chipsets are a series of chipset developed by Qualcomm Incorporated in the United States. There are security vulnerabilities in Qualcomm Chipsets, which stem from the lack of validation of concurrent user mode inputs when accessing shared buffers...

Janet input validation vulnerability

Janet is a functional and imperative programming language and bytecode interpreter developed by Janet Language. Versions of Janet prior to 1.41.0 had a vulnerability related to input validation errors. This vulnerability stemmed from incorrect operations in the function unmarshalonefiber found in...

ASB-A-414389102

In applySimpleFieldMaxSize of DataRowHandler.java, there is a possible way to insert a large contact name due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

ASB-A-449392803

In multiple functions of AccessibilityManagerService.java, there is a possible persistent denial of service due to improper input validation. This could lead to local denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

ASB-A-461790658

In multiple functions of ubsanthrowingruntime.cpp, there is a possible way to cause a system crash due to improper input validation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation...

PT-2026-45634

Memory corruption in diagnostic services due to absence of input validation...

PT-2026-45397

Missing authentication and clear‑text transmission of data from the heat pumps to the control server, combined with the absence of input validation on aggregated data, can lead to stored XSS that enables theft of cookies from the pump’s web control interface. Older Orca heat pump devices...

PT-2026-45260

Name of the Vulnerable Software and Affected Versions OTRS versions 7.0.x through 2026.3.x OTRS Community Edition version 6.0.x Description Improper input validation in the database layer module allows an unauthenticated SQL injection, which can lead to an authentication bypass. This enables...

Google Android security vulnerabilities

Google Android is an open-source operating system based on Linux, developed by Google Inc. There are security vulnerabilities in Google Android, which stem from improper input validation in multiple functions within DevicePolicyManagerService.java. These vulnerabilities may lead to local...

PT-2026-45657

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description Memory corruption occurs when shared buffers are accessed without validating concurrent modifications to input from user-mode...

OTRS security vulnerabilities

OTRS is a service management solution developed by the German company OTRS. Vulnerabilities exist in versions 7.0.X, 8.0.X, 2023.X, 2024.X, 2025.X, and 2026.X up to version 2026.4.X. These vulnerabilities stem from improper input validation in the client backend module, which may allow access to...

ASB-A-350456241

In multiple locations, there is a possible way to reveal images across users due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is needed for exploitation...

OTRS security vulnerabilities

OTRS is a service management solution developed by the German company OTRS. Vulnerabilities exist in OTRS versions 7.0.X, 8.0.X, 2023.X, 2024.X, 2025.X, and 2026.X up to version 2026.4.X, as well as in the Community Edition 6.0.x version. These vulnerabilities stem from improper input validation ...

PT-2026-45588

Name of the Vulnerable Software and Affected Versions Android Framework affected versions not specified Description Improper input validation in the setGlobalProxy function of DevicePolicyManagerService.java can cause a persistence desync. This issue allows a local attacker to achieve escalation ...

Google Android security vulnerabilities

Google Android is an open-source operating system based on Linux, developed by Google Inc. There are security vulnerabilities in Google Android, which stem from improper input validation in multiple functions within ubsanthrowingruntime.cpp. These vulnerabilities could lead to remote denial of...

PT-2026-45583

Name of the Vulnerable Software and Affected Versions Android Framework affected versions not specified Description Improper input validation in multiple functions of DevicePolicyManagerService.java allows a system critical package to be hidden. This can result in a local denial of service withou...