CVE-2026-32422

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in levelfourdevelopment WP EasyCart wp-easycart allows Blind SQL Injection.This issue affects WP EasyCart: from n/a through = 5.8.13...

CVE-2026-28227

Discourse is an open source discussion platform. Prior to versions 2025.12.2, 2026.1.1, and 2026.2.0, TL4 users can publish topics into staff-only categories via the publishtocategory topic timer, bypassing authorization checks. Versions 2025.12.2, 2026.1.1, and 2026.2.0 patch the issue. No known...

CVE-2025-39889 Bluetooth: l2cap: Check encryption key size on incoming connection

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: l2cap: Check encryption key size on incoming connection This is required for passing GAP/SEC/SEM/BI-04-C PTS test case: Security Mode 4 Level 4, Responder - Invalid Encryption Key Size - 128 bit This tests the security...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel that stems from a failure to check the size of the encryption key for incoming connections, which could lead to a bypass of the...

Linux Distros Unpatched Vulnerability : CVE-2020-8563

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Kubernetes clusters using VSphere as a cloud provider, with a logging level set to 4 or above, VSphere cloud credentials will be leaked in the cloud controll...

PT-2025-39241

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue within the Bluetooth L2CAP implementation related to the handling of encryption key sizes during incoming connections. The problem arises when the...

PT-2024-20702 · Unknown · Series 2 Hse-Svh

Name of the Vulnerable Software and Affected Versions: Series 2 HSE-SVH devices versions prior to SE Firmware version 2.2.6 Description: The issue arises because the TAMPERRSTCAUSE register may not be properly updated when a level 4 tamper event occurs, potentially preventing the application from...

SUSE CVE-2016-4480

The guestwalktables function in arch/x86/mm/guestwalk.c in Xen 4.6.x and earlier does not properly handle the Page Size PS page table entry bit at the L4 and L3 page table levels, which might allow local guest OS users to gain privileges via a crafted mapping of memory...

SUSE CVE-2020-8564

In Kubernetes clusters using a logging level of at least 4, processing a malformed docker config file will result in the contents of the docker config file being leaked, which can include pull secrets or other registry credentials. This affects v1.19.3, v1.18.10, v1.17.13...

kubernetes: Docker config secrets leaked when file is malformed and loglevel >= 4

A flaw was found in kubernetes. In Kubernetes, if the logging level is to at least 4, processing a malformed docker config file will result in the contents of the docker config file being leaked, which can include pull secrets or other registry credentials. This can occur with client tools like...

Bachmann Electronic All M-Base Controllers 加密问题漏洞

Bachmann Electronic All M-Base Controllers is a controller system from Bachmann, Germany, used to control networks. A cryptographic issue vulnerability exists in Bachmann Electronic All M-Base Controllers that stems from not properly using the relevant cryptographic algorithms, resulting in...

kubernetes: Ceph RBD adminSecrets exposed in logs when loglevel >= 4

A flaw was found in kubernetes. If the logging level is to at least 4, and Ceph RBD is configured as a storage provisioner, then Ceph RBD admin secrets can be written to logs. This occurs in kube-controller-manager's logs during provisioning of Ceph RBD persistent claims...

DEBIAN-CVE-2020-8566

In Kubernetes clusters using Ceph RBD as a storage provisioner, with logging level of at least 4, Ceph RBD admin secrets can be written to logs. This occurs in kube-controller-manager's logs during provisioning of Ceph RBD persistent claims. This affects v1.19.3, v1.18.10, v1.17.13...

UBUNTU-CVE-2020-8564

In Kubernetes clusters using a logging level of at least 4, processing a malformed docker config file will result in the contents of the docker config file being leaked, which can include pull secrets or other registry credentials. This affects v1.19.3, v1.18.10, v1.17.13...

kubernetes: Docker config secrets leaked when file is malformed and loglevel >= 4

A flaw was found in kubernetes. In Kubernetes, if the logging level is to at least 4, processing a malformed docker config file will result in the contents of the docker config file being leaked, which can include pull secrets or other registry credentials. This can occur with client tools like...

WordPress Level Four Storefront Plugin <= 3.0 - SQL Injection

This plugin is prone to levelfourstorefront/getsortmanufacturers.php id parameter SQL injection vulnerability. Solution Update plugin...

Wordpress Level Four Storefront Plugin SQL Injection Vulnerability

This host is installed with Wordpress Level Four Storefront Plugin and is prone to sql injection vulnerability. OpenVAS Vulnerability Test $Id: gbwordpresslevelfourstorefrontsqlinjvuln.nasl 6115 2017-05-12 09:03:25Z teissa $ Wordpress Level Four Storefront Plugin SQL Injection Vulnerability...

WordPress Level Four Storefront Plugin SQL Injection Vulnerability

WordPress Level Four Storefront Plugin is prone to an SQL injection SQLi vulnerability. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

WordPress Level Four Storefront SQL Injection

Exploit Title: wordpress plugin v3 level four storefront SQL injection Vulnerability Exploit Author: Ashiyane Digital Security Team Home : www.Ashiyane.org Vendor Homepage: www.clubhousenairn.co.uk Software Link: www.levelfourstorefront.com version:3 Tested on: Windows 7 Dork:...

Ruby vulnerability caused by a problem with the alias funtion so that safe level 4 does not function as a sandbox

Overview Safe levels exist as a part of the Ruby language security model, in order to limit the operation of untrusted objects. Ruby contains a vulnerability which may allow an attacker to bypass the safe level restrictions and execute normally inaccessible methods, due to a problem in Ruby's ali...