CVE-2026-8938

The auto making JSON-LD plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.5.3. This is due to missing or incorrect nonce validation on the amJLcertification function. This makes it possible for unauthenticated attackers to update the plugin's...

CVE-2026-8938

The auto making JSON-LD plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.5.3. This is due to missing or incorrect nonce validation on the amJLcertification function. This makes it possible for unauthenticated attackers to update the plugin's...

Update 27.6 for Microsoft Dynamics 365 Business Central 2025 Release Wave 2 (Application Build 27.6.48260, Platform Build 27.0.48102)

Update 27.6 for Microsoft Dynamics 365 Business Central 2025 Release Wave 2 Application Build 27.6.48260, Platform Build 27.0.48102 Overview This update replaces previously released updates. You should always install the latest update.After you install this hotfix, you might have to update your...

MiracleLinux 3 : acpid-1.0.4-9.1.1AXS3 (AXSA:2009-429:03)

The remote MiracleLinux 3 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2009-429:03 advisory. acpid is a daemon that dispatches ACPI events to user-space programs. Security issues fixed with this release: CVE-2009-4033 No information available at the...

CVE-2025-13657

The HelpDesk contact form plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.5. This is due to missing or incorrect nonce validation on the handlequeryargs function. This makes it possible for unauthenticated attackers to update the plugin's...

CVE-2021-24244

An AJAX action registered by the WPBakery Page Builder Visual Composer Clipboard WordPress plugin before 4.5.8 did not have capability checks, allowing low privilege users, such as subscribers, to update the license options key, email...

CVE-2025-46545

In Sherpa Orchestrator 141851, the functionality for adding or updating licenses allows for stored XSS attacks by an administrator through the name parameter. The XSS payload can execute when the license expires...

CVE-2025-46545

CVE-2025-46545 affects Sherpa Orchestrator v141851. The issue allows stored cross-site scripting via the name parameter when adding or updating licenses, with the payload executing upon license expiration. Evidence across multiple sources confirms the vulnerability and affected component (license...

Digital China Networks多款产品 安全漏洞

Digital China Networks DCME-520 DCN DCME-520 and others are products of Digital China Networks China.Digital China Networks DCME-520 is a new generation of high-performance security gateway with multi-core high performance. Digital China Networks DCME-320 DCN DCME-320 is a wireless router.Digital...

CVE-2024-52777

DCME-320 =7.4.12.90, DCME-520 =9.25.5.11, DCME-320-L, =9.3.5.26, and DCME-720 =9.1.5.11 are vulnerable to Remote Code Execution via /function/system/basic/licenseupdate.php...

Repeat Email Notification: "License update interrupted: Paid license is not installed."

Challenge After installing or upgrading to Veeam Backup for Microsoft 365 version 8 using Community Edition or an NFR Not-For-Resale license, email notifications are sent daily that state that state: Veeam Backup for Microsoft 365 Failed to update license License updated interrupted: Paid license...

Microsoft Windows CLIPSP.SYS License Update Field Type 0xCC out-of-bounds read vulnerability

Talos Vulnerability Report TALOS-2024-1971 Microsoft Windows CLIPSP.SYS License Update Field Type 0xCC out-of-bounds read vulnerability August 13, 2024 CVE Number None SUMMARY An out-of-bounds read vulnerability exists in the License Update Field Type 0xCC functionality of Microsoft Windows...

Microsoft CLIPSP.SYS License update out-of-bounds read vulnerability

Talos Vulnerability Report TALOS-2024-1965 Microsoft CLIPSP.SYS License update out-of-bounds read vulnerability August 13, 2024 CVE Number CVE-2024-38185 SUMMARY Multiple out-of-bounds read vulnerabilities exists in the License update functionality of Microsoft CLIPSP.SYS 10.0.22621 Build 22621,...

Microsoft Windows CLIPSP.SYS License Update Field Type 0x20 out-of-bounds read vulnerability

Talos Vulnerability Report TALOS-2024-1969 Microsoft Windows CLIPSP.SYS License Update Field Type 0x20 out-of-bounds read vulnerability August 13, 2024 CVE Number CVE-2024-38187 SUMMARY An out-of-bounds read vulnerability exists in the License Update Field Type 0x20 functionality of Microsoft...

Microsoft CLIPSP.SYS License Update out-of-bounds read vulnerability

Talos Vulnerability Report TALOS-2024-1988 Microsoft CLIPSP.SYS License Update out-of-bounds read vulnerability August 13, 2024 CVE Number None SUMMARY An out-of-bounds read vulnerability exists in the License Update functionality of Microsoft CLIPSP.SYS 10.0.22621 Build 22621. A specially crafte...

Microsoft CLIPSP.SYS License update privilege escalation vulnerability

Talos Vulnerability Report TALOS-2024-1966 Microsoft CLIPSP.SYS License update privilege escalation vulnerability August 13, 2024 CVE Number CVE-2024-38186 SUMMARY A privilege escalation vulnerability exists in the License update functionality of Microsoft CLIPSP.SYS 10.0.22621 Build 22621,...

Microsoft Windows CLIPSP.SYS License Update Field Type 0xD3 out-of-bounds read vulnerability

Talos Vulnerability Report TALOS-2024-1970 Microsoft Windows CLIPSP.SYS License Update Field Type 0xD3 out-of-bounds read vulnerability August 13, 2024 CVE Number None SUMMARY An out-of-bounds read vulnerability exists in the License Update Field Type 0xD3 functionality of Microsoft Windows...

Microsoft Windows CLIPSP.SYS License Update Field Type 0xC9 out-of-bounds read vulnerability

Talos Vulnerability Report TALOS-2024-1968 Microsoft Windows CLIPSP.SYS License Update Field Type 0xC9 out-of-bounds read vulnerability August 13, 2024 CVE Number CVE-2024-38062 SUMMARY An out-of-bounds read vulnerability exists in the License Update Field Type 0xC9 functionality of Microsoft...

Microsoft CLIPSP.SYS License update signature check bypass vulnerability

Talos Vulnerability Report TALOS-2024-1964 Microsoft CLIPSP.SYS License update signature check bypass vulnerability August 13, 2024 CVE Number CVE-2024-38184 SUMMARY A signature check bypass vulnerability exists in the License update functionality of Microsoft CLIPSP.SYS 10.0.22621 Build 22621,...

Update 23.7 for Microsoft Dynamics 365 Business Central 2023 Release Wave 2 (Application Build 23.7.18957, Platform Build 23.0.18933)

Update 23.7 for Microsoft Dynamics 365 Business Central 2023 Release Wave 2 Application Build 23.7.18957, Platform Build 23.0.18933 Overview This update replaces previously released updates. You should always install the latest update. This update also fixes vulnerabilities. For more information,...