EUVD-2026-3146

The Team Section Block plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's block in all versions up to, and including, 2.0.0 due to insufficient input sanitization and output escaping on user-supplied social network link URLs. This makes it possible for authenticate...

UBUNTU-CVE-2024-46862

In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: soc-acpi-intel-mtl-match: add missing empty item There is no linksnum in struct sndsocacpimach , and we test !link-numadr as a condition to end the loop in hdasdwmachineselect. So an empty item in struct...

XWiki Platform 跨站脚本漏洞

XWiki Platform is a suite of Wiki platforms from the XWiki Foundation in France for creating collaborative web applications. A security vulnerability exists in XWiki Platform versions prior to 14.6-rc-1, which stems from an HTML rendering that does not check for dangerous attributes/attribute...

The vulnerability of the SINEMA Remote Connect server’s software lies in insufficient access control checks, allowing attackers to gain access to system resources through certain URL addresses, bypassing the authentication mechanism.

The vulnerability of the SINEMA Remote Connect server software is related to insufficient verification of access rights. Exploiting this vulnerability could allow a malicious actor to gain access to system resources through certain URL addresses, bypassing the authentication mechanism...