4285 matches found
CVE-2026-25335 WordPress Secure Copy Content Protection and Content Locking plugin <= 5.0.0 - Broken Access Control vulnerability
Missing Authorization vulnerability in Ays Pro Secure Copy Content Protection and Content Locking secure-copy-content-protection allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Secure Copy Content Protection and Content Locking: from n/a through = 5.0.0...
CVE-2026-25335
Missing Authorization vulnerability in Ays Pro Secure Copy Content Protection and Content Locking secure-copy-content-protection allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Secure Copy Content Protection and Content Locking: from n/a through = 5.0.0...
CVE-2026-25335 WordPress Secure Copy Content Protection and Content Locking plugin <= 5.0.0 - Broken Access Control vulnerability
Missing Authorization vulnerability in Ays Pro Secure Copy Content Protection and Content Locking secure-copy-content-protection allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Secure Copy Content Protection and Content Locking: from n/a through = 5.0.0...
SUSE CVE-2026-23227
In the Linux kernel, the following vulnerability has been resolved: drm/exynos: vidi: use ctx-lock to protect struct vidicontext member variables related to memory alloc/free Exynos Virtual Display driver performs memory alloc/free operations without lock protection, which easily causes concurren...
WordPress plugin Secure Copy Content Protection and Content Locking 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
PT-2026-20702
Missing Authorization vulnerability in Ays Pro Secure Copy Content Protection and Content Locking secure-copy-content-protection allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Secure Copy Content Protection and Content Locking: from n/a through = 5.0.0...
Siemens SIMATIC S7-1500 Improper Locking (CVE-2025-39773)
In the Linux kernel, the following vulnerability has been resolved: net: bridge: fix soft lockup in brmulticastqueryexpired When set multicastqueryinterval to a large value, the local variable 'time' in brmulticastsendquery may overflow. If the time is smaller than jiffies, the timer will expire...
CVE-2025-71221
In the Linux kernel, the following vulnerability has been resolved: dmaengine: mmppdma: Fix race condition in mmppdmaresidue Add proper locking in mmppdmaresidue to prevent use-after-free when accessing descriptor list and descriptor contents. The race occurs when multiple threads call txstatus...
CVE-2026-23186 hwmon: (acpi_power_meter) Fix deadlocks related to acpi_power_meter_notify()
In the Linux kernel, the following vulnerability has been resolved: hwmon: acpipowermeter Fix deadlocks related to acpipowermeternotify The acpipowermeter driver's .notify callback function, acpipowermeternotify, calls hwmondeviceunregister under a lock that is also acquired by callbacks in sysfs...
CVE-2025-71221
In the Linux kernel, the following vulnerability has been resolved: dmaengine: mmppdma: Fix race condition in mmppdmaresidue Add proper locking in mmppdmaresidue to prevent use-after-free when accessing descriptor list and descriptor contents. The race occurs when multiple threads call txstatus...
CVE-2025-71221
CVE-2025-71221: The Linux kernel mmp_pdma driver contained a race in mmp_pdma_residue() that could cause use-after-free when descriptors are freed while tx_status() iterates the descriptor list. The race occurs as CPU0 unwinds the descriptor list without proper locking while CPU1's tasklet can fr...
UBUNTU-CVE-2026-23165
In the Linux kernel, the following vulnerability has been resolved: sfc: fix deadlock in RSS config read Since cited commit, core locks the netdevice's rsslock when handling ethtool -x command, so driver's implementation should not lock it again. Remove the latter...
CVE-2026-23153 firewire: core: fix race condition against transaction list
In the Linux kernel, the following vulnerability has been resolved: firewire: core: fix race condition against transaction list The list of transaction is enumerated without acquiring card lock when processing AR response event. This causes a race condition bug when processing AT request completi...
PT-2026-8148
In the Linux kernel, the following vulnerability has been resolved: firewire: core: fix race condition against transaction list The list of transaction is enumerated without acquiring card lock when processing AR response event. This causes a race condition bug when processing AT request completi...
CVE-2026-1320
The Secure Copy Content Protection and Content Locking plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'X-Forwarded-For' HTTP header in all versions up to, and including, 4.9.8 due to insufficient input sanitization and output escaping. This makes it possible for...
Oracle VirtualBox VMSVGA Race Condition Local Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the VMSVGA...
CVE-2026-1320 Secure Copy Content Protection and Content Locking <= 4.9.8 - Unauthenticated Stored Cross-Site Scripting via X-Forwarded-For Header
The Secure Copy Content Protection and Content Locking plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'X-Forwarded-For' HTTP header in all versions up to, and including, 4.9.8 due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2026-1320 Secure Copy Content Protection and Content Locking <= 4.9.8 - Unauthenticated Stored Cross-Site Scripting via X-Forwarded-For Header
The Secure Copy Content Protection and Content Locking plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'X-Forwarded-For' HTTP header in all versions up to, and including, 4.9.8 due to insufficient input sanitization and output escaping. This makes it possible for...
SUSE-SU-2026:0472-1 Security update for the Linux Kernel
The SUSE Linux Enterprise 15 SP7 Azure kernel was updated to fix various security issues The following security issues were fixed: - CVE-2023-54013: interconnect: Fix locking for runpm vs reclaim bsc1256280. - CVE-2025-39880: libceph: fix invalid accesses to cephconnectionv1info bsc1250388. -...
WordPress plugin Secure Copy Content Protection and Content Locking 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...