CVE-2026-7621 SMTP2GO for WordPress <= 1.16.0 - Missing Authorization to Authenticated (Subscriber+) Log Read/Truncate

The SMTP2GO for WordPress – Email Made Easy plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 1.16.0. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers,...

CVE-2026-7621

The SMTP2GO for WordPress – Email Made Easy plugin (WordPress) is vulnerable in all versions up to 1.16.0 due to improper authorization checks. Authenticated users with subscriber-level access or higher can truncate SMTP log records or export sensitive log data (recipient/sender addresses, subjec...

WordPress SMTP2GO for WordPress – Email Made Easy plugin <= 1.16.0 - Missing Authorization to Authenticated (Subscriber+) Log Read/Truncate vulnerability

Missing Authorization to Authenticated Subscriber+ Log Read/Truncate vulnerability discovered by darkmode in WordPress Plugin SMTP2GO versions = 1.16.0...

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fixed an out-of-bounds access in rpage. When PAGESIZE is 64K, if logreadrst calls readlogpage for the first time, the size of buffer will be equal to DefaultLogPageSize4K. However, for buffer operations like memcpy, if...

GHSA-PM44-X5X7-24C4 Apache Airflow Has an Authorization Bypass That Allows Unauthorized Task Log Access

Vulnerability Overview An authorization bypass vulnerability exists in Apache Airflow that allows authenticated users to access task execution logs without the required permissions. The Flaw The vulnerability affects environments using custom roles or granular permission settings. Normally, Airfl...

SUSE CVE-2022-50869

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix slab-out-of-bounds in rpage When PAGESIZE is 64K, if readlogpage is called by logreadrst for the first time, the size of buffer would be equal to DefaultLogPageSize4K.But for buffer operations like memcpy, if the...

EUVD-2022-55829

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix slab-out-of-bounds in rpage When PAGESIZE is 64K, if readlogpage is called by logreadrst for the first time, the size of buffer would be equal to DefaultLogPageSize4K.But for buffer operations like memcpy, if the...

CVE-2022-50869

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix slab-out-of-bounds in rpage When PAGESIZE is 64K, if readlogpage is called by logreadrst for the first time, the size of buffer would be equal to DefaultLogPageSize4K.But for buffer operations like memcpy, if the...

UBUNTU-CVE-2022-50869

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix slab-out-of-bounds in rpage When PAGESIZE is 64K, if readlogpage is called by logreadrst for the first time, the size of buffer would be equal to DefaultLogPageSize4K.But for buffer operations like memcpy, if the...

CVE-2022-50869 fs/ntfs3: Fix slab-out-of-bounds in r_page

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix slab-out-of-bounds in rpage When PAGESIZE is 64K, if readlogpage is called by logreadrst for the first time, the size of buffer would be equal to DefaultLogPageSize4K.But for buffer operations like memcpy, if the...

CVE-2022-50869

Summary: CVE-2022-50869 affects the Linux kernel, specifically the ntfs3 path, where under PAGE_SIZE of 64K a slab-out-of-bounds in r_page could occur during log_read_rst when read_log_page copies data into a buffer. The root cause described across connected records is an under-sized initial buff...

CVE-2022-50869 fs/ntfs3: Fix slab-out-of-bounds in r_page

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix slab-out-of-bounds in rpage When PAGESIZE is 64K, if readlogpage is called by logreadrst for the first time, the size of buffer would be equal to DefaultLogPageSize4K.But for buffer operations like memcpy, if the...

PT-2025-53987

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix slab-out-of-bounds in r page When PAGE SIZE is 64K, if read log page is called by log read rst for the first time, the size of buffer would be equal to DefaultLogPageSize4K.But for buffer operations like memcpy, if...

CVE-2024-10665 Yaad Sarig Payment Gateway For WC <= 2.2.4 - Missing Authorization to Authenticated (Subscriber+) Log Read/Deletion

The Yaad Sarig Payment Gateway For WC plugin for WordPress is vulnerable to unauthorized modification & access of data due to a missing capability check on the yaadpayviewlogcallback and yaadpaydeletelogcallback functions in all versions up to, and including, 2.2.4. This makes it possible for...

CVE-2024-10665 Yaad Sarig Payment Gateway For WC <= 2.2.4 - Missing Authorization to Authenticated (Subscriber+) Log Read/Deletion

The Yaad Sarig Payment Gateway For WC plugin for WordPress is vulnerable to unauthorized modification & access of data due to a missing capability check on the yaadpayviewlogcallback and yaadpaydeletelogcallback functions in all versions up to, and including, 2.2.4. This makes it possible for...

WordPress Yaad Sarig Payment Gateway For WC plugin <= 2.2.4 - Missing Authorization to Authenticated (Subscriber+) Log Read/Deletion vulnerability

Missing Authorization to Authenticated Subscriber+ Log Read/Deletion vulnerability discovered by BrokenAC ignore in WordPress Plugin Yaad Sarig Payment Gateway For WC versions = 2.2.4...

SUSE CVE-2024-43901

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix NULL pointer dereference for DTN log in DCN401 When users run the command: cat /sys/kernel/debug/dri/0/amdgpudmdtnlog The following NULL pointer dereference happens: +0.000003 BUG: kernel NULL pointer...

CVE-2024-43901 drm/amd/display: Fix NULL pointer dereference for DTN log in DCN401

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix NULL pointer dereference for DTN log in DCN401 When users run the command: cat /sys/kernel/debug/dri/0/amdgpudmdtnlog The following NULL pointer dereference happens: +0.000003 BUG: kernel NULL pointer...

CVE-2022-39040

aEnrich a+HRD log read function has a path traversal vulnerability. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and download arbitrary system files...

CVE-2022-39040

aEnrich a+HRD log read function has a path traversal vulnerability. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and download arbitrary system files...