CVE-2026-39829 affecting package cf-cli for versions less than 8.7.11-6

CVE-2026-39829 affecting package cf-cli for versions less than 8.7.11-6. A patched version of the package is available...

CVE-2026-22727 Cloud Foundry unprotected internal endpoints

Unprotected internal endpoints in Cloud Foundry Capi Release 1.226.0 and below, and CF Deployment v54.9.0 and below on all platforms allows any user who has bypassed the firewall to potentially replace droplets and therefore applications allowing them to access secure application information...

CVE-2026-25378 WordPress Nelio AB Testing plugin <= 8.2.4 - SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Nelio Software Nelio AB Testing nelio-ab-testing allows Blind SQL Injection.This issue affects Nelio AB Testing: from n/a through = 8.2.4...

WordPress Quran Gateway plugin <= 1.5 - Cross-Site Request Forgery to Settings Update vulnerability

Cross-Site Request Forgery to Settings Update vulnerability discovered by Muhammad Nur Ibnu Hubab Ibnu - Pondok Teknologi in WordPress Plugin Quran Gateway versions = 1.5...

WordPress Plugin A/B Image Optimizer Plugin <= 3.3 - Arbitrary File Download vulnerability

Arbitrary File Download vulnerability discovered by LVT-tholv2k in WordPress Plugin Plugin A/B Image Optimizer versions = 3.3...

PT-2025-1746 · Nj-Series +1 · Nj Series +1

Name of the Vulnerable Software and Affected Versions: Machine Automation Controller NJ-series version 1.64.05 and lower Description: Path Traversal vulnerabilities exist in NJ/NX-series Machine Automation Controllers, allowing an attacker to perform unauthorized access and execute unauthorized...

WordPress Houzez CRM plugin <= 1.4.3 - Arbitrary File Deletion vulnerability

Arbitrary File Deletion vulnerability discovered by Kursat Cetin in WordPress Plugin Houzez CRM versions = 1.4.3...

PT-2023-23818 · Dell · Dell Smartfabric Storage

Name of the Vulnerable Software and Affected Versions: Dell SmartFabric Storage Software versions 1.3 and lower Description: The issue is related to an improper input validation vulnerability, allowing a remote unauthenticated attacker to exploit it and escalate privileges up to the highest...

AZL-25813 CVE-2022-4899 affecting package zstd for versions less than 1.5.4-1

A vulnerability was found in zstd v1.4.10, where an attacker can supply empty string as an argument to the command line tool to cause buffer overrun...

AZL-13303 CVE-2023-25193 affecting package harfbuzz for versions less than 3.4.0-3

hb-ot-layout-gsubgpos.hh in HarfBuzz through 6.0.0 allows attackers to trigger On^2 growth via consecutive marks during the process of looking back for base glyphs when attaching marks...

AZL-13291 CVE-2023-25012 affecting package kernel for versions less than 5.15.107.1-2

The Linux kernel through 6.1.9 has a Use-After-Free in bigbenremove in drivers/hid/hid-bigbenff.c via a crafted USB device because the LED controllers remain registered for too long...

SoftwareDEP Classified Script SQL Injection Vulnerability

Exploit for php platform in category web applications / / / \ \ \ \ \ / / \\ \ \ \ \ // /// \ \ / / \ //|\ / \ \ \ \ \ \ / / \ \ / / \ | | | \ | | || | | |/ / \ V / || |\ V / / \ | / \ | /| | | || / | | | | . | ' || / | || // \ // \|||/|||||||||\ .WEB.ID...