CVE-2026-48759

CVE-2026-48759 (TypeBot) affects TypeBot versions 3.15.2 and earlier. The vulnerability arises in cross-workspace theme template handling: the API handlers handleSaveThemeTemplate and handleDeleteThemeTemplate validate the user is a non-guest member of the given workspaceId, but the subsequent Pr...

WordPress Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin <= 1.6.10.6 - Unauthenticated Arbitrary Appointment View, Modification and Deletion vulnerability

Unauthenticated Arbitrary Appointment View, Modification and Deletion vulnerability discovered by Athiwat Tiprasaharn Jitlada in WordPress Plugin Simply Schedule Appointments versions = 1.6.10.6...

CVE-2026-7489 Sunnet｜CTMS - SQL Injection

CTMS developed by Sunnet has a SQL Injection vulnerability, allowing authenticated remote attackers to inject arbitrary SQL commands to read, modify, and delete database contents...

EUVD-2014-0079

Malware in sbrugna...

EUVD-2004-2460

Malware in sbrugna...

The vulnerability of the user interface of Trend Micro Air Support’s customer support system allows a hacker to gain access to read, modify, or delete data, execute arbitrary code, and increase their privileges.

The vulnerability of the user interface of Trend Micro Air Support’s customer support system lies in the loading of unreliable DLL libraries. Exploiting this vulnerability can allow attackers to gain access to read, modify, or delete data, execute arbitrary code, and increase their privileges...

PT-2022-23252 · Unknown · School Management System

Name of the Vulnerable Software and Affected Versions: School Management System version 1.0 Description: The issue allows remote attackers to modify or delete data, causing persistent changes to the application's content or behavior by using malicious SQL queries. Recommendations: For School...

The vulnerability of the Data Server database in the interactive graphical SCADA system allows a intruder to gain access to read, modify, or delete files.

The vulnerability of the Data Server database in the Interactive Graphical SCADA System IGSS is related to the absence of authentication procedures. Exploiting this vulnerability could allow a malicious actor to gain access to read, modify, or delete files by sending specially crafted messages...

PT-2020-2546

Name of the Vulnerable Software and Affected Versions Java SE versions 11.0.6 and 14 Description The issue is related to insufficient access control in the JSSE component of Java SE, allowing an unauthenticated attacker with network access via HTTPS to compromise Java SE. Successful attacks can...

Vulnerability of Microsoft Office software, which allows a malicious actor to compromise the confidentiality, integrity, and accessibility of protected information

A vulnerability that allows for remote execution of code exists in vulnerable components and is related to the processing of specially crafted font files. Exploiting this vulnerability enables remote execution of code, provided that the user opens a specially crafted file or webpage. Exploiting...