34458 matches found
Heap-based Buffer Overflow
Overview Affected versions of this package are vulnerable to Heap-based Buffer Overflow in the processing of XCOFF object files. An attacker can execute unauthorized code or commands by convincing a user to process a specially crafted file. Remediation A fix was pushed into the master branch but...
Unity Linux 20.1050e Security Update: kernel (UTSA-2026-006676)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-006676 advisory. In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Don't dereference ACPI root object handle Since the commit referenced in the...
PT-2026-31067
Name of the Vulnerable Software and Affected Versions Everest Forms plugin for WordPress versions up to and including 3.4.3 Description The Everest Forms plugin for WordPress is susceptible to PHP Object Injection due to the unsafe deserialization of untrusted input from form entry metadata. The...
CVE-2026-35173
Chyrp Lite is an ultra-lightweight blogging engine. Prior to 2026.01, an IDOR / Mass Assignment issue exists in the Post model that allows authenticated users with post editing permissions Edit Post, Edit Draft, Edit Own Post, Edit Own Draft to modify posts they do not own and do not have...
CVE-2026-35209
defu is software that allows uers to assign default properties recursively. Prior to version 6.1.5, applications that pass unsanitized user input e.g. parsed JSON request bodies, database records, or config files from untrusted sources as the first argument to defu are vulnerable to prototype...
CVE-2026-35176
openFPGALoader is a utility for programming FPGAs. In 1.1.1 and earlier, a heap-buffer-overflow read vulnerability exists in POFParser::parseSection that allows out-of-bounds heap memory access when parsing a crafted .pof file. No FPGA hardware is required to trigger this vulnerability...
CVE-2026-34208
SandboxJS is a JavaScript sandboxing library. Prior to 0.8.36, SandboxJS blocks direct assignment to global objects for example Math.random = ..., but this protection can be bypassed through an exposed callable constructor path: this.constructor.calltarget, attackerObject. Because this.constructo...
EUVD-2026-19734
FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to 1.8.212, the endpoint GET /thread/read/conversationid/threadid does not require authentication and does not validate whether the given threadid belongs to the given conversationid. This allows any...
grav-cms-filecache-object-injection
Grav CMS FileCache Object Injection Description The File...
Exploit for CVE-2026-5465
CVE-2026-5465: Privilege Escalation en Plugin Amelia WordPress...
Scale Smarter: A Practical Guide to Building with Akamai Object Storage
Akamai Object Storage provides high-performance, cost-effective Amazon S3–compatible object storage. Here's what it's used for and how to set it up...
WordPress CTX Feed plugin <= 6.6.26 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by daroo in WordPress Plugin CTX Feed versions = 6.6.26...
EUVD-2026-19580
The Booking for Appointments and Events Calendar – Amelia plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.1.3. This is due to the UpdateProviderCommandHandler failing to validate changes to the externalId field when a Provider Employe...
CVE-2026-5465
The Booking for Appointments and Events Calendar – Amelia plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.1.3. This is due to the UpdateProviderCommandHandler failing to validate changes to the externalId field when a Provider Employe...
CVE-2026-5465 Amelia <= 2.1.3 - Insecure Direct Object Reference to Authenticated (Employee+) Privilege Escalation via 'externalId' Parameter
The Booking for Appointments and Events Calendar – Amelia plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.1.3. This is due to the UpdateProviderCommandHandler failing to validate changes to the externalId field when a Provider Employe...
CVE-2026-5465 Amelia <= 2.1.3 - Insecure Direct Object Reference to Authenticated (Employee+) Privilege Escalation via 'externalId' Parameter
The Booking for Appointments and Events Calendar – Amelia plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 2.1.3. This is due to the UpdateProviderCommandHandler failing to validate changes to the externalId field when a Provider Employe...
CVE-2026-5465
Summary (technical): The Amelia Booking for Appointments and Events Calendar WordPress plugin (versions ≤ 2.1.3) is affected by an Insecure Direct Object Reference (IDOR) in the UpdateProviderCommandHandler. The handler does not validate ownership when a Provider (Employee) user updates their pro...
WordPress Amelia plugin <= 2.1.3 - Insecure Direct Object Reference to Authenticated (Employee+) Privilege Escalation via 'externalId' Parameter vulnerability
Insecure Direct Object Reference to Authenticated Employee+ Privilege Escalation via 'externalId' Parameter vulnerability discovered by Osvaldo Noe Gonzalez Del Rio Os - krei.dev | ogbuilders.io in WordPress Plugin Amelia versions = 2.1.3...
PT-2026-30828
A path traversal vulnerability exists in mintplex-labs/anything-llm versions up to and including 1.9.1, within the AgentFlows component. The vulnerability arises from improper handling of user input in the loadFlow and deleteFlow methods in server/utils/agentFlows/index.js. Specifically, the...
PT-2026-30799
Name of the Vulnerable Software and Affected Versions Amelia plugin for WordPress versions up to and including 2.1.3 Description The Booking for Appointments and Events Calendar – Amelia plugin for WordPress is susceptible to Insecure Direct Object Reference. The UpdateProviderCommandHandler does...