CVE-2026-8115

CVE-2026-8115 affects gyoridavid short-video-maker (up to v1.3.4). The vulnerability is in the REST API component, specifically the file path src/server/routers/rest.ts. An input manipulation of req.params.tmpFile enables path traversal, with remote exploitation possible. Public exploit exists. T...

CVE-2026-31518 affecting package kernel for versions less than 6.6.134.1-2

CVE-2026-31518 affecting package kernel for versions less than 6.6.134.1-2. An upgraded version of the package is available that resolves this issue...

CVE-2026-31444 affecting package kernel for versions less than 6.6.134.1-2

CVE-2026-31444 affecting package kernel for versions less than 6.6.134.1-2. An upgraded version of the package is available that resolves this issue...

Important: Red Hat Security Advisory: RHTAS 1.3.4 - Red Hat Trusted Artifact Signer Release

The 1.3.4 release of Red Hat Trusted Artifact Signer OpenShift Operator. For more details please visit the product documentation at https://access.redhat.com/documentation/en-us/redhattrustedartifactsigner/1.3 The RHTAS Operator can be used with OpenShift Container Platform 4.16, 4.17, 4.18, 4.19...

EUVD-2026-1340

The Latest Registered Users plugin for WordPress is vulnerable to unauthorized user data export in all versions up to, and including, 1.4. This is due to missing authorization and nonce validation in the rndhandleformsubmit function hooked to both adminpostmysimpleform and...

WordPress plugin Custom WooCommerce Checkout Fields Editor Cross-Site Request Forgery Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

openjdk: Improve scripting supports (Oracle CPU 2025-07)

Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component: Scripting. Supported versions that are affected are Oracle Java SE: 8u451, 8u451-perf and 11.0.27; Oracle GraalVM Enterprise Edition: 21.3.14. Difficult to exploit vulnerability allows...

EasyVirt DC Scope和EasyVirt CO2 Scope SQL注入漏洞

EasyVirt DC Scope and EasyVirt CO2 Scope are both products of EasyVirt France.EasyVirt DC Scope is a monitoring and management solution for VMware Virtualization VMware.EasyVirt CO2 Scope is a real-time monitoring and control solution of CO2 emissions of IT services, virtual machines and servers ...

CVE-2022-2975

A vulnerability related to weak permissions was detected in Avaya Aura Application Enablement Services web application, allowing an administrative user to modify accounts leading to execution of arbitrary code as the root user. This issue affects Application Enablement Services versions 8.0.0.0...

TOTOLINK A3700R 缓冲区错误漏洞

The TOTOLINK A3700R is a wireless router from China's Gion Electronics TOTOLINK. A security vulnerability exists in the TOTOLINK A3700R version V9.1.2u.6134B20201202, which stems from a stack overflow in the command parameter of the setTracerouteCfg method...

CVE-2022-1343

creationtimestamp| type| source ---|---|--- 2022-05-03 20:34:04+00:00| seen| https://t.me/cibsecurity/41832...

DEBIAN-CVE-2022-21664

WordPress is a free and open-source content management system written in PHP and paired with a MariaDB database. Due to lack of proper sanitization in one of the classes, there's potential for unintended SQL queries to be executed. This has been patched in WordPress version 5.8.3. Older affected...

OPENSUSE-SU-2021:1426-1 Security update for dnsmasq

This update for dnsmasq fixes the following issues: Update to version 2.86 - CVE-2021-3448: fixed outgoing port used when --server is used with an interface name. bsc1183709 - CVE-2020-14312: Set --local-service by default bsc1173646. - Open inotify socket only when used bsc1180914. This update w...

CVE-2001-0134

Buffer overflow in cpqlogin.htm in web-enabled agents for various Compaq management software products such as Insight Manager and Management Agents allows remote attackers to execute arbitrary commands via a long user name...