CVE-2026-5075 All in One SEO <= 4.9.7 - Authenticated (Contributor+) Sensitive Information Exposure via 'internalOptions' Localized Script Data

The All in One SEO plugin for WordPress is vulnerable to Sensitive Information Exposure via 'internalOptions' localized script data in versions up to, and including, 4.9.7 due to sensitive internal option data being passed to wplocalizescript in post editor contexts without effective masking for...

PT-2026-42103

The All in One SEO plugin for WordPress is vulnerable to Sensitive Information Exposure via 'internalOptions' localized script data in versions up to, and including, 4.9.7 due to sensitive internal option data being passed to wp localize script in post editor contexts without effective masking fo...

CVE-2026-40098

Magento Long Term Support LTS is an unofficial, community-driven project provides an alternative to the Magento Community Edition e-commerce platform with a high level of backward compatibility. Prior to version 20.17.0, the shared wishlist add-to-cart endpoint authorizes access with a public...

CVE-2026-1935 Company Posts for LinkedIn <= 1.0.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary LinkedIn Post Data Deletion

The Company Posts for LinkedIn plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.0.0. This is due to a missing capability check on the linkedincompanypostresethandler function hooked to adminpostresetlinkedincompanypost. This makes it possible for...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-000997)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000997 advisory. The IPv6 stack in the Linux kernel before 4.3.3 mishandles options data, which allows local users to gain privileges or cause a denial of service use-after-free and...

SUSE CVE-2016-2848

ISC BIND 9.1.0 through 9.8.4-P2 and 9.9.0 through 9.9.2-P2 allows remote attackers to cause a denial of service assertion failure and daemon exit via malformed options data in an OPT resource record...

SUSE CVE-2016-3841

The IPv6 stack in the Linux kernel before 4.3.3 mishandles options data, which allows local users to gain privileges or cause a denial of service use-after-free and system crash via a crafted sendmsg system call...

Denial Of Service (DoS)

bind is vulnerable to denial of service DoS attacks. The vulnerability exists as ISC BIND 9.1.0 through 9.8.4-P2 and 9.9.0 through 9.9.2-P2 allows remote attackers to cause a denial of service assertion failure and daemon exit via malformed options data in an OPT resource record...

Design/Logic Flaw

ISC BIND 9.1.0 through 9.8.4-P2 and 9.9.0 through 9.9.2-P2 allows remote attackers to cause a denial of service assertion failure and daemon exit via malformed options data in an OPT resource record...

CVE-2016-2848

ISC BIND 9.1.0 through 9.8.4-P2 and 9.9.0 through 9.9.2-P2 allows remote attackers to cause a denial of service assertion failure and daemon exit via malformed options data in an OPT resource record...

CVE-2016-2848

ISC BIND vulnerability CVE-2016-2848 affects BIND 9.1.0–9.8.4-P2 and 9.9.0–9.9.2-P2, allowing remote attackers to cause a denial of service (assertion failure and daemon exit) by sending malformed options data in an OPT resource record. Exploitation is via specially crafted DNS packets; impact is...

DEBIAN-CVE-2016-3841

The IPv6 stack in the Linux kernel before 4.3.3 mishandles options data, which allows local users to gain privileges or cause a denial of service use-after-free and system crash via a crafted sendmsg system call...

CVE-2016-3841

The IPv6 stack in the Linux kernel before 4.3.3 mishandles options data, which allows local users to gain privileges or cause a denial of service use-after-free and system crash via a crafted sendmsg system call...

CVE-2016-3841

The IPv6 stack in the Linux kernel before 4.3.3 mishandles options data, which allows local users to gain privileges or cause a denial of service use-after-free and system crash via a crafted sendmsg system call...

WP Comment Remix 1.4.3 Remote SQL Injection Exploit

Exploit for unknown platform in category web applications =================================================== WP Comment Remix 1.4.3 Remote SQL Injection Exploit =================================================== \n"; print "\n : Hostname or IP Address"; print "\n : Path to WordPress Defaults to...