WordPress Element Pack Elementor Addons plugin <= 8.3.13 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Arif Shaikh in WordPress Plugin Element Pack Elementor Addons versions = 8.3.13...

CVE-2025-67822

A vulnerability in the Provisioning Manager component of Mitel MiVoice MX-ONE 7.3 7.3.0.0.50 through 7.8 SP1 7.8.1.0.14 could allow an unauthenticated attacker to conduct an authentication bypass attack due to improper authentication mechanisms. A successful exploit could allow an attacker to gai...

Mitel MiVoice MX-ONE security vulnerabilities

Mitel MiVoice MX-ONE is a comprehensive communication solution provided by the Canadian company Mitel. Versions 7.3 to 7.8 SP1 of Mitel MiVoice MX-ONE contain security vulnerabilities. These vulnerabilities stem from improper authentication mechanisms, which may allow for bypasses during...

Denial Of Service (DoS)

org.elasticsearch.plugin, x-pack-security is vulnerable to Denial of Service DoS. The vulnerability is due to the lack of limits or throttling on user settings data allocation, which allows a low-privileged authenticated attacker to submit oversized data and trigger excessive memory allocation...

MiracleLinux 3 : dbmail-2.2.5-1.8AXS3 (AXSA:2008-85:01)

The remote MiracleLinux 3 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2008-85:01 advisory. Description of problem: Dbmail is the name of a group of programs that enable the possibility of storing and retrieving mail messages from a database. DBMail...

comfy-pack (>=0.2.0 <=0.4.4) potentially affected by CVE-2026-22777 via comfy-cli (=1.7.3)

comfy-cli PYPI version =1.7.3 is affected by a known vulnerability. The following packages have a transitive dependency on comfy-cli and may be impacted: - comfy-pack =0.2.0, =0.4.4 Source cves: CVE-2026-22777 Source advisory: OSV:GHSA-562R-8445-54R2...

Description of the security update for SharePoint Server 2016: January 13, 2026 (KB5002828)

Description of the security update for SharePoint Server 2016: January 13, 2026 KB5002828 Summary Important: If you're currently running SharePoint Workflow Manager, you must install the SharePoint Workflow Manager KB5002799 to your farm before you install this cumulative update. If you're...

Description of the security update for SharePoint Server 2019 Language Pack: January 13, 2026 (KB5002823)

Description of the security update for SharePoint Server 2019 Language Pack: January 13, 2026 KB5002823 Summary Important: If you're running 2013-type workflows, you mustinstall the August 2025 update for SharePoint Workflow Manager to your farm before you install this cumulative update.​​​​​​​ I...

Description of the security update for SharePoint Server 2016 Language Pack: January 13, 2026 (KB5002827)

Description of the security update for SharePoint Server 2016 Language Pack: January 13, 2026 KB5002827 Summary Important: If you're running Microsoft SharePoint Server 2013-type workflows, you must install the August 2025 update for SharePoint Workflow Manager to your farm before you install thi...

Security Bulletin: Due to use of Apache Commons Text, IBM Operations Analytics - Log Analysis is affected by Remote Code Execution Attacks

Summary Apache Commons Text in Apache Solr is used by IBM Operations Analytics - Log Analysis as part of the string manipulation and interpolation. CVE-2025-46295. Vulnerability Details CVEID:CVE-2025-46295 DESCRIPTION: Apache Commons Text versions prior to 1.10.0 included interpolation features...

CVE-2021-33088

Incorrect default permissions in the installer for the IntelR NUC M15 Laptop Kit Integrated Sensor Hub driver pack before version 5.4.1.4449 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2021-0057

Uncontrolled search path in the IntelR NUC M15 Laptop Kit Driver Pack software before updated version 1.1 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2021-0058

Incorrect default permissions in the IntelR NUC M15 Laptop Kit Driver Pack software before updated version 1.1 may allow an authenticated user to potentially enable escalation of privilege via local access...

CVE-2019-18284

A vulnerability has been identified in SPPA-T3000 Application Server All versions Service Pack R8.2 SP2. The AdminService is available without authentication on the Application Server. An attacker can use methods exposed via this interface to receive password hashes of other users and to change...

CVE-2020-7205

A potential security vulnerability has been identified in HPE Intelligent Provisioning, Service Pack for ProLiant, and HPE Scripting ToolKit. The vulnerability could be locally exploited to allow arbitrary code execution during the boot process. Note: This vulnerability is related to using insmod...

CVE-2020-7135

A potential security vulnerability has been identified in the disk drive firmware installers named Supplemental Update / Online ROM Flash Component on HPE servers running Linux. The vulnerable software is included in the HPE Service Pack for ProLiant SPP releases 2018.06.0, 2018.09.0, and...

CVE-2023-50854

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Squirrly Squirrly SEO - Advanced Pack.This issue affects Squirrly SEO - Advanced Pack: from n/a before 2.4.02...

CVE-2023-45163

The 1E-Exchange-CommandLinePing instruction that is part of the Network product pack available on the 1E Exchange does not properly validate the input parameter, which allows for a specially crafted input to perform arbitrary code execution with SYSTEM permissions. This instruction only runs on...

CVE-2025-23874

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in FalconTheme Team WP Block Pack wp-block-pack allows Reflected XSS.This issue affects WP Block Pack: from n/a through = 1.1.6...

CVE-2025-56424

An issue in Insiders Technologies GmbH e-invoice pro before release 1 Service Pack 2 allows a remote attacker to cause a denial of service via a crafted script...