10761 matches found
CVE-2026-3881
The Vulnerability: WordPress Performance Monitor plugin versions
CVE-2026-3881
The Performance Monitor WordPress plugin through 1.0.6 does not validate a parameter before making a request to it, which could allow unauthenticated users to perform SSRF attacks...
CVE-2026-3881 Performance Monitor <= 1.0.6 - Unauthenticated Blind SSRF
The Performance Monitor WordPress plugin through 1.0.6 does not validate a parameter before making a request to it, which could allow unauthenticated users to perform SSRF attacks...
PT-2026-29198
The Performance Monitor WordPress plugin through 1.0.6 does not validate a parameter before making a request to it, which could allow unauthenticated users to perform SSRF attacks...
WordPress plugin Performance Monitor 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...
UBUNTU-CVE-2026-21717
A flaw in V8's string hashing mechanism causes integer-like strings to be hashed to their numeric value, making hash collisions trivially predictable. By crafting a request that causes many such collisions in V8's internal string table, an attacker can significantly degrade performance of the...
CVE-2026-21717
A flaw in V8's string hashing mechanism causes integer-like strings to be hashed to their numeric value, making hash collisions trivially predictable. By crafting a request that causes many such collisions in V8's internal string table, an attacker can significantly degrade performance of the...
CVE-2026-21717
CVE-2026-21717 affects multiple Node.js releases (nodejs20, nodejs22, nodejs24, nodejs25) with the root cause in V8 string hashing causing integer-like strings to hash to their numeric value, enabling hash collisions that can degrade Node.js process performance. Public details show nodejs24 is af...
CVE-2026-21717
A flaw in V8's string hashing mechanism causes integer-like strings to be hashed to their numeric value, making hash collisions trivially predictable. By crafting a request that causes many such collisions in V8's internal string table, an attacker can significantly degrade performance of the...
CVE-2026-21717
A flaw in V8's string hashing mechanism causes integer-like strings to be hashed to their numeric value, making hash collisions trivially predictable. By crafting a request that causes many such collisions in V8's internal string table, an attacker can significantly degrade performance of the...
EUVD-2026-17071
The Performance Library component of Gigabyte Control Center has an Insecure Deserialization vulnerability. Authenticated local attackers can send a malicious serialized payload to the EasyTune Engine service, resulting in privilege escalation...
CVE-2026-4416
The Performance Library component of Gigabyte Control Center has an Insecure Deserialization vulnerability. Authenticated local attackers can send a malicious serialized payload to the EasyTune Engine service, resulting in privilege escalation...
CVE-2026-4416 GIGABYTE|Performance Library - Insecure Deserialization
The Performance Library component of Gigabyte Control Center has an Insecure Deserialization vulnerability. Authenticated local attackers can send a malicious serialized payload to the EasyTune Engine service, resulting in privilege escalation...
CVE-2026-4416 GIGABYTE|Performance Library - Insecure Deserialization
The Performance Library component of Gigabyte Control Center has an Insecure Deserialization vulnerability. Authenticated local attackers can send a malicious serialized payload to the EasyTune Engine service, resulting in privilege escalation...
CVE-2026-4416
The Performance Library component of Gigabyte Control Center has an Insecure Deserialization vulnerability. Authenticated local attackers can send a malicious serialized payload to the EasyTune Engine service, resulting in privilege escalation...
CVE-2026-4416
The CVE-2026-4416 entry concerns Gigabyte Control Center’s Performance Library, where an Insecure Deserialization vulnerability in the EasyTune Engine service allows authenticated local attackers to send a crafted serialized payload and achieve privilege escalation. The NVD/NVD-derived metrics in...
PT-2026-28807
Name of the Vulnerable Software and Affected Versions Gigabyte Control Center versions affected versions not specified Description The Performance Library component of Gigabyte Control Center contains an issue where maliciously serialized data can be sent to the EasyTune Engine service. An...
GIGABYTE Control Center 代码问题漏洞
GIGABYTE Control Center is an open-source hardware management and system tuning tool developed by GIGABYTE of Taiwan, China. GIGABYTE Control Center has a code vulnerability that stems from insecure deserialization in the Performance Library component. This vulnerability could allow authenticated...
Exploit for Inefficient Regular Expression Complexity in Ua-Parser-Js_Project Ua-Parser-Js
No d...
[SECURITY] Fedora 43 Update: uv-0.10.12-1.fc43
An extremely fast Python package and project manager, written in Rust. Highlights: =E2=80=A2 A single tool to replace pip, pip-tools, pipx, poetry, pyenv, twi ne, virtualenv, and more. =E2=80=A2 10-100x faster than pip. =E2=80=A2 Provides comprehensive project management, with a universal lockf...