CVE-2026-5200

The AcyMailing – An Ultimate Newsletter Plugin and Marketing Automation Solution for WordPress plugin for WordPress is vulnerable to Missing Authorization in versions up to, and including, 10.8.2. This is due to the plugin not properly verifying that a user is authorized to perform an action. Thi...

CVE-2026-26213

thingino-firmware versions up to the firmware-2026-03-16 release contains an unauthenticated os command injection vulnerability in the WiFi captive portal CGI script that allows remote attackers to execute arbitrary commands as root by injecting malicious code through unsanitized HTTP parameter...

CVE-2023-37833

Improper access control in Elenos ETG150 FM transmitter v3.12 allows attackers to make arbitrary configuration edits that are only accessed by privileged users...

Description of the security update for SharePoint Server Subscription Edition: October 11, 2022 (KB5002290)

Description of the security update for SharePoint Server Subscription Edition: October 11, 2022 KB5002290 Summary This security update resolves a Microsoft SharePoint Server remote code execution vulnerability. To learn more about the vulnerability, see the following security advisories: Microsof...

Description of the security update for SharePoint Foundation 2013: October 11, 2022 (KB5002284)

Description of the security update for SharePoint Foundation 2013: October 11, 2022 KB5002284 Summary This security update resolves a Microsoft SharePoint Server remote code execution vulnerability. To learn more about the vulnerability, see the following security advisories: Microsoft Common...

CVE-2021-25652

An information disclosure vulnerability was discovered in the directory and file management of Avaya Aura Appliance Virtualization Platform Utilities AVPU. This vulnerability may potentially allow any local user to access system functionality and configuration information that should only be...