PT-2026-1837

Name of the Vulnerable Software and Affected Versions Apache NimBLE versions through 1.8.0 Description A flaw exists in Apache NimBLE that allows authentication bypass through spoofing. Receiving a specially crafted Security Request can result in the removal of the original bond and re-bonding wi...

CVE-2025-12640

The Folders – Unlimited Folders to Organize Media Library Folder, Pages, Posts, File Manager plugin for WordPress is vulnerable to Unauthorized Arbitrary Media Replacement in all versions up to, and including, 3.1.5. This is due to missing object-level authorization checks in the...

CVE-2025-12640

CVE-2025-12640 concerns the WordPress plugin Folders – Unlimited Folders to Organize Media Library Folder, Pages, Posts, File Manager . According to Wordfence, versions up to 3.1.5 are affected by an unauthorized arbitrary media replacement vulnerability caused by missing object-level authorizati...

CVE-2025-12640 Folders – Unlimited Folders to Organize Media Library Folder, Pages, Posts, File Manager <= 3.1.5 - Missing Authorization to Authenticated (Author+) Media Replacement

The Folders – Unlimited Folders to Organize Media Library Folder, Pages, Posts, File Manager plugin for WordPress is vulnerable to Unauthorized Arbitrary Media Replacement in all versions up to, and including, 3.1.5. This is due to missing object-level authorization checks in the...

CVE-2025-12640 Folders – Unlimited Folders to Organize Media Library Folder, Pages, Posts, File Manager <= 3.1.5 - Missing Authorization to Authenticated (Author+) Media Replacement

The Folders – Unlimited Folders to Organize Media Library Folder, Pages, Posts, File Manager plugin for WordPress is vulnerable to Unauthorized Arbitrary Media Replacement in all versions up to, and including, 3.1.5. This is due to missing object-level authorization checks in the...

EUVD-2026-1598

The Folders – Unlimited Folders to Organize Media Library Folder, Pages, Posts, File Manager plugin for WordPress is vulnerable to Unauthorized Arbitrary Media Replacement in all versions up to, and including, 3.1.5. This is due to missing object-level authorization checks in the...

PT-2026-1699

Name of the Vulnerable Software and Affected Versions The Folders – Unlimited Folders to Organize Media Library Folder, Pages, Posts, File Manager plugin for WordPress versions up to and including 3.1.5 Description The Folders plugin for WordPress is susceptible to unauthorized arbitrary media...

WordPress plugin Folders 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

WordPress Folders plugin <= 3.1.5 - Missing Authorization to Authenticated (Author+) Media Replacement vulnerability

Missing Authorization to Authenticated Author+ Media Replacement vulnerability discovered by Md. Moniruzzaman Prodhan NomanProdhan - Knight Squad in WordPress Plugin Folders versions = 3.1.5...

CVE-2024-2747

CWE-428: Unquoted search path or element vulnerability exists in Easergy Studio, which could cause privilege escalation when a valid user replaces a trusted file name on the system and reboots the machine...

CVE-2020-36916 TDM Digital Signage PC Player 4.1.0.4 Privilege Escalation via Insecure Permissions

TDM Digital Signage PC Player 4.1.0.4 contains an elevation of privileges vulnerability that allows authenticated users to modify executable files. Attackers can leverage the 'Modify' permissions for authenticated users to replace executable files with malicious binaries and gain elevated system...

TDM Digital Signage PC Player 安全漏洞

TDM Digital Signage PC Player is a specialized playback terminal software from the Dutch company TDM Digital Signage. A security vulnerability exists in TDM Digital Signage PC Player version 4.1.0.4, which stems from an elevation of privilege vulnerability that could result in replacing executabl...

TOTOLINK EX200 firmware-upload error handling can activate an unauthenticated root telnet service

Overview A flaw in the firmware-upload error-handling logic of the TOTOLINK EX200 extender can cause the device to unintentionally start an unauthenticated root-level telnet service. This condition may allow a remote authenticated attacker to gain full system access. Description In the End-of-Lif...

Exploit for Use After Free in Apple Safari

CVE-2025-43529: JavaScriptCore DFG ObjectAllocationSinkingPhas...

[SECURITY] Fedora 42 Update: direwolf-1.8.1-1.fc42

Dire Wolf is a modern software replacement for the old 1980's style TNC built with special hardware. Without any additional software, it can perform as an APRS GPS Tracker, Digipeater, Internet Gateway IGate, APRStt gateway. It can also be used as a virtual TNC for other applications such as...

CVE-2023-54180

In the Linux kernel, the following vulnerability has been resolved: btrfs: handle case when repair happens with dev-replace BUG There is a bug report that a BUGON in btrfsrepairiofailure originally repairiofailure in v6.0 kernel got triggered when replacing a unreliable disk: BTRFS warning device...

SUSE CVE-2022-50817

In the Linux kernel, the following vulnerability has been resolved: net: hsr: avoid possible NULL deref in skbclone syzbot got a crash 1 in skbclone, caused by a bug in hsrgetuntaggedframe. When/if createstrippedskbhsr returns NULL, we must not attempt to call skbclone. While we are at it, replac...

SUSE CVE-2022-50860

In the Linux kernel, the following vulnerability has been resolved: apparmor: Fix memleak in allocns After changes in commit a1bd627b46d1 "apparmor: share profile name on replacement", the hname member of struct aapolicy is not valid slab object, but a subset of that, it can not be freed by...

SUSE CVE-2023-54282

In the Linux kernel, the following vulnerability has been resolved: media: tuners: qt1010: replace BUGON with a regular error BUGON is unnecessary here, and in addition it confuses smatch. Replacing this with an error return help resolve this smatch warning: drivers/media/tuners/qt1010.c:350...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-992980)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-992980 advisory. In the Linux kernel, the following vulnerability has been resolved: amdkfd: use calloc instead of kzalloc to avoid integer overflow This uses calloc instead of doing...