407 matches found
CVE-2026-42670
Missing Authorization vulnerability in Etoile Web Design Incorporated Five Star Restaurant Reservations allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Five Star Restaurant Reservations: from n/a through 2.7.14...
EUVD-2026-33908
Missing Authorization vulnerability in Etoile Web Design Incorporated Five Star Restaurant Reservations allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Five Star Restaurant Reservations: from n/a through 2.7.14...
CVE-2026-42670
CVE-2026-42670 concerns the WordPress plugin for Five Star Restaurant Reservations (versions
CVE-2026-42670 WordPress Five Star Restaurant Reservations plugin <= 2.7.14 - Payment Bypass vulnerability
Missing Authorization vulnerability in Etoile Web Design Incorporated Five Star Restaurant Reservations allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Five Star Restaurant Reservations: from n/a through 2.7.14...
CVE-2026-42670 WordPress Five Star Restaurant Reservations plugin <= 2.7.14 - Payment Bypass vulnerability
Missing Authorization vulnerability in Etoile Web Design Incorporated Five Star Restaurant Reservations allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Five Star Restaurant Reservations: from n/a through 2.7.14...
CVE-2026-42670
Missing Authorization vulnerability in Etoile Web Design Incorporated Five Star Restaurant Reservations allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Five Star Restaurant Reservations: from n/a through 2.7.14...
PT-2026-45734
Missing Authorization vulnerability in Etoile Web Design Incorporated Five Star Restaurant Reservations allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Five Star Restaurant Reservations: from n/a through 2.7.14...
Scammers Are Using Your Real Hotel Reservations to Trick You With Spear-Phishing Attacks
Customer data from more than 350 hotels around the world may have been accessed as part of realistic reservation-hijacking scams...
SUSE CVE-2026-43286
In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: restore failed global reservations to subpool Commit a833a693a490 "mm: hugetlb: fix incorrect fallback for subpool" fixed an underflow error for hstate-resvhugepages caused by incorrectly attributing globally requeste...
WordPress Five Star Restaurant Reservations plugin <= 2.7.14 - Payment Bypass vulnerability
Payment Bypass vulnerability discovered by Evan in WordPress Plugin Five Star Restaurant Reservations versions = 2.7.14...
CVE-2026-43286 mm/hugetlb: restore failed global reservations to subpool
In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: restore failed global reservations to subpool Commit a833a693a490 "mm: hugetlb: fix incorrect fallback for subpool" fixed an underflow error for hstate-resvhugepages caused by incorrectly attributing globally requeste...
CVE-2026-43286
The CVE-2026-43286 entry is resolved in the Linux kernel’s hugetlb subsystem (mm/hugetlb). A fix for an underflow in hstate->resv_huge_pages was introduced by commit a833a693a490 to correct fallback behavior for subpools, but it created a new issue where the subpool’s used_hpages could remain ...
CVE-2026-43286
In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: restore failed global reservations to subpool Commit a833a693a490 "mm: hugetlb: fix incorrect fallback for subpool" fixed an underflow error for hstate-resvhugepages caused by incorrectly attributing globally requeste...
PT-2026-38928
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the hugetlb memory management where failed global reservations are not correctly restored to the subpool. Specifically, when globally requested pages cannot be acquire...
WordPress plugin Appointment Booking Calendar 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There ar...
Security Bulletin: Vulnerability in node-tar affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.
Summary Potential vulnerability in node-tar has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information...
Astra Linux - уязвимость в linux-5.15
In the Linux kernel, the following vulnerability has been resolved: btrfs: skip reserved bytes warning on unmount after log cleanup failure After the recent changes made by commit c2e39305299f01 "btrfs: clear extent buffer uptodate when we fail to write it" and its followup fix, commit...
Astra Linux - уязвимость в linux, linux-5.15, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: btrfs: don't free qgroup space unless specified Boris noticed in his simple quotas testing that he was getting a leak with Sweet Tea's change to subvol create that stopped doing a transaction commit. This was just a side effect o...
WordPress plugin Booking for Appointments and Events Calendar – Amelia 授权问题漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...
CVE-2026-6498
The Five Star Restaurant Reservations plugin for WordPress is vulnerable to a payment bypass via PHP type juggling in versions up to, and including, 2.7.16 This is due to the validpayment function using a PHP loose comparison == between the attacker-controlled paymentid POST parameter and the...