234 matches found
PT-2026-23190
Name of the Vulnerable Software and Affected Versions ThemeREX Alliance alliance versions through 3.1.1 Description The software contains a flaw related to improper control of filename handling for include/require statements, specifically a PHP Local File Inclusion issue. This allows for the...
PT-2026-23338
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Dixon dixon allows PHP Local File Inclusion.This issue affects Dixon: from n/a through = 1.4.2.1...
PT-2026-23340
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX S.King stephanie-king allows PHP Local File Inclusion.This issue affects S.King: from n/a through = 1.5.3...
PT-2026-23300
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Global Logistics globallogistics allows PHP Local File Inclusion.This issue affects Global Logistics: from n/a through = 3.20...
PT-2026-23360
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Mahogany mahogany allows PHP Local File Inclusion.This issue affects Mahogany: from n/a through = 2.9...
NULL Pointer Dereference
Overview Affected versions of this package are vulnerable to NULL Pointer Dereference via the sqstdrexnewnode function in sqstdlib/sqstdrex.cpp. An attacker can cause a denial of service by triggering a null pointer dereference through local manipulation. Remediation There is no fixed version for...
CVE-2026-3389
A vulnerability was determined in Squirrel up to 3.2. This vulnerability affects the function sqstdrexnewnode in the library sqstdlib/sqstdrex.cpp. Executing a manipulation can lead to null pointer dereference. The attack can only be executed locally. The exploit has been publicly disclosed and m...
UBUNTU-CVE-2026-3389
A vulnerability was determined in Squirrel up to 3.2. This vulnerability affects the function sqstdrexnewnode in the library sqstdlib/sqstdrex.cpp. Executing a manipulation can lead to null pointer dereference. The attack can only be executed locally. The exploit has been publicly disclosed and m...
CVE-2026-3389
A vulnerability was determined in Squirrel up to 3.2. This vulnerability affects the function sqstdrexnewnode in the library sqstdlib/sqstdrex.cpp. Executing a manipulation can lead to null pointer dereference. The attack can only be executed locally. The exploit has been publicly disclosed and m...
CVE-2025-69405
Deserialization of Untrusted Data vulnerability in ThemeREX Lorem Ipsum | Books & Media Store lorem-ipsum-books-media-store allows Object Injection.This issue affects Lorem Ipsum | Books & Media Store: from n/a through = 1.2.11...
CVE-2025-69405
Deserialization of Untrusted Data vulnerability in ThemeREX Lorem Ipsum | Books & Media Store lorem-ipsum-books-media-store allows Object Injection.This issue affects Lorem Ipsum | Books & Media Store: from n/a through = 1.2.11...
CVE-2025-69402
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX R&F rf allows PHP Local File Inclusion.This issue affects R&F: from n/a through = 1.5...
CVE-2025-69396
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Splendour splendour allows PHP Local File Inclusion.This issue affects Splendour: from n/a through = 1.23...
CVE-2025-69395
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Gable gable allows PHP Local File Inclusion.This issue affects Gable: from n/a through = 1.5...
CVE-2025-69397
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Tint tint allows PHP Local File Inclusion.This issue affects Tint: from n/a through = 1.7...
@agentuity/evals (>=0.0.104 <=2.0.23), @agentuity/hono (>=3.0.0-alpha.0 <=3.0.0-beta.4) +347 more potentially affected by CVE-2026-26280 via systeminformation (>=5.0.6 <=5.30.7)
systeminformation NPM version =5.0.6, =0.0.104, =3.0.0-alpha.0, =0.0.6, =0.0.63, =0.0.2, =3.0.0-alpha.0, =0.1.1, =0.1.1, =4.1.0, =4.0.0-devnet.2-patch.0, =0.0.1-2.1-beta-provision, =0.0.0-test.0, =0.0.0-test.0, =0.0.0-test.0, =5.0.0-private.20260319 and more Source cves: CVE-2026-26280 Source...
PT-2026-4165
Deserialization of Untrusted Data vulnerability in ThemeREX Sound | Musical Instruments Online Store musicplace allows Object Injection.This issue affects Sound | Musical Instruments Online Store: from n/a through = 1.6.9...
CVE-2025-69081
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in ThemeREX Hope charity-is-hope allows PHP Local File Inclusion.This issue affects Hope: from n/a through = 3.0.0...
EUVD-2001-1497
Malware in sbrugna...
EUVD-2001-0987
Malware in sbrugna...