4986 matches found
CVE-2024-34268
CVE-2024-34268 affects the EQ-3 Eqiva CC-RT-BLE Bluetooth Smart Radiator Thermostat. The issue is that firmware up to 1.46 allows unsecured Bluetooth connections, enabling attackers to gain full access to the device without authentication. The CVSS v3.1 metrics from the entry indicate: AV Adjacen...
CVE-2026-47470
NVIDIA TensorRT-LLM for any platform contains a vulnerability in the gRPC server chat API endpoint, where an attacker could cause CWE-20 by local attack. A successful exploit of this vulnerability might lead to denial of service...
CVE-2026-57744
Deserialization of Untrusted Data vulnerability in stmcan RT-Theme 18 | Extensions rt18-extensions allows Object Injection.This issue affects RT-Theme 18 | Extensions: from n/a through = 2.5...
CVE-2026-57743
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in stmcan RT-Theme 18 | Extensions rt18-extensions allows PHP Local File Inclusion.This issue affects RT-Theme 18 | Extensions: from n/a through = 2.5...
CVE-2026-57745
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in stmcan RT-Theme 18 | Extensions rt18-extensions allows Reflected XSS.This issue affects RT-Theme 18 | Extensions: from n/a through = 2.5...
CVE-2026-57744 WordPress RT-Theme 18 | Extensions plugin <= 2.5 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in stmcan RT-Theme 18 | Extensions rt18-extensions allows Object Injection.This issue affects RT-Theme 18 | Extensions: from n/a through = 2.5...
CVE-2026-57743
CVE-2026-57743 describes animproper control of the filename for include/require in the PHP program, enabling a PHP Local File Inclusion vulnerability in the WordPress plugin set RT-Theme 18 | Extensions (rt18-extensions). Affected: RT-Theme 18 Extensions versions up to and including 2.5. The issu...
CVE-2026-57745 WordPress RT-Theme 18 | Extensions plugin <= 2.5 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in stmcan RT-Theme 18 | Extensions rt18-extensions allows Reflected XSS.This issue affects RT-Theme 18 | Extensions: from n/a through = 2.5...
CVE-2026-57744
The CVE-2026-57744 entry describes a PHP Object Injection vulnerability in the WordPress plugin RT-Theme 18 Extensions, affected versions up to and including 2.5. The root cause is Deserialization of Untrusted Data, enabling object injection. Impact is rated high (CVSS 3.1: 9.8, Confidentiality/I...
CVE-2026-57743 WordPress RT-Theme 18 | Extensions plugin <= 2.5 - Local File Inclusion vulnerability
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in stmcan RT-Theme 18 | Extensions rt18-extensions allows PHP Local File Inclusion.This issue affects RT-Theme 18 | Extensions: from n/a through = 2.5...
CVE-2026-57745
CVE-2026-57745 concerns a Reflected Cross-Site Scripting vulnerability in the WordPress RT-Theme 18 Extensions (rt18-extensions) plugin, affecting version <= 2.5. The issue is described as improper neutralization of input during web page generation, enabling reflected XSS. Affected product/com...
PT-2026-57772
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in stmcan RT-Theme 18 | Extensions rt18-extensions allows Reflected XSS.This issue affects RT-Theme 18 | Extensions: from n/a through = 2.5...
PT-2026-57771
Deserialization of Untrusted Data vulnerability in stmcan RT-Theme 18 | Extensions rt18-extensions allows Object Injection.This issue affects RT-Theme 18 | Extensions: from n/a through = 2.5...
SUSE-SU-2026:2858-1 Security update for the Linux Kernel RT (Live Patch 9 for SUSE Linux Enterprise 15 SP7)
This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.7.31 fixes various security issues The following security issues were fixed: - CVE-2026-23393: bridge: cfm: Fix race condition in peermep deletion bsc1260524. - CVE-2026-31505: iavf: fix out-of-bounds writes in iavfgetethtoolstats...
SUSE-SU-2026:2857-1 Security update for the Linux Kernel RT (Live Patch 8 for SUSE Linux Enterprise 15 SP7)
This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.7.28 fixes various security issues The following security issues were fixed: - CVE-2025-71089: iommu: disable SVA when CONFIGX86 is set bsc1256615. - CVE-2026-23393: bridge: cfm: Fix race condition in peermep deletion bsc1260524. -...
WordPress RT-Theme 18 | Extensions plugin <= 2.5 - Local File Inclusion vulnerability
Local File Inclusion vulnerability discovered by Bonds in WordPress Plugin RT-Theme 18 | Extensions versions = 2.5...
WordPress RT-Theme 18 | Extensions plugin <= 2.5 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by Bonds in WordPress Plugin RT-Theme 18 | Extensions versions = 2.5...
WordPress RT-Theme 18 | Extensions plugin <= 2.5 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by Bonds in WordPress Plugin RT-Theme 18 | Extensions versions = 2.5...
CVE-2026-14629
A flaw has been found in RT-Thread up to 5.2.2. Affected is the function read/write/sysioctl of the file components/lwp/lwpsyscall.c of the component Parameter Handler. Executing a manipulation can lead to divide by zero. The attack may be launched remotely. The exploit has been published and may...
CVE-2026-14629 RT-Thread Parameter lwp_syscall.c sys_ioctl divide by zero
A flaw has been found in RT-Thread up to 5.2.2. Affected is the function read/write/sysioctl of the file components/lwp/lwpsyscall.c of the component Parameter Handler. Executing a manipulation can lead to divide by zero. The attack may be launched remotely. The exploit has been published and may...