CVE-2026-24546

Missing Authorization vulnerability in Ruben Garcia GamiPress allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects GamiPress: from n/a through 7.6.3...

Fortinet FortiOS 缓冲区错误漏洞

Fortinet FortiOS is a security operating system developed by Fortinet Corporation, specifically for use on the FortiGate network security platform. This system provides users with various security features, including firewalls, antivirus protection, IPSec/SSLVPN, web content filtering, and...

Fortinet FortiSOAR PaaS和Fortinet FortiSOAR on-premise 授权问题漏洞

Fortinet FortiSOAR PaaS and Fortinet FortiSOAR on-premise are security orchestration, automation, and response software developed by the American company Fortinet. There are authorization-related vulnerabilities in Fortinet FortiSOAR PaaS and FortiSOAR on-premise. These vulnerabilities stem from...

River Past Video Cleaner 缓冲区错误漏洞

River Past Video Cleaner is a software tool developed by River Past Corporation, designed for batch conversion and repair of video formats and timestamps. Version 7.6.3 of River Past Video Cleaner contains a buffer error vulnerability. This vulnerability stems from a buffer overflow in the...

CVE-2026-25464

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in TieLabs Jannah jannah allows PHP Local File Inclusion.This issue affects Jannah: from n/a through = 7.6.4...

PT-2026-27958

Name of the Vulnerable Software and Affected Versions TieLabs Jannah versions through 7.6.3 Description The software contains an improper control of filename handling for include/require statements, leading to a PHP Local File Inclusion issue. This allows for the inclusion of local PHP files...

WordPress Jannah theme <= 7.6.3 - Local File Inclusion vulnerability

Local File Inclusion vulnerability discovered by Ananda Dhakal Patchstack in WordPress Theme Jannah versions = 7.6.3...

Odin Secure FTP Expert 安全漏洞

Odin Secure FTP Expert is an FTP client software developed by Odin Secure Corporation. Version 7.6.3 of Odin Secure FTP Expert contains a security vulnerability, which stems from improper handling of site information fields, potentially leading to application crashes...

CVE-2025-58744 Hard-Coded Default Credentials Enable Document Archive Decryption in Milner ImageDirector Capture

Use of Default Credentials, Hard-coded Credentials vulnerability in C2SGlobalSettings.dll in Milner ImageDirector Capture on Windows allows decryption of document archive files using credentials decrypted with hard-coded application encryption key. This issue affects ImageDirector Capture: from...

Fortinet FortiExtender 操作系统命令注入漏洞

Fortinet FortiExtender is a wireless WAN wide area network extender device from Fortinet, Inc. An operating system command injection vulnerability exists in Fortinet FortiExtender versions 7.6.0 through 7.6.3, 7.4.0 through 7.4.7, all versions of 7.2, and all versions of 7.0, which originates fro...

CVE-2025-58903

An Unchecked Return Value vulnerability CWE-252 in Fortinet FortiOS version 7.6.0 through 7.6.3 and before 7.4.8 API allows an authenticated user to cause a Null Pointer Dereference, crashing the http daemon via a specialy crafted request...

EUVD-2025-24461

Malicious code in bioql PyPI...

CVE-2025-52970

A improper handling of parameters in Fortinet FortiWeb versions 7.6.3 and below, versions 7.4.7 and below, versions 7.2.10 and below, and 7.0.10 and below may allow an unauthenticated remote attacker with non-public information pertaining to the device and targeted user to gain admin privileges o...

CVE-2025-25257

An improper neutralization of special elements used in an SQL command 'SQL Injection' vulnerability CWE-89 vulnerability in Fortinet FortiWeb 7.6.0 through 7.6.3, FortiWeb 7.4.0 through 7.4.7, FortiWeb 7.2.0 through 7.2.10, FortiWeb 7.0.0 through 7.0.10 allows an unauthenticated attacker to execu...

Varnish Cache 安全漏洞

Varnish Cache is a suite of reverse web caching servers from Varnish, Inc. A security vulnerability exists in Varnish Cache versions prior to 7.6.3 and versions prior to 7.7 to 7.7.1 and Varnish Enterprise versions prior to 6.0.13r14, which stems from allowing CRLFs to be skipped to delimit block...

CVE-2024-50058 affecting package kernel for versions less than 5.15.176.3-1

CVE-2024-50058 affecting package kernel for versions less than 5.15.176.3-1. A patched version of the package is available...

CVE-2023-45760

Missing Authorization vulnerability in gVectors Team wpDiscuz allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects wpDiscuz: from n/a through 7.6.3...

CVE-2024-35687

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Yannick Lefebvre Link Library link-library allows Reflected XSS.This issue affects Link Library: from n/a through 7.6.3...

WordPress Link Library plugin <= 7.6.3 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by Dimas Maulana Patchstack Alliance in WordPress Plugin Link Library versions = 7.6.3...

CVE-2024-30886

A stored cross-site scripting XSS vulnerability in the remotelink function of HadSky v7.6.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the url parameter...