1241 matches found
CVE-2026-4859
The CVE-2026-4859 entry pertains to the WordPress SP Blog Designer plugin, affected versions are all releases up to and including 1.0.0. The vulnerability is a Stored Cross-Site Scripting (XSS) via the design attribute of the wpsbd_post_carousel shortcode, caused by insufficient input sanitizatio...
WordPress plugin SP Blog Designer 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. WordPres...
PT-2026-39950
The SP Blog Designer plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'design' attribute of the wpsbd post carousel shortcode in all versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated...
WordPress SP Blog Designer plugin <= 1.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by zaim in WordPress Plugin SP Blog Designer versions = 1.0.0...
Security update for the Linux Kernel RT (Live Patch 8 for SUSE Linux Enterprise 15 SP7)
This update for the SUSE Linux Enterprise kernel 6.4.0-150700.7.28 fixes various security issues The following security issues were fixed: CVE-2025-71066: net/sched: ets: Always remove class from active list before deleting in etsqdiscchange bsc1258005. CVE-2026-23004: dst: fix races in...
SUSE SLES15 : Security update for the Linux Kernel (SUSE-SU-2026:1672-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:1672-1 advisory. The SUSE Linux Enterprise 15 SP4 kernel was updated to fix one security issue. The following security issue was fixed: - CVE-2026-31431: The...
UBUNTU-CVE-2026-35374
A Time-of-Check to Time-of-Use TOCTOU vulnerability exists in the split utility of uutils coreutils. The program attempts to prevent data loss by checking for identity between input and output files using their file paths before initiating the split operation. However, the utility subsequently...
CVE-2026-24032
A vulnerability has been identified in SINEC NMS All versions V4.0 SP3 with UMC. The affected application contains an authentication weakness due to insufficient validation of user identity in the UMC component. This could allow an unauthenticated remote attacker to bypass authentication and gain...
Security update for the Linux Kernel (Live Patch 68 for SUSE Linux Enterprise 12 SP5)
This update for the SUSE Linux Enterprise Kernel 4.12.14-122.258 fixes various security issues The following security issues were fixed: CVE-2023-53794: cifs: fix session state check in reconnect to avoid use-after-free issue bsc1255235. CVE-2025-39973: i40e: add validation for ringlen param...
SUSE SLES15 Security Update : kernel (Live Patch 4 for SUSE Linux Enterprise 15 SP7) (SUSE-SU-2026:1244-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1244-1 advisory. This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.53.16 fixes various security issues The following security issues were fixed: -...
SUSE-SU-2026:1242-1 Security update for the Linux Kernel (Live Patch 27 for SUSE Linux Enterprise 15 SP5)
This update for the SUSE Linux Enterprise Kernel 5.14.21-150500.55.110 fixes various security issues The following security issues were fixed: - CVE-2025-39973: i40e: add validation for ringlen param bsc1252036. - CVE-2025-40018: ipvs: Defer ipvsftp unregister during netns cleanup bsc1252689. -...
SUSE SLES15 Security Update : kernel RT (Live Patch 9 for SUSE Linux Enterprise 15 SP7) (SUSE-SU-2026:1187-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1187-1 advisory. This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.7.31 fixes various security issues The following security issues were fixed: -...
SUSE SLES15 Security Update : kernel (Live Patch 7 for SUSE Linux Enterprise 15 SP7) (SUSE-SU-2026:1136-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1136-1 advisory. This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.53.25 fixes various security issues The following security issues were fixed: -...
CVE-2026-3579
wolfSSL 5.8.4 on RISC-V RV32I architectures lacks a constant-time software implementation for 64-bit multiplication. The compiler-inserted muldi3 subroutine executes in variable time based on operand values. This affects multiple SP math functions sp256mul9, sp256sqr9, etc., leading to a timing...
SUSE SLES15 Security Update : kernel (Live Patch 27 for SUSE Linux Enterprise 15 SP5) (SUSE-SU-2026:1002-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1002-1 advisory. This update for the SUSE Linux Enterprise Kernel 5.14.21-150500.55.110 fixes various security issues The following security issues were fixed: ...
SUSE SLES15 Security Update : kernel (Live Patch 29 for SUSE Linux Enterprise 15 SP5) (SUSE-SU-2026:1039-1)
The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:1039-1 advisory. This update for the SUSE Linux Enterprise Kernel 5.14.21-150500.55.116 fixes various security issues The following security issues were fixed: ...
Security update for the Linux Kernel (Live Patch 76 for SUSE Linux Enterprise 12 SP5)
This update for the SUSE Linux Enterprise Kernel 4.12.14-122.290 fixes various security issues The following security issues were fixed: CVE-2022-50697: mrp: introduce active flags to prevent UAF when applicant uninit bsc1255595. CVE-2022-50756: nvme-pci: fix mempool alloc size bsc1256217...
Security update for chromium (important)
openSUSE Security Update: Security update for chromium Announcement ID: openSUSE-SU-2026:0093-1 Rating: important References: 1259964 Cross-References: CVE-2026-4439 CVE-2026-4440 CVE-2026-4441 CVE-2026-4442 CVE-2026-4443 CVE-2026-4444 CVE-2026-4445 CVE-2026-4446 CVE-2026-4447 CVE-2026-4448...
Security update for the Linux Kernel (Live Patch 66 for SUSE Linux Enterprise 12 SP5)
This update for the SUSE Linux Enterprise Kernel 4.12.14-122.250 fixes various security issues The following security issues were fixed: CVE-2022-50423: ACPICA: Fix use-after-free in acpiutcopyipackagetoipackage bsc1250785. CVE-2022-50697: mrp: introduce active flags to prevent UAF when applicant...
EUVD-2026-13170
wolfSSL 5.8.4 on RISC-V RV32I architectures lacks a constant-time software implementation for 64-bit multiplication. The compiler-inserted muldi3 subroutine executes in variable time based on operand values. This affects multiple SP math functions sp256mul9, sp256sqr9, etc., leading to a timing...