Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003819)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003819 advisory. Two memory leaks in the v3dsubmitclioctl function in drivers/gpu/drm/v3d/v3dgem.c in the Linux kernel before 5.3.11 allow attackers to cause a denial of service memo...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-004018)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004018 advisory. A memory leak in the rtl8xxxusubmitinturb function in drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxucore.c in the Linux kernel through 5.3.11 allows attackers to cau...

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001626)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001626 advisory. Integer overflow in the vc4getbcl function in drivers/gpu/drm/vc4/vc4gem.c in the VideoCore DRM driver in the Linux kernel before 4.9.7 allows local users to cause a...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-003240)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003240 advisory. The vc4getbcl function in drivers/gpu/drm/vc4/vc4gem.c in the VideoCore DRM driver in the Linux kernel before 4.9.7 does not set an errno value upon certain overflow...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003267)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003267 advisory. The vc4getbcl function in drivers/gpu/drm/vc4/vc4gem.c in the VideoCore DRM driver in the Linux kernel before 4.9.7 does not set an errno value upon certain overflow...

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-002808)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-002808 advisory. Integer overflow in the vc4getbcl function in drivers/gpu/drm/vc4/vc4gem.c in the VideoCore DRM driver in the Linux kernel before 4.9.7 allows local users to cause a...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-003105)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-003105 advisory. Integer overflow in the vc4getbcl function in drivers/gpu/drm/vc4/vc4gem.c in the VideoCore DRM driver in the Linux kernel before 4.9.7 allows local users to cause a...

D-Link DWR-M920 sub_464794 function buffer overflow vulnerability

The D-Link DWR-M920 is a 4GLTE wireless router manufactured by Youxun D-Link. The D-Link DWR-M920 suffers from a buffer overflow vulnerability that stems from the incorrect manipulation of the parameter submit-url in the function sub464794 in the file /boafrm/formDefRoute, for which no detailed...

D-Link DWR-M920 sub_423848 function buffer overflow vulnerability

The D-Link DWR-M920 is a 4GLTE wireless router manufactured by Youxun D-Link. The D-Link DWR-M920 suffers from a buffer overflow vulnerability that stems from the incorrect manipulation of the parameter submit-url in the function sub423848 in the file /boafrm/formParentControl, for which no...

CVE-2025-67147

Multiple SQL Injection vulnerabilities exist in amansuryawanshi Gym-Management-System-PHP 1.0 via the 'name', 'email', and 'comment' parameters in 1 submitcontact.php, the 'username' and 'passkey' parameters in 2 securelogin.php, and the 'loginid', 'pwfield', and 'loginkey' parameters in 3...

WordPress JNews - Frontend Submit plugin <= 11.0.0 - Reflected Cross Site Scripting (XSS) vulnerability

WordPress JNews - Frontend Submit plugin = 11.0.0 - Reflected Cross Site Scripting XSS vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin JNews - Frontend Submit versions = 11.0.0...

PT-2026-2302

Name of the Vulnerable Software and Affected Versions Gym-Management-System-PHP version 1.0 Description The application contains multiple SQL Injection flaws. An attacker, whether authenticated or not, can potentially bypass authentication, execute arbitrary SQL commands, modify database records,...

GYM-MANAGEMENT-SYSTEM 安全漏洞

GYM-MANAGEMENT-SYSTEM is a gym management system by Abhishek S Individual Developer. A security vulnerability exists in GYM-MANAGEMENT-SYSTEM version 1.0, which stems from the name, email, and comment parameters in submitcontact.php, username and passkey parameters in securelogin.php, and changes...

CVE-2023-25796

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Include WP BaiDu Submit plugin = 1.2.1 versions...

CVE-2025-13419

The Guest posting / Frontend Posting / Front Editor – WP Front User Submit plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the '/wp-json/bfe/v1/revert' REST API endpoint in all versions up to, and including, 5.0.0. This makes it possibl...

CVE-2025-14465

The Sticky Action Buttons plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1. This is due to missing or incorrect nonce validation on the sabsoptionspageformsubmit function. This makes it possible for unauthenticated attackers to update plug...

WordPress plugin Sticky Action Buttons 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which provides the ability to host a personal blog site on a PHP and MySQL based...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000307)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000307 advisory. A memory leak in the ath10kusbhiftxsg function in drivers/net/wireless/ath/ath10k/usb.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of...

WordPress plugin WP User Frontend 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

EUVD-2022-55927

H3C SSL VPN contains a user enumeration vulnerability that allows attackers to identify valid usernames through the 'txtUsrName' POST parameter. Attackers can submit different usernames to the loginsubmit.cgi endpoint and analyze response messages to distinguish between existing and non-existing...