EUVD-2026-32959

electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. Prior to 3.9.5, deterministic AES-192-CBC with a fixed zero IV, constant KDF salt, and no MAC leads to confidentiality and integrity failures for synced bookmark/profile data. Attackers can crack common...

emacs security update

1:27.2-11.el95.2 - Fix arbitrary code execution via Lisp macro expansion RHEL-69395...

WordPress Rescue Shortcodes plugin <= 3.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by muhammad yudha in WordPress Plugin Rescue Shortcodes versions = 3.1...

WordPress Master Slider plugin <= 3.9.5 - PHP Object Injection vulnerability

PHP Object Injection vulnerability discovered by Rafie Muhammad Patchstack in WordPress Plugin Master Slider versions = 3.9.5...

Mobile Security Framework 安全漏洞

Mobile Security Framework MobSF is Mobile Security Framework open source an automated all-in-one mobile application . Used for penetration testing, malware analysis and security assessments, it is capable of performing both static and dynamic analysis. A security vulnerability exists in Mobile...

CVE-2022-0391

A flaw was found in Python, specifically within the urllib.parse module. This module helps break Uniform Resource Locator URL strings into components. The issue involves how the urlparse method does not sanitize input and allows characters like '\r' and '\n' in the URL path. This flaw allows an...

UBUNTU-CVE-2021-20279

The ID number user profile field required additional sanitizing to prevent a stored XSS risk in moodle before 3.10.2, 3.9.5, 3.8.8, 3.5.17...

UPX denial of service vulnerability

UPX is an executable file compressor. A security vulnerability exists in the 'PackLinuxElf64::unpack' function of the plxelf.cpp file in UPX version 3.95. A remote attacker can exploit this vulnerability to cause a denial of service double release with the help of specially crafted files...