21 matches found
CVE-2026-54838
Subscriber SQL Injection in WC Vendors Marketplace = 2.6.8 versions...
WordPress WC Vendors Marketplace plugin <= 2.6.8 - SQL Injection vulnerability
SQL Injection vulnerability discovered by hhhai in WordPress Plugin WC Vendors Marketplace versions = 2.6.8...
CVE-2026-34229 Emlog: Stored XSS in Comment Module via URI Scheme Validation Bypass
Emlog is an open source website building system. Prior to version 2.6.8, there is a stored cross-site scripting XSS vulnerability in emlog comment module via URI scheme validation bypass. This issue has been patched in version 2.6.8...
EUVD-2026-18899
Emlog is an open source website building system. Prior to version 2.6.8, there is a stored cross-site scripting XSS vulnerability in emlog comment module via URI scheme validation bypass. This issue has been patched in version 2.6.8...
EUVD-2026-18897
Emlog is an open source website building system. Prior to version 2.6.8, the backend upgrade interface accepts remote SQL and ZIP URLs via GET parameters. The server first downloads and executes the SQL file, then downloads the ZIP file and extracts it directly into the web root directory. This...
PT-2026-30264
Emlog is an open source website building system. Prior to version 2.6.8, there is a stored cross-site scripting XSS vulnerability in emlog comment module via URI scheme validation bypass. This issue has been patched in version 2.6.8...
i-SENS SmartLog 信任管理问题漏洞
i-SENS SmartLog is a device data recording and management system developed by i-SENS Corporation. Versions of i-SENS SmartLog 2.6.8 and earlier contained a vulnerability related to trust management. This vulnerability stemmed from hard-coded credentials in the air.SmartLog.android component...
CVE-2026-27190
Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.6.8, a command injection vulnerability exists in Deno's node:childprocess implementation. This vulnerability is fixed in 2.6.8...
CVE-2026-27190
Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.6.8, a command injection vulnerability exists in Deno's node:childprocess implementation. This vulnerability is fixed in 2.6.8...
CVE-2026-27190 Deno has a Command Injection via Incomplete shell metacharacter blocklist in node:child_process
Deno is a JavaScript, TypeScript, and WebAssembly runtime. Prior to 2.6.8, a command injection vulnerability exists in Deno's node:childprocess implementation. This vulnerability is fixed in 2.6.8...
RHEL 8 : osbuild-composer (RHSA-2026:2685)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:2685 advisory. A service for building customized OS artifacts, such as VM images and OSTree commits, that uses osbuild under the hood. Besides building images for...
WordPress Otter Blocks plugin <= 2.6.8 - Authenticated (Author+) Limited File Upload to Stored Cross-Site Scripting vulnerability
Authenticated Author+ Limited File Upload to Stored Cross-Site Scripting vulnerability discovered by João Pedro Soares de Alcântara in WordPress Plugin Otter - Gutenberg Block versions = 2.6.8...
VulnCheck KEV: CVE-2024-30199
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in WP Lab WP-Lister Lite for Amazon wp-lister-for-amazon.This issue affects WP-Lister Lite for Amazon: from n/a through = 2.6.8...
WordPress plugin Exclusive Addons for Elementor Security Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...
com.aerospike:aerospike-cache (>=0.9.1 <=1.2), com.aerospike:aerospike-kafka-connector (>=0.0.3 <=0.0.6) +64 more potentially affected by CVE-2023-36480 via com.aerospike:aerospike-client (>=3.0.34 <=4.4.9)
com.aerospike:aerospike-client MAVEN version =3.0.34, =0.9.1, =0.0.3, =1.0, =1.0, =4.2.0, =4.2.0, =4.4.9, =0.9.1, =0.0.1, =1.0.1.RELEASE, =2.5.0 - com.aerospike:spring-session-aerospike =1.0.0.RELEASE and more Source cves: CVE-2023-36480 Source advisory: OSV:GHSA-JJ95-55CR-9597...
SUSE CVE-2005-3055
Linux kernel 2.6.8 to 2.6.14-rc2 allows local users to cause a denial of service kernel OOPS via a userspace process that issues a USB Request Block URB to a USB device and terminates before the URB is finished, which leads to a stale pointer reference...
CVE-2022-26870
creationtimestamp| type| source ---|---|--- 2022-10-21 22:22:53+00:00| seen| https://t.me/cibsecurity/51952 2025-05-07 16:23:18+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/15342...
Exploit for CVE-2022-26809
CVE-2...
CVE-2022-0268
creationtimestamp| type| source ---|---|--- 2022-01-25 14:18:28+00:00| seen| https://t.me/cibsecurity/36198...
Unspecified Vulnerability in ECOS System Management Appliance
ECOS System Management Appliance a.k.a. SMA is a virtual appliance from ECOS TECHNOLOGY, Germany, for centralized management of ECOS products, which is capable of running on VMware, Crtrix XenServer, and Hyper-V. A security vulnerability exists in ECOS SMA version 5.2.68 that stems from an...