CVE-2026-49017

In OpenStack Swift before 2.36.2 and 2.37.2, s3api middleware enters an infinite loop when processing a truncated aws-chunked PUT request body. The StreamingInput class repeatedly appends an empty buffer and re-reads, causing the proxy-server worker handling the request to become permanently...

EUVD-2026-11933

Improper Control of Generation of Code 'Code Injection' vulnerability in ILLID Advanced Woo Labels advanced-woo-labels allows Remote Code Inclusion.This issue affects Advanced Woo Labels: from n/a through = 2.36...

CVE-2026-32414

Improper Control of Generation of Code 'Code Injection' vulnerability in ILLID Advanced Woo Labels advanced-woo-labels allows Remote Code Inclusion.This issue affects Advanced Woo Labels: from n/a through = 2.36...

CVE-2026-32414

The CVE concerns WordPress plugin Advanced Woo Labels (IllID) with versions up to and including 2.36, where an improper control of code generation leads to code injection and remote code inclusion. Affected component is the Advanced Woo Labels plugin; root cause is a code injection vulnerability ...

EUVD-2021-26846

Malware in sbrugna...

CVE-2024-13910

The Database Backup and check Tables Automated With Scheduler 2024 plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'databasebackupajaxdelete' function in all versions up to, and including, 2.35. This makes it possible for authenticated...

CVE-2024-13910

CVE-2024-13910 affects the WordPress plugin “Database Backup and check Tables Automated With Scheduler 2024” (Database Backup, plugin versions

CVE-2024-13910 Database Backup and check Tables Automated With Scheduler 2024 <= 2.36 - Authenticated (Administrator+) Arbitrary File Deletion

The Database Backup and check Tables Automated With Scheduler 2024 plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'databasebackupajaxdelete' function in all versions up to, and including, 2.35. This makes it possible for authenticated...

CVE-2024-13910 Database Backup and check Tables Automated With Scheduler 2024 <= 2.36 - Authenticated (Administrator+) Arbitrary File Deletion

The Database Backup and check Tables Automated With Scheduler 2024 plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file path validation in the 'databasebackupajaxdelete' function in all versions up to, and including, 2.35. This makes it possible for authenticated...

CVE-2021-39179

DHIS 2 is an information system for data capture, management, validation, analytics and visualization. A SQL Injection vulnerability in the Tracker component in DHIS2 Server allows authenticated remote attackers to execute arbitrary SQL commands via unspecified vectors. This vulnerability affects...

AZL-34735 CVE-2023-6246 affecting package glibc for versions less than 2.38-6

A heap-based buffer overflow was found in the vsysloginternal function of the glibc library. This function is called by the syslog and vsyslog functions. This issue occurs when the openlog function was not called, or called with the ident argument set to NULL, and the program name the basename of...

GNU Binutils 安全漏洞

GNU Binutils GNU Binary Utilities or binutils is a set of programming language utility programs developed by the GNU community. The programs are primarily used to work with target files in a variety of formats, and provide linkers, assemblers, and other tools for target files and archives. A...

Design/Logic Flaw

An out of bounds flaw was found in GNU binutils objdump utility version 2.36. An attacker could use this flaw and pass a large section to avrelf32loadrecordsfromsection probably resulting in a crash or in some cases memory corruption. The highest threat from this vulnerability is to integrity as...