WordPress Mayosis Core plugin <= 5.4.7 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Mayosis Core versions = 5.4.7...

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-004022)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-004022 advisory. In the Linux kernel 5.5.0 and newer, the bpf verifier kernel/bpf/verifier.c did not properly restrict the register bounds for 32-bit operations, leading to...

CVE-2018-1000634

The Open Microscopy Environment OMERO.server version 5.4.0 to 5.4.6 contains an Improper Access Control vulnerability in User management that can result in administrative user with privilege restrictions logging in as a more powerful administrator. This attack appear to be exploitable via Use use...

Unity Linux 20.1070e Security Update: kernel (UTSA-2026-000482)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-000482 advisory. An issue was discovered in the Linux kernel before 5.4.7. The prbcalcretireblktmo function in net/packet/afpacket.c can result in a denial of service CPU consumption...

Command Injection

Overview Affected versions of this package are vulnerable to Command Injection via the enforcer that uses environment variables without sanitation. An attacker can execute arbitrary commands or cause a buffer overflow by supplying crafted input to the affected component. Remediation Upgrade...

Use of Hard-coded Cryptographic Key

Overview Affected versions of this package are vulnerable to Use of Hard-coded Cryptographic Key for encrypting sensitive configurations when NeuVector stores data. The static key can be used to retrieve configuration data. Remediation Upgrade github.com/neuvector/neuvector/controller/rest to...

Use of Hard-coded Cryptographic Key

Overview Affected versions of this package are vulnerable to Use of Hard-coded Cryptographic Key for encrypting sensitive configurations when NeuVector stores data. The static key can be used to retrieve configuration data. Remediation Upgrade github.com/neuvector/neuvector/controller/kv to versi...

Use of Hard-coded Cryptographic Key

Overview Affected versions of this package are vulnerable to Use of Hard-coded Cryptographic Key for encrypting sensitive configurations when NeuVector stores data. The static key can be used to retrieve configuration data. Remediation Upgrade github.com/neuvector/neuvector/share/utils to version...

Use of Hard-coded Cryptographic Key

Overview Affected versions of this package are vulnerable to Use of Hard-coded Cryptographic Key for encrypting sensitive configurations when NeuVector stores data. The static key can be used to retrieve configuration data. Remediation Upgrade github.com/neuvector/neuvector/controller/cache to...

PT-2025-43268

Name of the Vulnerable Software and Affected Versions NeuVector versions prior to 5.4.7 Description A critical issue exists in NeuVector where the enforcer component improperly handles environment variables CLUSTER RPC PORT and CLUSTER LAN PORT. These variables are used to construct shell command...

EUVD-2018-1969

Malware in sbrugna...

CVE-2025-26205

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none...

PT-2025-3120 · Opencode · Opencode Mobile Collect Call

Name of the Vulnerable Software and Affected Versions: Opencode Mobile Collect Call version 5.4.7 Description: The issue allows attackers to execute arbitrary web scripts or HTML, potentially leading to Remote Code Execution RCE and cross-site scripting XSS. This can be achieved by injecting a...

Opencode Mobile Collect Call 安全漏洞

Opencode Mobile Collect Call is a mobile payphone solution from Opencode. A security vulnerability exists in Opencode Mobile Collect Call version v5.4.7. An attacker can exploit this vulnerability to execute arbitrary web script or HTML via a specially crafted payload injected into the opfunc...

Malicious code in seller-journey (npm)

--- -= Per source details. Do not edit below this line.=- Source: ossf-package-analysis 60c8dd60bc988a9407b04ce22918c8e8aedc6a7436ea2c74eb3181de1ad876bf The OpenSSF Package Analysis project identified 'seller-journey' @ 5.4.7 npm as malicious. It is considered malicious because: - The package...

WordPress Ivory Search plugin <= 5.4.6 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by WPScanTeam in WordPress Ivory Search plugin versions = 5.4.6. Solution Update the WordPress Ivory Search plugin to the latest available version at least 5.4.7...

WordPress Multiple Vulnerabilities (Sep 2021) - Windows

WordPress is prone to multiple vulnerabilities. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CMailServer CMailCOM.dll MoveToFolder buffer overflow

Added: 08/27/2008 BID: 30098 OSVDB: 46750 Background CMailServer is a mail and web mail server. The CMailServer web interface includes the CMailCOM.dll component which provides several classes. Problem A buffer overflow vulnerability in the MoveToFolder method of the POP3 class in CMailCOM.dll...

CMailServer CMailCOM.dll MoveToFolder buffer overflow

Added: 08/27/2008 BID: 30098 OSVDB: 46750 Background CMailServer is a mail and web mail server. The CMailServer web interface includes the CMailCOM.dll component which provides several classes. Problem A buffer overflow vulnerability in the MoveToFolder method of the POP3 class in CMailCOM.dll...

CMailServer CMailCOM.dll MoveToFolder buffer overflow

Added: 08/27/2008 BID: 30098 OSVDB: 46750 Background CMailServer is a mail and web mail server. The CMailServer web interface includes the CMailCOM.dll component which provides several classes. Problem A buffer overflow vulnerability in the MoveToFolder method of the POP3 class in CMailCOM.dll...