EUVD-2026-36813

Unauthenticated SQL Injection in Order Delivery Date for WooCommerce = 4.5.1 versions...

Security Bulletin: IBM Maximo Application Suite uses multiple third party dependencies which are vulnerable to CVEs.

Summary IBM Maximo Application Suite uses "org.apache.cxfcxf-core 3.6.7, io.nettynetty-codec-http 4.1.124.Final , github.com/golang-jwt/jwt/v4 v4.5.0" which are vulnerable to "CVE-2025-48913, CVE-2025-58056, CVE-2024-51744". This bulletin contains information regarding the vulnerabilities and how...

WordPress Online Booking & Scheduling Calendar for WordPress by vcita plugin <= 4.5.1 - Authenticated (Subscriber+) Stored Cross-Site Scripting vulnerability

Authenticated Subscriber+ Stored Cross-Site Scripting vulnerability discovered by stealthcopter in WordPress Plugin Online Booking & Scheduling Calendar for WordPress by vcita versions = 4.5.1...

DEBIAN-CVE-2024-51744

golang-jwt is a Go implementation of JSON Web Tokens. Unclear documentation of the error behavior in ParseWithClaims can lead to situation where users are potentially not checking errors in the way they should be. Especially, if a token is both expired and invalid, the errors returned by...

CVE-2023-46614

Cross-Site Request Forgery CSRF vulnerability in Mat Bao Corp WP Helper Premium plugin = 4.5.1 versions...

SUSE CVE-2016-2184

The createfixedstreamquirk function in sound/usb/quirks.c in the snd-usb-audio driver in the Linux kernel before 4.5.1 allows physically proximate attackers to cause a denial of service NULL pointer dereference or double free, and system crash via a crafted endpoints value in a USB device...