322 matches found
Gogs < 0.14.3 - Unauthenticated Organization Teams Disclosure
Gogs before version 0.14.3 contains an unauthenticated information disclosure vulnerability. The GET /api/v1/orgs/:orgname/teams endpoint returns all teams for any organization without requiring authentication. The route group lacks the reqToken middleware, exposing team IDs, names, descriptions,...
CVE-2026-21057
Improper input validation in Samsung Pass prior to version 5.2.10.3 allows local privileged attackers to write out-of-bounds memory...
CVE-2026-11570
CVE-2026-11570 affects the User Submitted Posts WordPress plugin prior to 20260608, where an input value is not escaped before being output in an admin-configured display template, allowing unauthenticated users to trigger a Stored XSS when a non-default display option is enabled. The issue is de...
CVE-2026-57923
In JetBrains YouTrack before 2026.2.16593 improper authorisation in the app configurations endpoint allowed modifying project settings...
Curl 8.11.1 < 8.21.0 Netrc Password Leak
The version of curl installed on the remote host is 8.11.1 prior to 8.21.0. It is, therefore, affected by a credential disclosure vulnerability: - When asking curl to use a .netrc file to find credentials and at the same time specifying a URL with a username, curl could wrongly get and use the...
CVE-2026-49851 Mistune: Potential DoS via quadratic-time parsing in parse_link_text
Mistune is a Python Markdown parser with renderers and plugins. Prior to 3.3.0, Mistune is vulnerable to a CPU exhaustion DoS due to superlinear approximately On² behavior in parselinktext. When parsing Markdown containing many consecutive characters, parselinktext repeatedly scans the input usin...
WordPress Pie Register plugin < 3.8.4.10 - Unauthenticated Email Verification Bypass via Predictable Token vulnerability
Unauthenticated Email Verification Bypass via Predictable Token vulnerability discovered by Haitam Lazaar in WordPress Plugin Pie Register versions 3.8.4.10...
CVE-2026-49286 PhpWeasyPrint vulnerable to PHAR deserialization via output filename (CVE-2023-28115 case-insensitive bypass)
PhpWeasyPrint is a PHP library allowing PDF generation from a URL or an HTML page. Prior to version 2.6.0, pontedilana/php-weasyprint guarded the output filename against the phar:// stream wrapper with a case-sensitive blacklist. PHP stream wrappers are case-insensitive, so PHAR://, Phar://, etc...
CVE-2025-58952
Unauthenticated Local File Inclusion in Neuronet 1.14.0 versions...
NPM: n8n: Merge Node SQL Mode Prototype Pollution
NPM: n8n: Merge Node SQL Mode Prototype Pollution vulnerability discovered by ? in WordPress Npm n8n versions 2.25.7...
CVE-2025-7003
Heap buffer out-of-bounds read vulnerability in Avira Antivirus engine when scanning a malformed PDF file may allow Local Execution of Code or Denial-of-Service of the antivirus engine process. This issue affects Avira Antivirus on Windows, macOS, and Linux for engine builds before 8.3.70.56...
CVE-2026-9060 Agile Store Locator < 1.6.6 - Admin+ Stored XSS via map_style
The Store Locator WordPress plugin before 1.6.6 does not sanitize and escape one of its settings before storing it and outputting it on the Store Locator WordPress plugin before 1.6.6 admin page, allowing high-privileged users such as administrators to perform Stored Cross-Site Scripting attacks...
Atril 命令注入漏洞
Atril is a simple multi-page document viewer developed under the MATE Desktop open source project. Versions of Atril prior to 1.26.3 and 1.28.4 contained a command injection vulnerability. This vulnerability stemmed from the evspawn function in shell/ev-application.c, which did not apply...
CVE-2026-6268
The EventPress WordPress theme before 22.2 does not sanitize or escape the 'id' parameter in the eventpresscustomizernotifydismissaction AJAX handler before outputting it back in the response, allowing unauthenticated attackers to perform Reflected Cross-Site Scripting attacks against logged-in...
CVE-2026-8410
Concrete CMS 9 before 9.5.0 is vulnerable to Cross Site Request Forgery CSRF at concrete/controllers/dialog/logs/bulk/delete. The The Concrete CMS security team gave this vulnerability a CVSS v.4.0 score of 2.3 with vector CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N. Thanks...
Ericsson Packet Core Gateway 安全漏洞
Ericsson Packet Core Gateway is a data packet gateway platform for mobile communication core networks developed by the Swedish company Ericsson. Versions of Ericsson Packet Core Gateway prior to version 1.30 contained security vulnerabilities. These vulnerabilities stemmed from improper handling ...
CVE-2026-11197
Insufficient policy enforcement in Workers in Google Chrome prior to 149.0.7827.53 allowed a remote attacker who had compromised the renderer process to bypass same origin policy via a crafted HTML page. Chromium security severity: Medium...
Dovestones ADPhonebook 安全漏洞
Dovestones ADPhonebook is a corporate address book and employee directory management system developed by the Canadian company Dovestones. Versions of Dovestones ADPhonebook prior to 4.0.1.1 contained security vulnerabilities. These vulnerabilities stemmed from insufficient input validation and...
Google Chrome 资源管理错误漏洞
Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 149.0.7827.53 contained a resource management vulnerability. This vulnerability stemmed from the reuse of the FileSystem component after its release, which could allow a remote attacker to exploit the...
CVE-2026-9881
Use after free in Bluetooth in Google Chrome on Mac prior to 148.0.7778.216 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted Chrome Extension. Chromium security severity: Critical...