1754 matches found
PT-2026-33805
Dell PowerProtect Data Domain, versions 8.5 through 8.6 contain a command injection vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to arbitrary command execution with root privileges...
CVE-2026-35582
Emissary is a P2P based data-driven workflow engine. In versions 8.42.0 and below, Executrix.getCommand is vulnerable to OS command injection because it interpolates temporary file paths into a /bin/sh -c shell command string without any escaping or input validation. The INFILEENDING and...
CVE-2026-6491
A security vulnerability has been detected in libvips up to 8.18.2. The affected element is the function imminposvec of the file libvips/deprecated/vips7compat.c of the component nip2 Handler. Such manipulation of the argument n leads to heap-based buffer overflow. An attack has to be approached...
CVE-2026-6491
Affected software and component: libvips (up to 8.18.2), specifically the nip2 Handler’s function im_minpos_vec in libvips/deprecated/vips7compat.c. Root cause / vulnerability: manipulation of the argument n leads to a heap-based buffer overflow. Impact (as stated): local attack feasibility with ...
CVE-2026-6491
A security vulnerability has been detected in libvips up to 8.18.2. The affected element is the function imminposvec of the file libvips/deprecated/vips7compat.c of the component nip2 Handler. Such manipulation of the argument n leads to heap-based buffer overflow. An attack has to be approached...
EUVD-2025-209523
Dell PowerProtect Data Domain with Data Domain Operating System DD OS of Feature Release versions 8.4 through 8.5 contain an improper authentication vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to unauthorized access...
CVE-2025-46606
Dell PowerProtect Data Domain with Data Domain Operating System DD OS of Feature Release versions 8.4 through 8.5 contain an improper restriction of excessive authentication attempts vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading...
CVE-2025-46606
Dell PowerProtect Data Domain with DD OS Feature Release versions 8.4–8.5 are affected by an improper restriction of excessive authentication attempts, which could allow a high-privilege attacker with remote access to gain unauthorized access. The vulnerability details, including affected product...
CVE-2025-46607
Dell PowerProtect Data Domain with Data Domain Operating System DD OS of Feature Release versions 8.4 through 8.5 contain an improper authentication vulnerability. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to unauthorized access...
Dell PowerProtect Data Domain(Dell PowerProtect DD) 安全漏洞
Dell PowerProtect Data Domain Dell PowerProtect DD is a set of hardware devices developed by the American company Dell, used for data protection, backup, storage, and de-duplication. There are security vulnerabilities in the Dell PowerProtect Data Domain Dell PowerProtect DD versions 8.4 to 8.5...
PT-2026-33440
Name of the Vulnerable Software and Affected Versions Dell PowerProtect Data Domain with Data Domain Operating System DD OS versions 8.4 through 8.5 Description A session fixation issue exists where a high privileged attacker with remote access could potentially gain unauthorized access...
CVE-2026-1965 affecting package curl for versions less than 8.11.1-6
CVE-2026-1965 affecting package curl for versions less than 8.11.1-6. A patched version of the package is available...
EUVD-2026-22895
Missing Authorization vulnerability in Nelio Software Nelio AB Testing nelio-ab-testing allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Nelio AB Testing: from n/a through = 8.2.8...
PT-2026-33045
Name of the Vulnerable Software and Affected Versions Nelio AB Testing versions prior to 8.2.9 Description Nelio AB Testing contains a missing authorization flaw that allows the exploitation of incorrectly configured access control security levels. Recommendations Update to a version newer than...
WordPress plugin Element Pack Elementor Addons 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application plugin. There is a...
CVE-2025-15565
The Nexi XPay plugin for WordPress is vulnerable to unauthorized modification of data due to missing authorization checks on the redirect function in all versions up to, and including, 8.3.0. This makes it possible for unauthenticated attackers to mark pending WooCommerce orders as paid/completed...
CVE-2025-15565
The Nexi XPay plugin for WordPress (all versions up to and including 8.3.0) is vulnerable to unauthorized data modification due to missing authorization checks on the redirect function. This allows unauthenticated attackers to mark pending WooCommerce orders as paid or completed. CVSS 3.1 base sc...
GHSA-6QVV-PJ99-48QM @adonisjs/http-server has an Open Redirect vulnerability
Impact The response.redirect.back method in @adonisjs/http-server is vulnerable to open redirects. The method reads the Referer header from the incoming HTTP request and redirects to that URL without validating the host. An attacker who can influence the Referer header for example, by linking a...
Teslav8sandboxescape
Te...
2026-04 .NET 8.0.26 Security Update for x64 Client (KB5086096)
2026-04 .NET 8.0.26 Security Update for x64 Client KB5086096...