1754 matches found
CVE-2026-42661
Custom role Path Traversal in WP Customer Area = 8.3.4 versions...
CVE-2026-42378
Subscriber Broken Authentication in WP Full Stripe Free = 8.4.1 versions...
CVE-2026-42378
CVE-2026-42378 concerns the WordPress plugin WP Full Stripe Free (versions
PT-2026-49488
Unauthenticated Broken Access Control in WPC Product Bundles for WooCommerce = 8.5.3 versions...
[SECURITY] Fedora 44 Update: varnish-8.0.2-1.fc44
This is Varnish Cache, a high-performance HTTP accelerator. Varnish Cache stores web pages in memory so web servers don=E2=80=99t have to create the same web page over and over again. Varnish Cache serves pages much faster than any application server; giving the website a significant speed up...
OESA-2026-2665 ffmpeg security update
FFmpeg is a complete and free Internet live audio and video broadcasting solution for Linux/Unix. It also includes a digital VCR. It can encode in real time in many formats including MPEG1 audio and video, MPEG4, h263, ac3, asf, avi, real, mjpeg, and flash. Security Fixes: When calculating the...
CVE-2026-36727
An insecure authentication vulnerability in the /api/social-sign-in endpoint of bookcars v8.3 allows attackers to bypass authentication via a forged JWT token...
CVE-2026-36720
Insecure permissions in bookcars v8.3 allows authenticated attackers to escalate privileges from user to admin via modifying their user type...
CVE-2026-36727
An insecure authentication vulnerability in the /api/social-sign-in endpoint of bookcars v8.3 allows attackers to bypass authentication via a forged JWT token...
CVE-2026-36727
CVE-2026-36727 affects bookcars version 8.3. An insecure authentication vulnerability exists in the /api/social-sign-in endpoint that allows bypassing authentication by forged JWT tokens. The issue is documented across multiple feeds (NVD, Red Hat, CVE records) with no explicit exploit details or...
CVE-2026-36721
A lack of cryptographic signature verification in the validateAccessToken function of bookcars v8.3 allows attackers to bypass authentication via a forged JWT token...
bookcars 安全漏洞
BookCars is a car rental management platform developed by Akram El Assas. Version 8.3 of BookCars contains a security vulnerability. This vulnerability stems from the/api/create-car-image component, which has a vulnerability related to arbitrary file uploads. This could allow attackers to execute...
bookcars 安全漏洞
BookCars is a car rental management platform developed by Akram El Assas. Version 8.3 of BookCars contains a security vulnerability. This vulnerability stems from an insecure authentication mechanism in the/api/social-sign-in endpoint, which could allow attackers to bypass authentication using...
bookcars 安全漏洞
Bookcars is a car rental management platform developed by Akram El Assas. Version 8.3 of Bookcars contains a security vulnerability. This vulnerability stems from the /api/delete-temp-license/file endpoint, where there is an arbitrary file deletion vulnerability. This could allow unauthenticated...
bookcars 安全漏洞
Bookcars is a car rental management platform developed by Akram El Assas. Version 8.3 of Bookcars contains a security vulnerability. This vulnerability stems from the lack of encryption signature verification in the validateAccessToken function, which may allow attackers to bypass authentication...
CVE-2026-9170
IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service and a potential remote code execution due to improper input validation...
CVE-2026-37709
Insecure Permissions vulnerability in grokability snipe-it v.8.4.0 and before and fixed after 2026-03-10 commit 676a9958 allows a remote attacker to execute arbitrary code via the app/Http/Controllers/Api/UploadedFilesController.php component...
CVE-2026-8852
IBM HTTP Server 8.5, and 9.0 is vulnerable to denial of service via the optional module modfastcgi module...
GHSA-99RJ-3595-5FRJ vulnerabilities
Vulnerabilities for packages: openjdk-25-openj9, openjdk-21-openj9, openjdk-26-openj9, openjdk-11-openj9, openjdk-8-openj9, openjdk-17-openj9...
GHSA-75HH-423H-RVWG vulnerabilities
Vulnerabilities for packages: openjdk, openjdk-25-openj9, openjdk-21-openj9, openjdk-26-openj9, openjdk-11-openj9, openjdk-8-openj9, openjdk-17-openj9...