CVE-2026-50128

Mastodon is a free, open-source social network server based on ActivityPub. From 4.3.0 until 4.5.11 and 4.4.18, Mastodon has a feature to let websites credit authors of their articles. To prevent false attribution claims, Mastodon uses the attributionDomains JSON-LD term, however, an error in how...

SUSE CVE-2026-7375

UDS protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

CVE-2026-7375

UDS protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

CVE-2026-6521

OpenFlow v5 protocol dissector infinite loops in Wireshark 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

CVE-2026-6868

CVE-2026-6868 affects Wireshark 4.6.0–4.6.4 and 4.4.0–4.4.14, where the HTTP protocol dissector crashes when processing crafted HTTP data, leading to a denial of service. The Red Hat note frames this as a local user opening a specially crafted capture file that crashes Wireshark; SUSE and other s...

CVE-2026-7378

Crash in sharkd 4.6.0 to 4.6.4 and 4.4.0 to 4.4.14 allows denial of service...

CVE-2026-27379

Deserialization of Untrusted Data vulnerability in NextScripts NextScripts social-networks-auto-poster-facebook-twitter-g allows Object Injection.This issue affects NextScripts: from n/a through = 4.4.7...

CVE-2025-67956

Missing Authorization vulnerability in wpeverest User Registration user-registration allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects User Registration: from n/a through = 4.4.6...

Astra Linux - уязвимость в wireshark

FiveCo RAP dissector infinite loop in Wireshark 4.4.0 to 4.4.1 and 4.2.0 to 4.2.8 allows denial of service via packet injection or crafted capture file...

PT-2025-42913

Name of the Vulnerable Software and Affected Versions Mastodon versions prior to 4.4.8 Mastodon versions 4.4.0 through 4.4.7 Mastodon versions prior to 4.5.0-beta.2 Description Mastodon is a free, open-source social network server based on ActivityPub. A flaw exists where an attacker can bypass...

CVE-2025-61923 PrestaShop Checkout Backoffice directory traversal allows arbitrary file disclosure

PrestaShop Checkout is the PrestaShop official payment module in partnership with PayPal. In versions prior to 4.4.1 and 5.0.5, the backoffice is missing validation on input resulting in a directory traversal and arbitrary file disclosure. The vulnerability is fixed in versions 4.4.1 and 5.0.5. N...

Linux Distros Unpatched Vulnerability : CVE-2017-0666

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A elevation of privilege vulnerability in the Android framework. Product: Android. Versions: 4.4.4, 5.0.2, 5.1.1, 6.0, 6.0.1, 7.0, 7.1.1, 7.1.2. Android ID:...

VulnCheck KEV: CVE-2024-37418

Unrestricted Upload of File with Dangerous Type vulnerability in andymoyle Church Admin church-admin.This issue affects Church Admin: from n/a through = 4.4.6...

WordPress Plugin WooCommerce PDF Invoices, Packing Slips, Delivery Notes and Shipping Labels 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports PHP and MySQL servers to set up a personal blog site. WordPress plugin is an application plugin. A security vulnerability exists in...

SUSE CVE-2016-6620

An issue was discovered in phpMyAdmin. Some data is passed to the PHP unserialize function without verification that it's valid serialized data. The unserialization can result in code execution because of the interaction with object instantiation and autoloading. All 4.6.x versions prior to 4.6.4...

CVE-2021-36920

Authenticated Reflected Cross-Site Scripting XSS vulnerability discovered in WordPress plugin Download Monitor versions = 4.4.6...

NetIQ Access Manager Administration Console Cross-Site Scripting Vulnerability

NetIQ Access Manager NAM is a resource access control solution from NetIQ Corporation. The solution provides multiple authentication, data encryption, single sign-on and SSL VPN for local and remote users.Administration Console is one of the administration console programs. A cross-site scripting...

DEBIAN-CVE-2016-6622

An issue was discovered in phpMyAdmin. An unauthenticated user is able to execute a denial-of-service DoS attack by forcing persistent connections when phpMyAdmin is running with $cfg'AllowArbitraryServer'=true. All 4.6.x versions prior to 4.6.4, 4.4.x versions prior to 4.4.15.8, and 4.0.x versio...

php: FastCGI module DoS via multiple dots preceding the extension

PHP 4.4.x before 4.4.9, and 5.x through 5.2.6, when used as a FastCGI module, allows remote attackers to cause a denial of service crash via a request with multiple dots preceding the extension, as demonstrated using foo..php...