4541 matches found
CVE-2026-40749 WordPress Charity Zone theme <= 1.1.1 - Arbitrary File Upload vulnerability
Subscriber Arbitrary File Upload in Charity Zone = 1.1.1 versions...
CVE-2026-40747 WordPress Ecommerce Zone theme <= 0.9.7 - Arbitrary File Upload vulnerability
Subscriber Arbitrary File Upload in Ecommerce Zone = 0.9.7 versions...
CVE-2026-40747
CVE-2026-40747 affects the WordPress Ecommerce Zone theme (versions <= 0.9.7) and is an Arbitrary File Upload vulnerability. The connected documents confirm a subscriber Arbitrary File Upload issue in Ecommerce Zone
CVE-2026-40746 WordPress Restaurant Zone theme <= 0.7.8 - Arbitrary File Upload vulnerability
Subscriber Arbitrary File Upload in Restaurant Zone = 0.7.8 versions...
CVE-2026-40746
The CVE-2026-40746 entry concerns WordPress Theme Restaurant Zone (versions
OPENSUSE-SU-2026:20970-1 Security update for postgresql17
This update for postgresql17 fixes the following issues Security issues: - CVE-2026-6472: ensure the user has CREATE privilege on the schema specified bsc1265172. - CVE-2026-6473: integer overflows in memory-allocation calculations bsc1265173. - CVE-2026-6474: Guard against malicious time zone...
SUSE-SU-2026:22149-1 Security update for postgresql17
This update for postgresql17 fixes the following issues Security issues: - CVE-2026-6472: ensure the user has CREATE privilege on the schema specified bsc1265172. - CVE-2026-6473: integer overflows in memory-allocation calculations bsc1265173. - CVE-2026-6474: Guard against malicious time zone...
GHSA-MFG3-P6M3-GJGR OpenStack Nova: Nova scheduler hint injection bypasses Placement resource claims and scheduling constraints
Affects - Nova: =18.0.0 =32.0.0 =33.0.0 33.0.2 Description Erichen from the Institute of Computing Technology, Chinese Academy of Sciences reported that Nova's server create API does not strip internal scheduler hints. An authenticated user can bypass Placement resource claims and scheduling...
OpenStack Nova: Nova scheduler hint injection bypasses Placement resource claims and scheduling constraints
Affects - Nova: =18.0.0 =32.0.0 =33.0.0 33.0.2 Description Erichen from the Institute of Computing Technology, Chinese Academy of Sciences reported that Nova's server create API does not strip internal scheduler hints. An authenticated user can bypass Placement resource claims and scheduling...
CVE-2025-69139 WordPress Car Zone theme <= 3.7 - Arbitrary File Deletion vulnerability
Unauthenticated Arbitrary File Deletion in Car Zone = 3.7 versions...
CVE-2025-69139
CVE-2025-69139 : WordPress Car Zone theme (
Fedora 43 : bind9-next (2026-ec095a4675)
The remote Fedora 43 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-ec095a4675 advisory. Update to 9.21.22 rhbz2480122 Security Fixes: - Limit resolver server list size. CVE-2026-3592 - Fix GSS-API resource leak. CVE-2026-3039 - Disable...
Fedora 44 : bind9-next (2026-dbb0776ac5)
The remote Fedora 44 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2026-dbb0776ac5 advisory. Update to 9.21.22 rhbz2480122 Security Fixes: - Limit resolver server list size. CVE-2026-3592 - Fix GSS-API resource leak. CVE-2026-3039 - Disable...
EulerOS Virtualization 2.13.1 : bind (EulerOS-SA-2026-2366)
According to the versions of the bind packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : If a BIND resolver is performing DNSSEC validation and encounters a maliciously crafted zone, the resolver may consume excessive CPU...
EulerOS Virtualization 2.13.0 : bind (EulerOS-SA-2026-2395)
According to the versions of the bind packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : If a BIND resolver is performing DNSSEC validation and encounters a maliciously crafted zone, the resolver may consume excessive CPU...
bind: BIND: Denial of Service via maliciously crafted DNSSEC-validated zone
A flaw was found in BIND. A remote attacker could exploit this vulnerability by sending a maliciously crafted DNSSEC-validated zone to a BIND resolver. This could cause the resolver to consume excessive CPU resources, leading to a denial of service DoS for legitimate users...
bind: BIND: Denial of Service via maliciously crafted DNSSEC-validated zone
A flaw was found in BIND. A remote attacker could exploit this vulnerability by sending a maliciously crafted DNSSEC-validated zone to a BIND resolver. This could cause the resolver to consume excessive CPU resources, leading to a denial of service DoS for legitimate users...
bind: BIND: Denial of Service via maliciously crafted DNSSEC-validated zone
A flaw was found in BIND. A remote attacker could exploit this vulnerability by sending a maliciously crafted DNSSEC-validated zone to a BIND resolver. This could cause the resolver to consume excessive CPU resources, leading to a denial of service DoS for legitimate users...
RHEL 9 : bind (RHSA-2026:25214)
"The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:25214 advisory. The Berkeley Internet Name Domain BIND is an implementation of the Domain Name System DNS protocols. BIND includes a DNS server named %NASLMINLEVEL...
RHEL 9 : bind9.18 (RHSA-2026:24934)
"The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:24934 advisory. BIND Berkeley Internet Name Domain is an implementation of the DNS Domain Name System protocols. BIND includes a DNS server named, which resolves...