366532 matches found
CVE-2026-8907
CVE-2026-8907 affects the WordPress plugin WP-Ultimate-Map (versions ≤ 1.1). The root cause is missing nonce validation on the process_init() handler (hooked to admin_init), which saves settings (zoom-level, focus-lat, focus-lng, sel_places, sel_routes) based solely on a save-setting POST paramet...
CVE-2026-8880
The RomanCart Ecommerce WordPress plugin (
CVE-2026-9662
CVE-2026-9662 affects the Recover Exit For WooCommerce WordPress plugin. All versions up to and including 1.0.3 are vulnerable to Local File Inclusion via the POST parameter tpf , used unsafely in recover_exit()’s include() path. The underlying issue is insufficient validation/sanitization of use...
CVE-2026-10024
CVE-2026-10024 affects the TinyMCE shortcode Addon for WordPress (versions
CVE-2026-8499
The CVE concerns the WordPress Helpfulcrowd Product Reviews plugin (vulnerable up to 1.2.9). Root cause: a PHP type-juggling flaw in helpfulcrowd_validate_token() uses a loose != comparison, paired with a REST route (wp-json/helpfulcrowd/v1/update-settings) that has a permissive permission_callba...
CVE-2026-8940
The CVE-2026-8940 entry concerns WordPress plugin WP Meta Sort Posts (versions
CVE-2026-8883
The CVE-2026-8883 entry concerns the WordPress plugin Global Body Mass Index Calculator, affected in versions up to 1.2. The vulnerability is a Stored Cross-Site Scripting issue via the gbmicalc shortcode attributes, caused by insufficient input sanitization and output escaping in GBMI_Calc_Widge...
CVE-2026-8841
CVE-2026-8841 affects the WordPress plugin Extra Settings for RocketChat (versions ≤ 0.1). The vulnerability is a Stored Cross-Site Scripting via the rocketchat shortcode’s title attribute caused by insufficient input sanitization/output escaping in the rxstg_shortcode() function, which directly ...
CVE-2026-11623
CVE-2026-11623 affects tmux up to 3.6a. The vulnerability lies in the image_free function in image.c, resulting in a use‑after‑free. Exploitation requires local access and is described as high complexity, with public disclosure of exploits. A fix is available in tmux 3.7-rc; patch hash fc6d94a9f8...
CVE-2026-11621
Summary (CVE-2026-11621): A weakness in Dcat-Admin up to version 2.2.3-beta affects the editor-md/upload function at /admin/dcat-api/editor-md/upload within the User Setting Page. The manipulation of the argument editormd-image-file enables unrestricted upload. The attack can be initiated remotel...
CVE-2026-11620
CVE-2026-11620 affects TOTOLINK EX200 firmware 4.0.3c.7646, via the vsftpd component and manipulation of /etc/vsftpd.conf, causing a least-privilege violation that can be exploited remotely. The exploit is public. The exact root cause, affected subcomponents, and remediation details are not fully...
CVE-2026-11619
Dolibarr ERP CRM up to 23.0.2 is affected by a vulnerability in the Legacy Filemanager component (file: htdocs/core/filemanagerdol/connectors/php/config.inc.php) that leads to improper authorization. Attack can be initiated remotely; a public exploit is available. Remedy: upgrade to 23.0.3 (patch...
CVE-2026-5714
The CVE-2026-5714 entry concerns the WordPress Enable Media Replace plugin. A stored cross-site scripting vulnerability exists via the location_dir parameter in all versions up to 4.1.8, caused by insufficient input sanitization and output escaping. This allows authenticated attackers with Author...
CVE-2026-7556
The FV Flowplayer Video Player plugin for WordPress is affected by a Stored Cross-Site Scripting (XSS) vulnerability in all versions up to 7.5.49.7212. The issue arises from insufficient input sanitization and output escaping in comment text, allowing unauthenticated attackers to inject web scrip...
CVE-2026-11618
DTStack Taier up to v1.4.0 is affected by an improper authentication issue in the LoginInterceptor.preHandle (taier-data-develop/src/main/java/com/dtstack/taier/develop/interceptor/LoginInterceptor.java) within the Source Connection Test Endpoint. The vulnerability can be abused remotely; public ...
CVE-2026-10862
CVE-2026-10862 affects the WordPress plugin Accordions (versions up to and including 2.3.23). The root cause is insufficient input sanitization and output escaping in the Accordion body field, enabling authenticated attackers with Custom-level access or higher to perform Stored Cross-Site Scripti...
CVE-2026-8795
The issue affects Rapid7 Velociraptor’s Windows.Collectors.Remapping artifact prior to version 0.76.6. In collection ZIPs, the hostname field from client_info.json is inserted into a YAML template via Go's text/template without escaping. An attacker supplying a crafted collection ZIP can use lite...
CVE-2026-44757
CVE-2026-44757 affects SAP Wily Introscope Enterprise Manager. The vulnerability is a Cross-Site Scripting (XSS) issue where an unauthenticated attacker can craft a specially crafted URL. When a victim visits the URL, injected script could execute in the user’s browser within the application cont...
CVE-2026-44755
CVE-2026-44755 affects SAP Business Objects Business Intelligence Platform. The issue arises from insufficient validation of email sending parameters by authenticated users, enabling email spoofing. Impact is described as low for integrity and no impact on confidentiality or availability (CVSS v3...
CVE-2026-44754
The CVE-2026-44754 issue affects SAP’s Operational Data Provisioning (ODP) RFC APIs, where RFC modules fail to perform caller identification for allowed SAP-internal applications. This allows customer/third-party applications to use ODP-RFC functionality in ways not aligned with its intended usag...
CVE-2026-44751
CVE-2026-44751 affects the SAP NetWeaver ABAP Platform/application server ABAP. The issue is a missing authorization check for authenticated users, enabling a user to execute a report generation command and potentially overwrite another user’s information, resulting in privilege escalation. Impac...
CVE-2026-44750
CVE-2026-44750 affects SAP MDG (Review Match Groups Application) due to missing authorization checks for authenticated users, enabling a low-privileged user to perform restricted actions and escalate privileges. Impact is described as low integrity impact; confidentiality and availability are not...
CVE-2026-44748
CVE-2026-44748 affects SAP NetWeaver Application Server ABAP and ABAP Platform. The connected documents describe an XML Signature Wrapping vulnerability in SAML authentication, where an authenticated user with normal privileges can obtain a valid signed message and submit modified signed XML to t...
CVE-2026-44746
An XSS vulnerability (reflected) in SAP NetWeaver Java (JDBC Test Servlet) allows an unauthenticated attacker to craft a URL containing malicious script. If a victim clicks the link, the injected input is processed during web page generation, causing the attacker’s code to run in the victim’s bro...
CVE-2026-44744
Affected software : SAP S/4HANA On-Premise. Vulnerability : SQL injection in a remote-enabled function module component. Root cause / what’s vulnerable : An authenticated attacker could influence SQL queries via the affected function module, potentially enabling unauthorized database queries. Imp...
CVE-2026-44743
CVE-2026-44743 involves SAP Business Objects. Under certain conditions, an unauthorized actor accessing a specific endpoint can leak sensitive information. Impact is described as LOW for confidentiality, with no impact on integrity or availability. The CVSS 3.1 vector is AV:N/AC:H/PR:N/UI:N/S:U/C...
CVE-2026-40128
CVE-2026-40128 concerns SAP NetWeaver Application Server Java (Web Container). An unauthenticated attacker can craft a malicious HTTP logon request that manipulates file inclusion parameters, enabling path traversal and processing of the included file. This could allow viewing or modifying sensit...
CVE-2026-27671
Technical details about CVE-2026-27671 are not publicly available in the provided documents. Monitor for updates from SAP/security advisories.
CVE-2026-24315
SAP Fiori Launchpad is affected by a vulnerability where crafted malicious URLs can trigger arbitrary service calls on the Fiori domain, potentially leading to credential theft after user interaction. Exploitation is described as requiring advanced knowledge of the system, with impact limited to ...
CVE-2026-36783
The CVE-2026-36783 entry concerns Shenzhen Tenda Technology Co., Ltd Tenda O3 Wireless Router v1.0.0.5(4180). A stack overflow exists in the domain parameter of the fromNetToolGet function, enabling a Denial of Service via a crafted HTTP request. The Red Hat/NVD/CVE records reiterate this descrip...
CVE-2026-36777
CVE-2026-36777 affects Shenzhen Tenda Technology Co., Ltd. Tenda W3 Wireless Router v1.0.0.3(2204). The vulnerability is a stack overflow in the param_1 parameter of the formSetCfm function, leading to a Denial of Service when processing a crafted HTTP request. Multiple connected sources (Red Hat...
CVE-2026-49145
Technical details for CVE-2026-49145 are not publicly available in the provided documents. Monitor for updates from Alpine Linux and openSUSE security advisories.
CVE-2026-36784
CVE-2026-36784 affects Shenzhen Tenda Technology Co., Ltd Tenda O3 Wireless Router v1.0.0.5(4180). The issue is a stack overflow in the ip parameter of the fromNetToolGet function, enabling a Denial of Service (DoS) via an HTTP request. The CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) yi...
CVE-2026-44725
EMQX MQTT Broker is affected by CVE-2026-44725, described as a Zip Slip vulnerability enabling arbitrary file write via the plugin installation mechanism. This is reported in PT-2026-47797 advisory, identifying the flaw and impact. The initial CVE details are reserved, but the connected advisory ...
CVE-2026-36721
CVE-2026-36721 affects bookcars v8.3. The root cause is a lack of cryptographic signature verification in the validateAccessToken function, which enables attackers to bypass authentication via a forged JWT token. The CVE is rated with a high impact metric (CVSS v3.1: 9.8, Critical) across confide...
CVE-2026-30141
The CVE-2026-30141 entry concerns bitbank2 AnimatedGIF v2.2.0, where a vulnerability in DecodeLZW constitutes a buffer overflow. This allows remote attackers to cause a crash (DoS) or potentially execute arbitrary code via a crafted GIF file. The available documents specify the affected product a...
CVE-2026-36809
CVE-2026-36809 affects Shenzhen Tenda Technology Co., Ltd. Tenda W15E v15.11.0.10. A buffer overflow in the webAuthWhiteID parameter of the function formModifyWebAuthWhiteUser is described, enabling a Denial of Service via a crafted HTTP request. The documents do not provide exploit code, affecte...
CVE-2026-36805
CVE-2026-36805 affects Shenzhen Tenda Technology Co., Ltd. Tenda G0 v15.11.0.5, with multiple buffer overflows in the Saveqqlist function triggered by the qqStr and markStr parameters. The vulnerabilities can be exploited to cause a Denial of Service (DoS) via a crafted HTTP request. The connecte...
CVE-2026-36779
CVE-2026-36779 affects Shenzhen Tenda Technology Co., Ltd Tenda O3 Wireless Router v1.0.0.5(4180). The vulnerability consists of multiple stack overflows in the fromVirtualSer function triggered via parameters puVar2, puVar1, __s2, __s1_00, and puVar3, enabling Denial of Service through a crafted...
CVE-2026-36770
CVE-2026-36770 affects Shenzhen Tenda Technology Co. device: Tenda US_W3V1.0BR v1.0.0.3. The vulnerability is a stack overflow in the Go parameter of the ask_to_reboot function, leading to Denial of Service through a crafted input. CVSS v3.1 base score is 7.5 (Network attack, Low attack complexit...
CVE-2026-49147
Technical details for CVE-2026-49147 are not publicly available in the provided documents. Connected advisories mention fixes in openSUSE ack-3.10.0-1.1 but do not specify this CVE.
CVE-2023-43688
CVE-2023-43688 affects Malwarebytes 4.x and 5.x, and Nebula 2020-10-21 and later. The issue is a heap buffer overflow in various buffer encryption utilities . The CVSS metrics indicate a high base score (7.5) with a network attack vector and no user interaction. Connected documents confirm the af...
CVE-2026-36821
The CVE-2026-36821 entry concerns Shenzhen Tenda Technology Co., Ltd. Tenda W20E devices (v15.11.0.6). A buffer overflow exists in the picCropName parameter of the formCropAndSetWewifiPic function, enabling a Denial of Service (DoS) via a crafted HTTP request. Public sources list this as the affe...
CVE-2023-29146
CVE-2023-29146 affects Malwarebytes EDR 1.0.11 on Linux. The vulnerability lies in the utility functions that compute a cryptographic hash of data bytes: hashing truncates data if it exceeds 4 GB, causing an unsigned 32-bit wrap-around. This can enable attackers to craft a colliding hash value fo...
CVE-2026-36803
The CVE-2026-36803 entry concerns Shenzhen Tenda Technology Co., Ltd. Tenda PW201A v1.0.5, where a buffer overflow in the page parameter of the qossetting function can allow a crafted HTTP request to cause a Denial of Service. The incident is documented across multiple sources (NVD, Red Hat, CVE ...
CVE-2026-36728
Summary: CVE-2026-36728 is described as a markdown-based cross-site scripting (XSS) vulnerability in the AI assistant chat function of FastapiAdmin v2.2.0. The issue enables an attacker to inject a crafted payload into a chat message to execute arbitrary web scripts or HTML. The available sources...
CVE-2025-55651
CVE-2025-55651 describes a NULL pointer dereference in GPAC MP4Box v2.4, within gf_isom_get_user_data_count (isomedia/isom_read.c). The vulnerability can cause a Denial of Service when processing a crafted MP4 file. The connected sources confirm a PoC exists, but no specific patch/version or reme...
CVE-2025-52293
GPAC MP4Box v2.4 contains a DoS vulnerability in the gf_hevc_read_sps_bs_internal function (media_tools/av_parsers.c) when processing crafted HEVC SPS data. This results in a segmentation fault and possible denial of service under network conditions with no user interaction. The CVSS vector indic...
CVE-2026-36773
Shenzhen Tenda Technology Co., Ltd Tenda W3 Wireless Router v1.0.0.3(2204) has a stack overflow in the Go parameter of the ask_to_reboot function, causing Denial of Service via crafted input. Affected component: the ask_to_reboot parameter handling. Root cause: stack overflow in Go code. Impact: ...
CVE-2025-55658
GPAC MP4Box 2.4 contains a floating point exception in gf_opus_parse_packet_header (media_tools/av_parsers.c). This flaw can be triggered by a crafted MP4 file, enabling Denial of Service (DoS). Affected component is MP4Box within GPAC; the root cause is an exception in parsing Opus packets. No e...