417654 matches found
EUVD-2026-39787
Kernel software installed and running inside a Host VM may post improper commands to the GPU Firmware to trigger a memory read or write outside the permitted range of memory for the host kernel. Addresses passed to the GPU Firmware can be used by the Firmware for more privileged memory accesses...
EUVD-2026-39786
Unauthenticated remote information disclosure vulnerability in Ollama's model quantization engine allows an attacker to read and exfiltrate the server's heap memory, potentially leading to sensitive data exposure, further compromise, and stealthy persistence...
EUVD-2026-39785
A web page that contains unusual GPU shader code is loaded into the GPU compiler process and can trigger a write out-of-bounds write crash in the GPU shader compiler library. On certain platforms, when the compiler process has system privileges this could enable further exploits on the device. An...
EUVD-2026-39671
Sales Representative SQL Injection in Groundhogg = 4.5 versions...
EUVD-2026-39670
Unauthenticated Insecure Direct Object References IDOR in GravityView = 3.0.0 versions...
EUVD-2026-39669
Unauthenticated Sensitive Data Exposure in Bopo – WooCommerce Product Bundle Builder = 1.1.6 versions...
EUVD-2026-39668
Contributor SQL Injection in Recipe Maker For Your Food Blog from Zip Recipes = 8.2.7 versions...
EUVD-2026-39667
Contributor SQL Injection in Contest Gallery = 30.0.0 versions...
EUVD-2026-39665
Unauthenticated Broken Access Control in Booking and Rental Manager = 2.7.1 versions...
EUVD-2026-39666
Subscriber Broken Access Control in WPComplete = 2.9.5.5 versions...
EUVD-2026-39664
Unauthenticated Cross Site Request Forgery CSRF in Paid Memberships Pro - Add Member From Admin = 0.7.2 versions...
EUVD-2026-39662
Unauthenticated Cross Site Request Forgery CSRF in Gmail SMTP = 1.2.3.19 versions...
EUVD-2026-39663
Administrator Arbitrary File Upload in TemplateSpare = 4.2.0 versions...
EUVD-2026-39771
Author Cross Site Scripting XSS in Hester Core = 1.1.8 versions...
EUVD-2026-39769
Affiliate Broken Access Control in Affiliates Manager = 2.9.49 versions...
EUVD-2026-39770
Unauthenticated Cross Site Request Forgery CSRF in Child Theme Wizard = 1.4 versions...
EUVD-2026-39768
Contributor SQL Injection in WP Job Portal = 2.5.2 versions...
EUVD-2026-39767
Unauthenticated Insecure Direct Object References IDOR in JS Help Desk = 3.1.0 versions...
EUVD-2026-39766
Contributor Cross Site Scripting XSS in Ghost Kit = 3.6.0 versions...
EUVD-2026-39765
Contributor Cross Site Scripting XSS in Magazine Blocks = 1.8.3 versions...
EUVD-2026-39763
Contributor Broken Access Control in Nelio Content = 4.3.4 versions...
EUVD-2026-39764
Subscriber Broken Access Control in Shoppable Images Lite = 1.3 versions...
EUVD-2026-39762
Contributor Local File Inclusion in Panorama Viewer – 360 Degree Image + Video Viewer = 1.6.1 versions...
EUVD-2026-39761
Subscriber Insecure Direct Object References IDOR in Majestic Support = 1.1.7 versions...
EUVD-2026-39760
newsletterssubscribers Broken Access Control in Newsletters = 4.13 versions...
EUVD-2026-39758
Contributor SQL Injection in WP Post Author = 3.9.1 versions...
EUVD-2026-39759
Contributor SQL Injection in Restaurant Menu by MotoPress = 2.4.10 versions...
EUVD-2026-39757
Contributor SQL Injection in Gallery = 4.7.8 versions...
EUVD-2026-39755
Subscriber Broken Access Control in MasterStudy LMS = 3.7.30 versions...
EUVD-2026-39756
Unauthenticated Cross Site Request Forgery CSRF in Real Estate 7 = 3.5.9 versions...
EUVD-2026-39754
Contributor Cross Site Scripting XSS in Fluent Booking = 2.1.0 versions...
EUVD-2026-39752
Contributor SQL Injection in wpForo Forum = 3.0.9 versions...
EUVD-2026-39753
Unauthenticated Cross Site Request Forgery CSRF in Abandoned Cart Lite for WooCommerce = 6.8.0 versions...
EUVD-2026-39751
Unauthenticated Cross Site Request Forgery CSRF in FunnelKit Payment Gateway for Stripe WooCommerce = 1.14.0.3 versions...
EUVD-2026-39749
Unauthenticated Sensitive Data Exposure in WCBoost Products Compare = 1.1.0 versions...
EUVD-2026-39750
Contributor Insecure Direct Object References IDOR in PPWP = 1.9.19 versions...
EUVD-2026-39748
Subscriber Broken Access Control in Email Marketing for WooCommerce by Omnisend = 1.19.0 versions...
EUVD-2026-39747
Administrator SQL Injection in Popup box = 6.0.1 versions...
EUVD-2026-39746
Unauthenticated Insecure Direct Object References IDOR in Blocksy Companion Pro = 2.1.46 versions...
EUVD-2026-39745
Contributor Cross Site Scripting XSS in StatCounter = 2.1.1 versions...
EUVD-2026-39743
Subscriber Server Side Request Forgery SSRF in Kirki = 6.0.11 versions...
EUVD-2026-39744
Administrator SQL Injection in WP All Import = 4.0.1 versions...
EUVD-2026-39742
Subscriber Broken Access Control in WPCafe = 3.0.14 versions...
EUVD-2026-39741
Contributor Cross Site Scripting XSS in Neve PRO = 3.1.2 versions...
EUVD-2026-39740
Contributor Cross Site Scripting XSS in SeedProd Pro 6.19.5 versions...
EUVD-2026-39739
Author Cross Site Scripting XSS in Featured Image = 2.1 versions...
EUVD-2026-39737
Unauthenticated Cross Site Scripting XSS in NanoMag = 1.8 versions...
EUVD-2026-39738
Contributor Broken Access Control in SEOPress PRO = 9.1.1 versions...
EUVD-2026-39736
Unauthenticated Broken Access Control in GIFT4U = 1.0.10 versions...
EUVD-2026-39735
Unauthenticated Broken Access Control in Flash & HTML5 Video = 2.11.0 versions...