Common Vulnerabilities and Exposures (CVE)

CVE-2026-4534

Mar 22, 2026 03:32:11 UTC

A flaw has been found in Tenda FH451 1.0.0.9. This affects the function formWrlExtraSet of the file /goform/WrlExtraSet. This manipulation of the argument GO causes stack-based buffer overflow. The attack can be initiated remotely. The expl...

CVE-2026-3427

Mar 22, 2026 03:26:35 UTC

The Yoast SEO – Advanced SEO with real-time guidance and built-in AI plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the the `jsonText` block attribute in all versions up to, and including, 27.1.1 due to insufficient i...

CVE-2026-4314

Mar 22, 2026 03:26:34 UTC

The 'The Ultimate WordPress Toolkit – WP Extended' plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 3.2.4. This is due to the `isDashboardOrProfileRequest()` method in the Menu Editor module u...

CVE-2024-1139

Mar 22, 2026 02:56:44 UTC

A credentials leak vulnerability was found in the cluster monitoring operator in OCP. This issue may allow a remote attacker who has basic login credentials to check the pod manifest to discover a repository pull secret.

CVE-2026-33549

Mar 22, 2026 02:24:29 UTC

SPIP 4.4.10 through 4.4.12 before 4.4.13 allows unintended privilege assignment (of administrator privileges) during the editing of an author data structure because of STATUT mishandling.

CVE-2025-71276

Mar 22, 2026 02:23:53 UTC

SOGo before 5.12.5 is prone to a XSS vulnerability with events, tasks, and contacts categories.

CVE-2026-33550

Mar 22, 2026 02:23:27 UTC

SOGo before 5.12.5 does not renew the OTP if a user disables/enables it, and has a too short length (only 12 digits instead of the 20 recommended).

CVE-2026-4533

Mar 22, 2026 02:02:11 UTC

A vulnerability was detected in code-projects Simple Food Ordering System 1.0. Affected by this issue is some unknown functionality of the file all-tickets.php. The manipulation of the argument Status results in sql injection. It is possibl...

CVE-2026-4532

Mar 22, 2026 01:32:14 UTC

A security vulnerability has been detected in code-projects Simple Food Ordering System up to 1.0. Affected by this vulnerability is an unknown functionality of the file /food/sql/food.sql of the component Database Backup Handler. The manip...

CVE-2026-4531

Mar 22, 2026 01:32:11 UTC

A weakness has been identified in Free5GC 4.1.0. Affected is the function HandleRegistrationComplete of the file internal/gmm/handler.go of the component AMF. Executing a manipulation can lead to denial of service. The attack may be perform...

CVE-2019-25589

Mar 22, 2026 00:15:31 UTC

ZOC Terminal 7.23.4 contains a buffer overflow vulnerability in the Shell field of Program Settings that allows local attackers to crash the application by supplying an excessively long string. Attackers can paste a crafted payload into the...

CVE-2019-25588

Mar 22, 2026 00:15:31 UTC

BulletProof FTP Server 2019.0.0.50 contains a denial of service vulnerability in the DNS Address field that allows local attackers to crash the application by supplying an excessively long string. Attackers can enable the DNS Address option...

CVE-2019-25587

Mar 22, 2026 00:15:30 UTC

BulletProof FTP Server 2019.0.0.50 contains a denial of service vulnerability in the Storage-Path configuration parameter that allows local attackers to crash the application by supplying an excessively long string value. Attackers can enab...

CVE-2019-25586

Mar 22, 2026 00:15:29 UTC

Deluge 1.3.15 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the URL field. Attackers can paste a buffer of 5000 characters into the 'From URL' fiel...

CVE-2019-25585

Mar 22, 2026 00:15:28 UTC

Deluge 1.3.15 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string in the Webseeds field. Attackers can paste a buffer of 5000 bytes into the Webseeds field ...