π¨ CVE-2025-12455
Observable response discrepancy vulnerability in OpenTextβ’ Vertica allows Password Brute Forcing.
The vulnerability could lead to Password Brute Forcing in Vertica management console application.This issue affects Vertica: from 10.0 through 10.X, from 11.0 through 11.X, from 12.0 through 12.X.
π@cveNotify
Observable response discrepancy vulnerability in OpenTextβ’ Vertica allows Password Brute Forcing.
The vulnerability could lead to Password Brute Forcing in Vertica management console application.This issue affects Vertica: from 10.0 through 10.X, from 11.0 through 11.X, from 12.0 through 12.X.
π@cveNotify
Microfocus
Security Alert CVE-2025-12455
Username Enumeration Observable Response Discrepancy vulnerability has been discovered in OpenTextβ’ Vertica. The vulnerability could lead to Password Brute Forcing.
π¨ CVE-2026-28501
WWBN AVideo is an open source video platform. Prior to version 24.0, an unauthenticated SQL Injection vulnerability exists in AVideo within the objects/videos.json.php and objects/video.php components. The application fails to properly sanitize the catName parameter when it is supplied via a JSON-formatted POST request body. Because JSON input is parsed and merged into $_REQUEST after global security checks are executed, the payload bypasses the existing sanitization mechanisms. This issue has been patched in version 24.0.
π@cveNotify
WWBN AVideo is an open source video platform. Prior to version 24.0, an unauthenticated SQL Injection vulnerability exists in AVideo within the objects/videos.json.php and objects/video.php components. The application fails to properly sanitize the catName parameter when it is supplied via a JSON-formatted POST request body. Because JSON input is parsed and merged into $_REQUEST after global security checks are executed, the payload bypasses the existing sanitization mechanisms. This issue has been patched in version 24.0.
π@cveNotify
GitHub
fix:/ Unauthenticated SQL Injection Β· WWBN/AVideo@0c10be6
Create Your Own Broadcast Network With AVideo Platform Open-Source. OAVP OVP - fix:/ Unauthenticated SQL Injection Β· WWBN/AVideo@0c10be6
π¨ CVE-2026-28502
WWBN AVideo is an open source video platform. Prior to version 24.0, an authenticated Remote Code Execution (RCE) vulnerability was identified in AVideo related to the plugin upload/import functionality. The issue allowed an authenticated administrator to upload a specially crafted ZIP archive containing executable server-side files. Due to insufficient validation of extracted file contents, the archive was extracted directly into a web-accessible plugin directory, allowing arbitrary PHP code execution. This issue has been patched in version 24.0.
π@cveNotify
WWBN AVideo is an open source video platform. Prior to version 24.0, an authenticated Remote Code Execution (RCE) vulnerability was identified in AVideo related to the plugin upload/import functionality. The issue allowed an authenticated administrator to upload a specially crafted ZIP archive containing executable server-side files. Due to insufficient validation of extracted file contents, the archive was extracted directly into a web-accessible plugin directory, allowing arbitrary PHP code execution. This issue has been patched in version 24.0.
π@cveNotify
GitHub
Security: Authenticated Remote Code Execution Β· WWBN/AVideo@b739aee
Create Your Own Broadcast Network With AVideo Platform Open-Source. OAVP OVP - Security: Authenticated Remote Code Execution Β· WWBN/AVideo@b739aee
π¨ CVE-2026-29046
TinyWeb is a web server (HTTP, HTTPS) written in Delphi for Win32. Prior to version 2.04, TinyWeb accepts request header values and later maps them into CGI environment variables (HTTP_*). The parser did not strictly reject dangerous control characters in header lines and header values, including CR, LF, and NUL, and did not consistently defend against encoded forms such as %0d, %0a, and %00. This can enable header value confusion across parser boundaries and may create unsafe data in the CGI execution context. This issue has been patched in version 2.04.
π@cveNotify
TinyWeb is a web server (HTTP, HTTPS) written in Delphi for Win32. Prior to version 2.04, TinyWeb accepts request header values and later maps them into CGI environment variables (HTTP_*). The parser did not strictly reject dangerous control characters in header lines and header values, including CR, LF, and NUL, and did not consistently defend against encoded forms such as %0d, %0a, and %00. This can enable header value confusion across parser boundaries and may create unsafe data in the CGI execution context. This issue has been patched in version 2.04.
π@cveNotify
GitHub
Harden HTTP header parsing for complete control-byte blocking Β· maximmasiutin/TinyWeb@53aa8b6
TinyWeb is a small yet fully functional web server (HTTP, HTTPS) written in Delphi for Win32 by Maxim Masiutin. First version released in 1997. - Harden HTTP header parsing for complete control-byte blocking Β· maximmasiutin/TinyWeb@53aa8b6
π¨ CVE-2025-12189
The Bread & Butter: Gate content + Capture leads + Collect first-party data + Nurture with Ai agents plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 7.10.1321. This is due to missing or incorrect nonce validation on the uploadImage() function. This makes it possible for unauthenticated attackers to upload arbitrary files that make remote code execution possible via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
π@cveNotify
The Bread & Butter: Gate content + Capture leads + Collect first-party data + Nurture with Ai agents plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 7.10.1321. This is due to missing or incorrect nonce validation on the uploadImage() function. This makes it possible for unauthenticated attackers to upload arbitrary files that make remote code execution possible via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
π@cveNotify
GitHub
GitHub - d0n601/CVE-2025-12189: Bread & Butter: Gate content + Capture leads + Collect first-party data + Nurture with Ai agentsβ¦
Bread & Butter: Gate content + Capture leads + Collect first-party data + Nurture with Ai agents <= 7.10.1321 - Cross-Site Request Forgery to Arbitrary File Upload - d0n601/CVE-2025-12189
π¨ CVE-2026-3606
A vulnerability has been found in Ettercap 0.8.4-Garofalo. Affected by this vulnerability is the function add_data_segment of the file src/ettercap/utils/etterfilter/ef_output.c of the component etterfilter. The manipulation leads to out-of-bounds read. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The project was informed of the problem early through an issue report but has not responded yet.
π@cveNotify
A vulnerability has been found in Ettercap 0.8.4-Garofalo. Affected by this vulnerability is the function add_data_segment of the file src/ettercap/utils/etterfilter/ef_output.c of the component etterfilter. The manipulation leads to out-of-bounds read. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The project was informed of the problem early through an issue report but has not responded yet.
π@cveNotify
GitHub
GitHub - Ettercap/ettercap: Ettercap Project
Ettercap Project. Contribute to Ettercap/ettercap development by creating an account on GitHub.
π¨ CVE-2026-21536
Microsoft Devices Pricing Program Remote Code Execution Vulnerability
π@cveNotify
Microsoft Devices Pricing Program Remote Code Execution Vulnerability
π@cveNotify
π¨ CVE-2026-23651
Permissive regular expression in Azure Compute Gallery allows an authorized attacker to elevate privileges locally.
π@cveNotify
Permissive regular expression in Azure Compute Gallery allows an authorized attacker to elevate privileges locally.
π@cveNotify
π¨ CVE-2026-26122
Initialization of a resource with an insecure default in Azure Compute Gallery allows an authorized attacker to disclose information over a network.
π@cveNotify
Initialization of a resource with an insecure default in Azure Compute Gallery allows an authorized attacker to disclose information over a network.
π@cveNotify
π¨ CVE-2026-26124
'.../...//' in Azure Compute Gallery allows an authorized attacker to elevate privileges locally.
π@cveNotify
'.../...//' in Azure Compute Gallery allows an authorized attacker to elevate privileges locally.
π@cveNotify
π¨ CVE-2025-54236
Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Improper Input Validation vulnerability. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality, and integrity impact to high. Exploitation of this issue does not require user interaction.
π@cveNotify
Adobe Commerce versions 2.4.9-alpha2, 2.4.8-p2, 2.4.7-p7, 2.4.6-p12, 2.4.5-p14, 2.4.4-p15 and earlier are affected by an Improper Input Validation vulnerability. A successful attacker can abuse this to achieve session takeover, increasing the confidentiality, and integrity impact to high. Exploitation of this issue does not require user interaction.
π@cveNotify
Adobe
Adobe Security Bulletin
Security Updates Available for Adobe Commerce | APSB25-88
π¨ CVE-2026-26731
TOTOLINK A3002RU V2.1.1-B20211108.1455 was discovered to contain a stack-based buffer overflow via the routernamer`parameter in the formDnsv6 function.
π@cveNotify
TOTOLINK A3002RU V2.1.1-B20211108.1455 was discovered to contain a stack-based buffer overflow via the routernamer`parameter in the formDnsv6 function.
π@cveNotify
GitHub
cve/TOTOLINK-A3002RU-boa-formDnsv6-StackOverflow at main Β· 0xmania/cve
submit cve. Contribute to 0xmania/cve development by creating an account on GitHub.
π¨ CVE-2026-2861
A vulnerability was detected in Foswiki up to 2.1.10. The affected element is an unknown function of the component Changes/Viewfile/Oops. The manipulation results in information disclosure. It is possible to launch the attack remotely. The exploit is now public and may be used. Upgrading to version 2.1.11 is sufficient to fix this issue. The patch is identified as 31aeecb58b64/d8ed86b10e46. Upgrading the affected component is recommended.
π@cveNotify
A vulnerability was detected in Foswiki up to 2.1.10. The affected element is an unknown function of the component Changes/Viewfile/Oops. The manipulation results in information disclosure. It is possible to launch the attack remotely. The exploit is now public and may be used. Upgrading to version 2.1.11 is sufficient to fix this issue. The patch is identified as 31aeecb58b64/d8ed86b10e46. Upgrading the affected component is recommended.
π@cveNotify
π¨ CVE-2026-27142
Actions which insert URLs into the content attribute of HTML meta tags are not escaped. This can allow XSS if the meta tag also has an http-equiv attribute with the value "refresh". A new GODEBUG setting has been added, htmlmetacontenturlescape, which can be used to disable escaping URLs in actions in the meta content attribute which follow "url=" by setting htmlmetacontenturlescape=0.
π@cveNotify
Actions which insert URLs into the content attribute of HTML meta tags are not escaped. This can allow XSS if the meta tag also has an http-equiv attribute with the value "refresh". A new GODEBUG setting has been added, htmlmetacontenturlescape, which can be used to disable escaping URLs in actions in the meta content attribute which follow "url=" by setting htmlmetacontenturlescape=0.
π@cveNotify
π¨ CVE-2026-31884
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, division by zero in MS-ADPCM and IMA-ADPCM decoders when nBlockAlign is 0, leading to a crash. In libfreerdp/codec/dsp.c, both ADPCM decoders use size % block_size where block_size = context->common.format.nBlockAlign. The nBlockAlign value comes from the Server Audio Formats PDU on the RDPSND channel. The value 0 is not validated anywhere before reaching the decoder. When nBlockAlign = 0, the modulo operation causes a SIGFPE (floating point exception) crash. This vulnerability is fixed in 3.24.0.
π@cveNotify
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, division by zero in MS-ADPCM and IMA-ADPCM decoders when nBlockAlign is 0, leading to a crash. In libfreerdp/codec/dsp.c, both ADPCM decoders use size % block_size where block_size = context->common.format.nBlockAlign. The nBlockAlign value comes from the Server Audio Formats PDU on the RDPSND channel. The value 0 is not validated anywhere before reaching the decoder. When nBlockAlign = 0, the modulo operation causes a SIGFPE (floating point exception) crash. This vulnerability is fixed in 3.24.0.
π@cveNotify
GitHub
[codec,dsp] add format checks Β· FreeRDP/FreeRDP@03b48b3
To avoid issues with invalid audio format settings always check before
use.
use.
π¨ CVE-2026-31885
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, there is an out-of-bounds read in MS-ADPCM and IMA-ADPCM decoders due to unchecked predictor and step_index values from input data. This vulnerability is fixed in 3.24.0.
π@cveNotify
FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.24.0, there is an out-of-bounds read in MS-ADPCM and IMA-ADPCM decoders due to unchecked predictor and step_index values from input data. This vulnerability is fixed in 3.24.0.
π@cveNotify
GitHub
[codec,dsp] fix array bounds checks Β· FreeRDP/FreeRDP@16df230
* assert array indices where caller value is an internal constant
* add missing length/bounds checks
* add missing length/bounds checks
π¨ CVE-2026-32097
PingPong is a platform for using large language models (LLMs) for teaching and learning. Prior to 7.27.2, an authenticated user may be able to retrieve or delete files outside the intended authorization scope. This issue could result in retrieval or deletion of private files, including user-uploaded files and model-generated output files. Exploitation required authentication and permission to view at least one thread for retrieval, and authentication and permission to participate in at least one thread for deletion. This vulnerability is fixed in 7.27.2.
π@cveNotify
PingPong is a platform for using large language models (LLMs) for teaching and learning. Prior to 7.27.2, an authenticated user may be able to retrieve or delete files outside the intended authorization scope. This issue could result in retrieval or deletion of private files, including user-uploaded files and model-generated output files. Exploitation required authentication and permission to view at least one thread for retrieval, and authentication and permission to participate in at least one thread for deletion. This vulnerability is fixed in 7.27.2.
π@cveNotify
GitHub
PingPong: Improper access control in thread file endpoints could allow access outside intended scope
### Impact
An authenticated user may be able to retrieve or delete files outside the intended authorization scope. This issue could result in retrieval or deletion of private files, including user...
An authenticated user may be able to retrieve or delete files outside the intended authorization scope. This issue could result in retrieval or deletion of private files, including user...
π¨ CVE-2026-32130
ZITADEL is an open source identity management platform. From 2.68.0 to before 3.4.8 and 4.12.2, Zitadel provides a System for Cross-domain Identity Management (SCIM) API to provision users from external providers into Zitadel. Request to the API with URL-encoded path values were correctly routed but would bypass necessary authentication and permission checks. This allowed unauthenticated attackers to retrieve sensitive information such as names, email addresses, phone numbers, addresses, external IDs, and roles. Note that due to additional checks when manipulating data, an attacker could not modify or delete any user data. This vulnerability is fixed in 3.4.8 and 4.12.2.
π@cveNotify
ZITADEL is an open source identity management platform. From 2.68.0 to before 3.4.8 and 4.12.2, Zitadel provides a System for Cross-domain Identity Management (SCIM) API to provision users from external providers into Zitadel. Request to the API with URL-encoded path values were correctly routed but would bypass necessary authentication and permission checks. This allowed unauthenticated attackers to retrieve sensitive information such as names, email addresses, phone numbers, addresses, external IDs, and roles. Note that due to additional checks when manipulating data, an attacker could not modify or delete any user data. This vulnerability is fixed in 3.4.8 and 4.12.2.
π@cveNotify
GitHub
Release v3.4.8 Β· zitadel/zitadel
3.4.8 (2026-03-11)
Bug Fixes
api: permission checks for some management API endpoints (e891eb8)
handle encoded paths in auth middleware (d873a7e)
webauthn: expire invite code by creation date (ad8...
Bug Fixes
api: permission checks for some management API endpoints (e891eb8)
handle encoded paths in auth middleware (d873a7e)
webauthn: expire invite code by creation date (ad8...
π¨ CVE-2026-32131
ZITADEL is an open source identity management platform. Prior to 3.4.8 and 4.12.2, a vulnerability in Zitadel's Management API has been reported, which allowed authenticated users holding a valid low-privilege token (e.g., project.read, project.grant.read, or project.app.read) to retrieve management-plane information belonging to other organizations by specifying a different tenantβs project_id, grant_id, or app_id. This vulnerability is fixed in 3.4.8 and 4.12.2.
π@cveNotify
ZITADEL is an open source identity management platform. Prior to 3.4.8 and 4.12.2, a vulnerability in Zitadel's Management API has been reported, which allowed authenticated users holding a valid low-privilege token (e.g., project.read, project.grant.read, or project.app.read) to retrieve management-plane information belonging to other organizations by specifying a different tenantβs project_id, grant_id, or app_id. This vulnerability is fixed in 3.4.8 and 4.12.2.
π@cveNotify
GitHub
Release v3.4.8 Β· zitadel/zitadel
3.4.8 (2026-03-11)
Bug Fixes
api: permission checks for some management API endpoints (e891eb8)
handle encoded paths in auth middleware (d873a7e)
webauthn: expire invite code by creation date (ad8...
Bug Fixes
api: permission checks for some management API endpoints (e891eb8)
handle encoded paths in auth middleware (d873a7e)
webauthn: expire invite code by creation date (ad8...
π¨ CVE-2026-32132
ZITADEL is an open source identity management platform. Prior to 3.4.8 and 4.12.2, a potential vulnerability exists in Zitadel's passkey registration endpoints. This endpoint allows registering a new passkey using a previously retrieved code. An improper expiration check of the code, could allow an attacker to potentially register their own passkey and gain access to the victim's account. This vulnerability is fixed in 3.4.8 and 4.12.2.
π@cveNotify
ZITADEL is an open source identity management platform. Prior to 3.4.8 and 4.12.2, a potential vulnerability exists in Zitadel's passkey registration endpoints. This endpoint allows registering a new passkey using a previously retrieved code. An improper expiration check of the code, could allow an attacker to potentially register their own passkey and gain access to the victim's account. This vulnerability is fixed in 3.4.8 and 4.12.2.
π@cveNotify
GitHub
Release v3.4.8 Β· zitadel/zitadel
3.4.8 (2026-03-11)
Bug Fixes
api: permission checks for some management API endpoints (e891eb8)
handle encoded paths in auth middleware (d873a7e)
webauthn: expire invite code by creation date (ad8...
Bug Fixes
api: permission checks for some management API endpoints (e891eb8)
handle encoded paths in auth middleware (d873a7e)
webauthn: expire invite code by creation date (ad8...
π¨ CVE-2012-6430
Cross-site scripting (XSS) vulnerability in Open Solution Quick.Cms 5.0 and Quick.Cart 6.0, possibly as downloaded before December 19, 2012, allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to admin.php. NOTE: this might be a duplicate of CVE-2008-4140.
π@cveNotify
Cross-site scripting (XSS) vulnerability in Open Solution Quick.Cms 5.0 and Quick.Cart 6.0, possibly as downloaded before December 19, 2012, allows remote attackers to inject arbitrary web script or HTML via the PATH_INFO to admin.php. NOTE: this might be a duplicate of CVE-2008-4140.
π@cveNotify