Tagged: Cybersecurity Alert

Use-after-free in the WebRTC component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10. More information : https://bugzilla.mozilla.org/show_bug.cgi?id=2021769

Uninitialized memory in the Audio/Video: Web Codecs component. This vulnerability was fixed in Firefox 150, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10. More information : https://bugzilla.mozilla.org/show_bug.cgi?id=2022604

Information disclosure due to uninitialized memory in the Graphics: Canvas2D component. This vulnerability was fixed in Firefox 150, Firefox ESR 115.35, Firefox ESR 140.10, Thunderbird 150, and Thunderbird 140.10. More information : https://bugzilla.mozilla.org/show_bug.cgi?id=2022610

Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability in Erlang OTP ssh (ssh_sftpd module) allows an authenticated SFTP user to modify file attributes outside the configured chroot directory. The SFTP...

This vulnerability exists in Quantum Networks router due to lack of enforcement of strong password policies in the web-based management interface. An attacker on the same network could exploit this vulnerability by performing password...

This vulnerability exists in Quantum Networks router due to improper access control and insecure default configuration in the web-based management interface. An unauthenticated attacker could exploit this vulnerability by accessing exposed API endpoints on...

Changing backend users’ passwords via the user settings module results in storing the cleartext password in the uc and user_settings fields of the be_users database table. This issue affects TYPO3 CMS version 14.2.0. More...

Reflected Cross-Site Scripting (XSS) vulnerability in Navigate Content Management System. The vulnerability is present in the ‘/blog’ endpoint because user input is not properly sanitized through designed query parameters. This results in unsafe HTML...

This vulnerability exists in Quantum Networks router due to inadequate sanitization of user-supplied input in the management CLI interface. An authenticated remote attacker could exploit this vulnerability by injecting arbitrary OS commands on the...

This vulnerability exists in Quantum Networks router due to missing rate limiting and CAPTCHA protection for failed login attempts in the web-based management interface. An attacker on the same network could exploit this vulnerability...

Deserialization of Untrusted Data vulnerability in MetaSlider Responsive Slider by MetaSlider allows Object Injection.This issue affects Responsive Slider by MetaSlider: from n/a through 3.106.0. More information : https://patchstack.com/database/wordpress/plugin/ml-slider/vulnerability/wordpress-responsive-slider-by-metaslider-plugin-3-106-0-php-object-injection-vulnerability?_s_id=cve

PcManager is affected by type privilege bypass, successful exploitation of this vulnerability may affect service availability More information : https://www.honor.com/global/security/CVE-2026-31369/

Honor E APP is affected by information leak vulnerability, successful exploitation of this vulnerability may affect service confidentiality. More information : https://www.honor.com/global/security/CVE-2026-31370/

The Responsive Blocks – Page Builder for Blocks & Patterns plugin for WordPress is vulnerable to unauthorized access in all versions up to, and including, 2.2.1. This is due to the plugin not properly...