CVE Vulnerability Catalog
Translated CVE descriptions from NVD NIST - in English
CISA KEV catalog updated: (v2026.07.10)
Zephyr's TCP stack has a use-after-free vulnerability in net_tcp_foreach(). Releasing tcp_lock during callback iteration allows a concurrent thread to free the next list element, leading to dereferencing freed memory. The bug exists in the TCP2 stack from 2020 up to v4.4.0.
Versions of Elizaibots <= 1.0.2 are vulnerable to Cross Site Scripting (XSS), allowing attackers to inject malicious code into the application.
There is a Cross Site Scripting (XSS) vulnerability in WP Emmet versions <= 0.3.4 that can be exploited by administrators.
Mattermost Desktop App versions <=6.1 5.5.13.0 fail to restrict the allow list of domains to which NTLM credentials were forwarded. This allows any user on a server without the image proxy enabled to intercept other users' credentials via embedding an image that routes to an external web server.
Versions of Really Simple SSL up to 9.5.9 have a vulnerability in access control that may allow subscribers unauthorized access to resources.
Missing Authorization in StylemixThemes MasterStudy LMS Pro allows accessing functionality not properly constrained by ACLs. This issue affects MasterStudy LMS Pro versions before 4.7.16.
The WordPress More Fields Plugin version 2.1 contains a cross-site request forgery (CSRF) vulnerability that allows attackers to perform unauthorized actions by disabling CSRF token validation.
The WordPress Plugin Abtest contains a local file inclusion vulnerability that allows unauthenticated attackers to include arbitrary files by manipulating the action parameter. Attackers can send GET requests to abtest_admin.php with malicious action values to include files from the admin directory and execute arbitrary code.
The Brandfolder plugin for WordPress version 3.0 and earlier contains a local file inclusion vulnerability in callback.php that allows unauthenticated attackers to include arbitrary files by manipulating the wp_abspath parameter.
WordPress Dharma Booking version 2.28.3 and earlier contains a local file inclusion vulnerability that allows unauthenticated attackers to include arbitrary files by manipulating the gateway parameter. Attackers can supply file paths with directory traversal sequences or null byte injection to the gateway parameter in proccess.php to read sensitive files like configuration and system files.
The WordPress IMDb Profile Widget version 1.0.8 contains a local file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files by manipulating the url parameter. Attackers can supply directory traversal sequences in GET requests to pic.php to access sensitive files like wp-config.php containing database credentials and configuration data.
The WordPress Plugin Photocart Link version 1.6 contains a local file inclusion vulnerability that allows unauthenticated attackers to read arbitrary files by exploiting insufficient input validation in decode.php.
The WordPress Lazy Content Slider Plugin version 3.4 contains a cross-site request forgery (CSRF) vulnerability that allows attackers to perform unauthorized actions by crafting malicious HTML forms.
The WordPress Booking Calendar Contact Form plugin version 1.0.23 contains privilege escalation and stored cross-site scripting vulnerabilities that allow authenticated users to modify plugin options and inject malicious scripts.
WordPress CP Polls version 1.0.8 contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized actions on behalf of authenticated users. Attackers can craft malicious HTML pages that execute unwanted poll operations when administrators visit the page while logged in.
The Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, does not properly validate the branch code when creating a new branch. This allows an attacker with the appropriate privileges to include path traversal sequences, potentially leading to unintended file storage.
The Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, contains a hard-coded cryptographic key in the SafeSystem.Infrastructure.Security.dll component. An attacker with access to the application files can reverse engineer the DLL and recover the hard-coded cryptographic key.
The Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, exposes web-accessible file paths that are not protected by an authorization scheme. An unauthenticated attacker can directly access HTTP endpoints to download files from locations such as /Resources/CompanyId_[ID]/Audio/ and /SafeData/.
The Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, contains insufficient server-side file type validation in the /safe/contract/uploadcustomdocuments endpoint. The application accepts uploaded files based on the user-controlled HTTP Content-Type value, allowing authenticated attackers to upload arbitrary file content.
The Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, contains an IP restriction bypass vulnerability in the login process. An attacker with valid branch user credentials can manipulate the X-Forwarded-For header to spoof the expected branch IP address and obtain a valid authenticated session from an unauthorized network location.

