CVE Vulnerability Catalog

Translated CVE descriptions from NVD NIST - in English

CISA KEV catalog updated: (v2026.07.10)

CVE-2016-20075
High

The WordPress Ultimate Product Catalog plugin version 3.8.6 contains an arbitrary file upload vulnerability that allows authenticated users with contributor, editor, author, or administrator roles to upload malicious files by exploiting the custom fields functionality.

CVE-2016-20073
High

The Answer My Question 1.3 plugin for WordPress contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the 'id' POST parameter. Attackers can submit crafted SQL statements to the modal.php endpoint to extract sensitive database information including WordPress terms and configuration data.

CVE-2016-20072
High

The BBS e-Franchise 1.1.1 plugin for WordPress contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the uid parameter. Attackers can craft requests to pages using the plugin's shortcode with UNION-based SQL injection in the uid parameter to extract sensitive data from the WordPress database including user information and taxonomy terms.

CVE-2016-20071
High

The 404 Redirection Manager plugin version 1.0 for WordPress contains an unauthenticated SQL injection vulnerability that allows remote attackers to execute arbitrary SQL queries by injecting malicious code through unsanitized user input.

CVE-2016-20069
High

The WordPress Booking Calendar Contact Form plugin version 1.0.23 contains an unauthenticated blind SQL injection vulnerability in the shortcode function that fails to sanitize the calendar parameter before using it in database queries.

CVE-2016-20068
High

The WordPress Booking Calendar Contact Form plugin version 1.0.23 contains an unauthenticated blind SQL injection vulnerability that allows remote attackers to execute arbitrary SQL queries by injecting malicious code through the 'id' parameter.

CVE-2016-20066
High

WordPress CP Polls version 1.0.8 contains a persistent cross-site scripting vulnerability that allows attackers to inject malicious scripts through unsanitized file upload functionality. Attackers can upload files containing script payloads with event handlers, enabling arbitrary JavaScript execution in the browsers of users viewing the affected content.

CVE-2026-34026
High

Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, contains a path traversal vulnerability in the documentName parameter of the /safe/selfservice/openselfservicedocument endpoint. This allows an authenticated attacker with any role or permission level to traverse out of the intended document directory and download arbitrary files accessible to the application.

CVE-2026-34024
High

The Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, contains missing authorization checks on multiple web application endpoints. An authenticated attacker with minimal privileges can access endpoints that are not visible in the frontend but remain directly reachable.

CVE-2026-34023
High

The Wertheim SafeController Software, AssemblyVersion 6.15.8328.28014, contains an incorrect authorization vulnerability in the WebSocket communication used by the SafeController WebMessageBroker. An authenticated attacker with valid low-privileged branch user credentials can manipulate WebSocket messages, allowing access to restricted functions in other branches.

CVE-2026-34022
High

The Wertheim SafeController Family 65000, AssemblyVersion 6.11.8130.22319, uses weak custom cryptographic algorithms with hard-coded cryptographic keys to protect communication. An attacker in a man-in-the-middle position can decrypt the data traffic.

CVE-2026-34021
High

The Wertheim SafeController 5400 (AssemblyVersion 6.11.8130.22320) uses RS-485 communication between the server and the microcontroller without cryptographic protection. An attacker with access to the communication path can sniff and replay RS-485 messages.

CVE-2026-12057
High

The application executing the JavaScript script embedded in the PDF within the sandbox fails to intercept some dangerous interfaces, allowing remote scripts to be loaded and resulting in arbitrary code execution.

CVE-2026-50100
High

Multiple printer drivers provided by Ricoh Company, Ltd. and KONICA MINOLTA JAPAN, INC. contain a privilege escalation vulnerability. If exploited, an attacker who can log in to a computer running an affected printer driver could elevate privileges using a specially crafted driver.

CVE-2026-11860
High

Quick.CMS deserializes user-controlled data sent over unprotected HTTP, allowing attackers to tamper with data and inject malicious objects. Due to insufficient validation, arbitrary code execution can occur on the server.

CVE-2026-12222
High

A vulnerability was found in Yealink SIP-T46U version 108.86.0.118 in the mod_webd.BlueToothTest function in the file /api/inner/bttest of the Web FastCGI Service. Manipulation of the btMac, pin, or reserved arguments can lead to a stack-based buffer overflow. The attack requires local network access and the exploit has been publicly disclosed.

CVE-2026-12221
High

A stack-based buffer overflow vulnerability was found in Yealink SIP-T46U firmware version 108.86.0.118. The issue occurs in the sprintf function within the /api/upgrade/upgrade file when processing uid and start_offset arguments in the Firmware Chunk Upload Handler component. The attack requires local network access and the exploit has been made public.

CVE-2026-12220
High

A stack-based buffer overflow vulnerability has been found in Yealink SIP-T46U firmware version 108.86.0.118. The issue affects the mod_upgrade.SparePartsUpload function in the /api/upgrade/accupgradebychunk file, where manipulation of the uid argument can cause a buffer overflow. The attack requires local network access and exploit details have been publicly disclosed.

CVE-2026-12218
High

A stack-based buffer overflow vulnerability was found in Yealink SIP-T46U version 108.87.50.1. It affects the StartReportInformation function in the /api/inner/beforewifitest file of the Web FastCGI service. Manipulating the port argument causes the overflow.

CVE-2026-12217
High

A vulnerability has been detected in DVDFab Virtual Drive 2.0.0.5, affecting an unknown function in the dvdfabio.sys library of the Signed Kernel Driver component. Manipulation leads to improper privilege management.

PreviousPage 129 of 3344Next

Vulnerability data from NVD (NIST) · CISA KEV · EPSS