Vuldb Updates

A vulnerability was found in SonicWall SMA1000. It has been rated as critical. Affected by this vulnerability is an unknown functionality of the component Tunnel TOTP Authentication. This manipulation causes improper handling of unicode encoding. This vulnerability is tracked as CVE-2026-4116. The attack is possible to be carried out remotely. No exploit exists.

A vulnerability was found in SonicWall SMA1000. It has been declared as critical. Affected is an unknown function of the component AMC TOTP Authentication. The manipulation results in improper handling of unicode encoding. This vulnerability is identified as CVE-2026-4114. The attack can be executed remotely. There is not any exploit available.

A vulnerability classified as problematic has been found in code-projects Simple Laundry System 1.0. This vulnerability affects unknown code of the file /delmemberinfo.php. Performing a manipulation of the argument userid results in cross site scripting. This vulnerability is identified as CVE-2026-5825. The attack can be initiated remotely. Additionally, an exploit exists.

A vulnerability classified as problematic was found in code-projects Simple IT Discussion Forum 1.0. This issue affects some unknown processing of the file /edit-category.php. Executing a manipulation of the argument Category can lead to cross site scripting. This vulnerability is tracked as CVE-2026-5826. The attack can be launched remotely. Moreover, an exploit is present.

A vulnerability marked as problematic has been reported in Your Journey Plugin up to 1.9.8 on WordPress. The impacted element is an unknown function. This manipulation causes cross site scripting. This vulnerability is handled as CVE-2023-3933. The attack can be initiated remotely. There is not any exploit available.

A vulnerability described as problematic has been identified in Winters Plugin up to 1.4.3 on WordPress. This affects an unknown function. Such manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2023-3962. The attack can be launched remotely. No exploit exists.

A vulnerability classified as problematic has been found in nsc Plugin up to 1.0 on WordPress. This impacts an unknown function. Performing a manipulation results in cross site scripting. This vulnerability was named CVE-2023-3965. The attack may be initiated remotely. There is no available exploit.

A vulnerability classified as problematic has been found in Social Media Share Buttons & Social Sharing Icons Plugin up to 2.8.5 on WordPress. Impacted is an unknown function. This manipulation causes cross-site request forgery. The identification of this vulnerability is CVE-2023-5602. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability classified as problematic has been found in Skype Legacy Buttons Plugin up to 3.1 on WordPress. This affects an unknown function of the component Shortcode Handler. This manipulation causes cross site scripting. This vulnerability is tracked as CVE-2023-5615. The attack is possible to be carried out remotely. No exploit exists.

A vulnerability classified as problematic has been found in Modern Footnotes Plugin up to 1.4.16 on WordPress. This affects an unknown part of the component Shortcode Handler. This manipulation causes cross site scripting. This vulnerability is registered as CVE-2023-5618. Remote exploitation of the attack is possible. No exploit is available.

A vulnerability classified as problematic has been found in Soisy Pagamento Rateale Plugin up to 6.0.1 on WordPress. This affects an unknown function. The manipulation leads to missing authorization. This vulnerability is listed as CVE-2023-5132. The attack may be initiated remotely. There is no available exploit.

A vulnerability was found in SALESmanago Plugin up to 3.2.4 on WordPress. It has been classified as critical. The affected element is an unknown function. This manipulation causes improper output neutralization for logs. This vulnerability appears as CVE-2023-4939. The attacker needs to be present on the local network. There is no available exploit.

A vulnerability was found in Add Custom Body Class Plugin up to 1.4.1 on WordPress and classified as problematic. This vulnerability affects unknown code. The manipulation results in cross site scripting. This vulnerability is cataloged as CVE-2023-5205. The attack may be launched remotely. There is no exploit available.

A vulnerability was found in EventON Plugin up to 2.2.2 on WordPress. It has been declared as problematic. Impacted is an unknown function. Such manipulation leads to cross site scripting. This vulnerability is documented as CVE-2023-4635. The attack can be executed remotely. There is not any exploit available.

A vulnerability was found in Advanced Menu Widget Plugin up to 0.4.1 on WordPress. It has been declared as problematic. This issue affects some unknown processing of the component Shortcode Handler. Executing a manipulation can lead to cross site scripting. The identification of this vulnerability is CVE-2023-5085. The attack may be launched remotely. There is no exploit available.

A vulnerability was found in SonicWall SMA1000. It has been classified as problematic. This impacts an unknown function of the component SSL VPN. The manipulation leads to observable response discrepancy. This vulnerability is referenced as CVE-2026-4113. Remote exploitation of the attack is possible. No exploit is available.

A vulnerability labeled as critical has been found in SonicWall SMA1000 up to 12.4.3-03245/12.5.0-02283. Affected by this vulnerability is an unknown functionality. Such manipulation leads to sql injection. This vulnerability is documented as CVE-2026-4112. The attack can be executed remotely. There is not any exploit available.

A vulnerability was found in Apache ActiveMQ Client, ActiveMQ Broker and ActiveMQ and classified as critical. The impacted element is an unknown function. Such manipulation leads to path traversal. This vulnerability is traded as CVE-2026-33227. The attack may be launched remotely. There is no exploit available. It is suggested to upgrade the affected component.

A vulnerability classified as critical was found in Elastic Logstash up to 8.19.13. Affected is an unknown function of the component Archive Handler. Such manipulation leads to path traversal. This vulnerability is referenced as CVE-2026-33466. It is possible to launch the attack remotely. No exploit is available.

A vulnerability has been found in vim up to 8.1 and classified as critical. This vulnerability affects unknown code. The manipulation leads to stack-based buffer overflow. This vulnerability is uniquely identified as CVE-2022-1771. The attack is possible to be carried out remotely. No exploit exists. The affected component should be upgraded.