Calgary, Alberta, Canada
sales@hackhalt.com
Free Download Free Download Free Download
Explore Pricing Explore Pricing Explore Pricing

Blog

"Prevention is cheaper than a breach"

Live Vulnerability Intelligence

Threat Database

Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.

Total14,261
Critical855
High2,811
Medium10,399
Reset
Showing 1341-1360 of 14261 records
Threat Entry Updated 2026-01-16

CVE-2025-12166 - Simply Schedule Appointments Booking Plugin

The Appointment Booking Calendar — Simply Schedule Appointments Booking Plugin plugin for WordPress is vulnerable to blind SQL Injection via the `order` and `append_where_sql` parameters in all versions up to, and including, 1.6.9.9 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.

PLUGIN Simply Schedule Appointments Booking

CVE-2025-12166

HIGH CVSS 7.5 2026-01-14
Open Full Technical Breakdown
Threat Entry Updated 2026-01-16

CVE-2026-0601 - Nexus Repository Plugin

A reflected cross-site scripting vulnerability exists in Nexus Repository 3 that allows unauthenticated attackers to execute arbitrary JavaScript in a victim's browser through a specially crafted request requiring user interaction.

PLUGIN Nexus Repository

CVE-2026-0601

MEDIUM CVSS 5.1 2026-01-14
Open Full Technical Breakdown
Threat Entry Updated 2026-02-03

CVE-2026-23512 - Sumatrapdf Plugin

SumatraPDF is a multi-format reader for Windows. In 3.5.2 and earlier, there is a Untrusted Search Path vulnerability when Advanced Options setting is trigger. The application executes notepad.exe without specifying an absolute path when using the Advanced Options setting. On Windows, this allows execution of a malicious notepad.exe placed in the application's installation directory, leading to arbitrary code execution.

PLUGIN Sumatrapdf

CVE-2026-23512

HIGH CVSS 8.6 2026-01-14
Open Full Technical Breakdown
Threat Entry Updated 2026-02-03

CVE-2026-0861 - Glibc Plugin

Passing too large an alignment to the memalign suite of functions (memalign, posix_memalign, aligned_alloc) in the GNU C Library version 2.30 to 2.42 may result in an integer overflow, which could consequently result in a heap corruption. Note that the attacker must have control over both, the size as well as the alignment arguments of the memalign function to be able to exploit this. The size parameter must be close enough to PTRDIFF_MAX so as to overflow size_t along with the large alignment argument. This limits the malicious inputs for…

PLUGIN Glibc

CVE-2026-0861

HIGH CVSS 8.4 2026-01-14
Open Full Technical Breakdown
Threat Entry Updated 2026-01-20

CVE-2026-23492 - Pimcore Plugin

Pimcore is an Open Source Data & Experience Management Platform. Prior to 12.3.1 and 11.5.14, an incomplete SQL injection patch in the Admin Search Find API allows an authenticated attacker to perform blind SQL injection. Although CVE-2023-30848 attempted to mitigate SQL injection by removing SQL comments (--) and catching syntax errors, the fix is insufficient. Attackers can still inject SQL payloads that do not rely on comments and infer database information via blind techniques. This vulnerability affects the admin interface and can lead to database information disclosure. This vulnerability is…

PLUGIN Pimcore

CVE-2026-23492

HIGH CVSS 8.8 2026-01-14
Open Full Technical Breakdown
Threat Entry Updated 2026-01-28

CVE-2026-23498 - Shopware Plugin

Shopware is an open commerce platform. From 6.7.0.0 to before 6.7.6.1, a regression of CVE-2023-2017 leads to an array and array crafted PHP Closure not checked being against allow list for the map(...) override. This vulnerability is fixed in 6.7.6.1.

PLUGIN Shopware

CVE-2026-23498

HIGH CVSS 7.2 2026-01-14
Open Full Technical Breakdown
Threat Entry Updated 2026-01-16

CVE-2026-23497 - Lms Plugin

Frappe Learning Management System (LMS) is a learning system that helps users structure their content. In 2.44.0 and earlier, there is a stored XSS vulnerability where a specially crafted image filename could execute malicious JavaScript when rendered on course or jobs pages.

PLUGIN Lms

CVE-2026-23497

LOW CVSS 1.3 2026-01-14
Open Full Technical Breakdown
Threat Entry Updated 2026-01-26

CVE-2026-23477 - Rocket.Chat Plugin

Rocket.Chat is an open-source, secure, fully customizable communications platform. In Rocket.Chat versions up to 6.12.0, the API endpoint GET /api/v1/oauth-apps.get is exposed to any authenticated user, regardless of their role or permissions. This endpoint returns an OAuth application, as long as the user knows its ID, including potentially sensitive fields such as client_id and client_secret. This vulnerability is fixed in 6.12.0.

PLUGIN Rocket.Chat

CVE-2026-23477

HIGH CVSS 7.7 2026-01-14
Open Full Technical Breakdown
Threat Entry Updated 2026-01-22

CVE-2026-22036 - Undici Plugin

Undici is an HTTP/1.1 client for Node.js. Prior to 7.18.0 and 6.23.0, the number of links in the decompression chain is unbounded and the default maxHeaderSize allows a malicious server to insert thousands compression steps leading to high CPU usage and excessive memory allocation. This vulnerability is fixed in 7.18.0 and 6.23.0.

PLUGIN Undici

CVE-2026-22036

MEDIUM CVSS 5.9 2026-01-14
Open Full Technical Breakdown
Threat Entry Updated 2026-01-20

CVE-2026-22857 - FreeRDP Plugin

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a heap use-after-free occurs in irp_thread_func because the IRP is freed by irp->Complete() and then accessed again on the error path. This vulnerability is fixed in 3.20.1.

PLUGIN FreeRDP

CVE-2026-22857

MEDIUM CVSS 6.8 2026-01-14
Open Full Technical Breakdown
Threat Entry Updated 2026-01-20

CVE-2026-22856 - FreeRDP Plugin

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a race in the serial channel IRP thread tracking allows a heap use‑after‑free when one thread removes an entry from serial->IrpThreads while another reads it. This vulnerability is fixed in 3.20.1.

PLUGIN FreeRDP

CVE-2026-22856

MEDIUM CVSS 6.8 2026-01-14
Open Full Technical Breakdown
Threat Entry Updated 2026-01-20

CVE-2026-22859 - FreeRDP Plugin

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, the URBDRC client does not perform bounds checking on server‑supplied MSUSB_INTERFACE_DESCRIPTOR values and uses them as indices in libusb_udev_complete_msconfig_setup, causing an out‑of‑bounds read. This vulnerability is fixed in 3.20.1.

PLUGIN FreeRDP

CVE-2026-22859

MEDIUM CVSS 5.6 2026-01-14
Open Full Technical Breakdown
Threat Entry Updated 2026-01-20

CVE-2026-22858 - FreeRDP Plugin

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, global-buffer-overflow was observed in FreeRDP's Base64 decoding path. The root cause appears to be implementation-defined char signedness: on Arm/AArch64 builds, plain char is treated as unsigned, so the guard c

PLUGIN FreeRDP

CVE-2026-22858

MEDIUM CVSS 5.6 2026-01-14
Open Full Technical Breakdown
Threat Entry Updated 2026-01-20

CVE-2026-22855 - FreeRDP Plugin

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a heap out-of-bounds read occurs in the smartcard SetAttrib path when cbAttrLen does not match the actual NDR buffer length. This vulnerability is fixed in 3.20.1.

PLUGIN FreeRDP

CVE-2026-22855

MEDIUM CVSS 5.6 2026-01-14
Open Full Technical Breakdown
Threat Entry Updated 2026-01-20

CVE-2026-22851 - FreeRDP Plugin

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a race condition between the RDPGFX dynamic virtual channel thread and the SDL render thread leads to a heap use-after-free. Specifically, an escaped pointer to sdl->primary (SDL_Surface) is accessed after it has been freed during RDPGFX ResetGraphics handling. This vulnerability is fixed in 3.20.1.

PLUGIN FreeRDP

CVE-2026-22851

MEDIUM CVSS 6.9 2026-01-14
Open Full Technical Breakdown
Threat Entry Updated 2026-01-20

CVE-2026-22854 - FreeRDP Plugin

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a heap-buffer-overflow occurs in drive read when a server-controlled read length is used to read file data into an IRP output stream buffer without a hard upper bound, allowing an oversized read to overwrite heap memory. This vulnerability is fixed in 3.20.1.

PLUGIN FreeRDP

CVE-2026-22854

MEDIUM CVSS 6.8 2026-01-14
Open Full Technical Breakdown
Scroll to top