Aggregator
2026-05-31: Seven days of scans and probes and web traffic hitting my web server
1 week 5 days hence
CVE-2026-57698 | Villame Abandoned Cart Recovery for WooCommerce Plugin up to 1.1.12 on WordPress improper authentication
42 minutes 7 seconds ago
A vulnerability was found in Villame Abandoned Cart Recovery for WooCommerce Plugin up to 1.1.12 on WordPress. It has been declared as problematic. Affected is an unknown function. Executing a manipulation can lead to improper authentication.
This vulnerability is tracked as CVE-2026-57698. The attack can be launched remotely. No exploit exists.
vuldb.com
CVE-2020-37134 | UltraVNC Viewer 1.2.4.0 allocation of resources (Exploit 48291 / EUVD-2020-31034)
42 minutes 11 seconds ago
A vulnerability, which was classified as problematic, has been found in UltraVNC Viewer 1.2.4.0. The impacted element is an unknown function. This manipulation causes allocation of resources.
This vulnerability is tracked as CVE-2020-37134. The attack is possible to be carried out remotely. Moreover, an exploit is present.
It is advisable to upgrade the affected component.
vuldb.com
CVE-2025-35979 | Intel Processor information disclosure (intel-sa-01420)
43 minutes 27 seconds ago
A vulnerability classified as problematic has been found in Intel Processor. Affected by this issue is some unknown functionality. The manipulation leads to information disclosure.
This vulnerability is traded as CVE-2025-35979. An attack has to be approached locally. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2026-3787 | UltraVNC 1.6.4.0 on Windows Windows Service cryptbase.dll uncontrolled search path (EUVD-2026-10277)
43 minutes 30 seconds ago
A vulnerability was found in UltraVNC 1.6.4.0 on Windows. It has been classified as problematic. This affects an unknown function in the library cryptbase.dll of the component Windows Service. This manipulation causes uncontrolled search path.
This vulnerability appears as CVE-2026-3787. The attack requires local access. In addition, an exploit is available.
Upgrading the affected component is recommended.
The vendor was contacted early about this disclosure but did not respond in any way.
vuldb.com
CVE-2019-10208 | PostgreSQL Execute Permission sql injection (Nessus ID 213339)
43 minutes 34 seconds ago
A vulnerability described as critical has been identified in PostgreSQL. Affected by this vulnerability is an unknown functionality of the component Execute Permission Handler. The manipulation results in sql injection.
This vulnerability was named CVE-2019-10208. The attack may be performed from remote. There is no available exploit.
Upgrading the affected component is recommended.
vuldb.com
CVE-2023-24055 | KeePass up to 2.53 XML Configuration File missing encryption
44 minutes 9 seconds ago
A vulnerability marked as problematic has been reported in KeePass up to 2.53. This affects an unknown function of the component XML Configuration File Handler. This manipulation causes missing encryption of sensitive data.
The identification of this vulnerability is CVE-2023-24055. The attack needs to be done within the local network. There is no exploit available.
There are still doubts about whether this vulnerability truly exists.
It is suggested to upgrade the affected component.
vuldb.com
CVE-2026-59089 | GIMP TIM Loader integer overflow
44 minutes 16 seconds ago
A vulnerability categorized as problematic has been discovered in GIMP. This affects an unknown part of the component TIM Loader. Executing a manipulation can lead to integer overflow.
This vulnerability is registered as CVE-2026-59089. It is possible to launch the attack remotely. No exploit is available.
It is advisable to upgrade the affected component.
vuldb.com
CVE-2026-57791 | meMove Brook Plugin up to 2.9.0 on WordPress Include/Require Statement include filename file inclusion
1 hour ago
A vulnerability, which was classified as critical, has been found in meMove Brook Plugin up to 2.9.0 on WordPress. This affects the function include of the component Include/Require Statement. Performing a manipulation of the argument filename results in file inclusion.
This vulnerability was named CVE-2026-57791. The attack may be initiated remotely. There is no available exploit.
vuldb.com
CVE-2026-57790 | meMove Billey Plugin up to 2.1.8 on WordPress Include/Require Statement include/require filename file inclusion
1 hour ago
A vulnerability classified as critical was found in meMove Billey Plugin up to 2.1.8 on WordPress. Affected by this issue is the function include/require of the component Include/Require Statement. Such manipulation of the argument filename leads to file inclusion.
This vulnerability is uniquely identified as CVE-2026-57790. The attack can be launched remotely. No exploit exists.
vuldb.com
CVE-2026-57789 | jwsthemes Aqua Plugin up to 5.1.2 on WordPress Include/Require Statement filename file inclusion
1 hour ago
A vulnerability classified as critical has been found in jwsthemes Aqua Plugin up to 5.1.2 on WordPress. Affected by this vulnerability is an unknown functionality of the component Include/Require Statement. This manipulation of the argument filename causes file inclusion.
This vulnerability is handled as CVE-2026-57789. The attack can be initiated remotely. There is not any exploit available.
vuldb.com
CVE-2026-57788 | Edge-mes Aalto Plugin up to 1.8 on WordPress Include/Require Statement filename file inclusion
1 hour ago
A vulnerability described as critical has been identified in Edge-mes Aalto Plugin up to 1.8 on WordPress. Affected is an unknown function of the component Include/Require Statement. The manipulation of the argument filename results in file inclusion.
This vulnerability is known as CVE-2026-57788. It is possible to launch the attack remotely. No exploit is available.
vuldb.com
CVE-2026-57743 | stmcan RT-Theme 18 Plugin up to 2.5 on WordPress Include/Require include filename file inclusion
1 hour ago
A vulnerability marked as critical has been reported in stmcan RT-Theme 18 Plugin up to 2.5 on WordPress. This impacts the function include of the component Include/Require. The manipulation of the argument filename leads to file inclusion.
This vulnerability is traded as CVE-2026-57743. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com
CVE-2024-38797 | TianoCore EDK2 up to edk2-stable202408 HashPeImageByType out-of-bounds (GHSA-4wjw-6xmf-44xf / Nessus ID 234205)
1 hour 12 minutes ago
A vulnerability classified as problematic was found in TianoCore EDK2 up to edk2-stable202408. This vulnerability affects the function HashPeImageByType. The manipulation results in out-of-bounds read.
This vulnerability is reported as CVE-2024-38797. The attacker must have access to the local network to execute the attack. No exploit exists.
Upgrading the affected component is advised.
vuldb.com
CVE-2026-40215 | OpenVPN up to 2.6.19/2.7.1 TLS Session Promotion out-of-bounds (Nessus ID 323101)
1 hour 12 minutes ago
A vulnerability marked as problematic has been reported in OpenVPN up to 2.6.19/2.7.1. Affected by this vulnerability is an unknown functionality of the component TLS Session Promotion. Performing a manipulation results in out-of-bounds read.
This vulnerability was named CVE-2026-40215. The attack may be initiated remotely. There is no available exploit.
It is suggested to upgrade the affected component.
vuldb.com
CVE-2026-35058 | OpenVPN up to 2.6.19/2.7.1 Packet Length assertion (EUVD-2026-35197 / Nessus ID 323101)
1 hour 12 minutes ago
A vulnerability was found in OpenVPN up to 2.6.19/2.7.1. It has been classified as problematic. Impacted is an unknown function of the component Packet Length Handler. Performing a manipulation results in reachable assertion.
This vulnerability is reported as CVE-2026-35058. The attack is possible to be carried out remotely. No exploit exists.
Upgrading the affected component is recommended.
vuldb.com
CVE-2019-5676 | NVIDIA Windows GPU Display Driver DLL Loader untrusted search path
1 hour 36 minutes ago
A vulnerability has been found in NVIDIA Windows GPU Display Driver and classified as critical. Affected by this vulnerability is an unknown functionality of the component DLL Loader. The manipulation leads to untrusted search path.
This vulnerability is referenced as CVE-2019-5676. The attack can only be performed from a local environment. No exploit is available.
The affected component should be upgraded.
vuldb.com
CVE-2022-34385 | Dell SupportAssist for Home PCs information disclosure
1 hour 36 minutes ago
A vulnerability described as problematic has been identified in Dell SupportAssist for Home PCs and SupportAssist for Business PCs. This affects an unknown part. The manipulation results in information disclosure.
This vulnerability is identified as CVE-2022-34385. The attack can be executed remotely. There is not any exploit available.
Upgrading the affected component is recommended.
vuldb.com
CVE-2026-4769 | WAGO System IO Field Diagnostic improper authentication
1 hour 36 minutes ago
A vulnerability has been found in WAGO System IO Field and classified as very critical. This vulnerability affects unknown code of the component Diagnostic. Performing a manipulation results in improper authentication.
This vulnerability is cataloged as CVE-2026-4769. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com