4929316 matches found
CVE-2026-16229 itsourcecode Courier Management System index.php cross site scripting
A flaw has been found in itsourcecode Courier Management System up to 1.0. Affected by this vulnerability is an unknown functionality of the file /index.php. Executing a manipulation of the argument page can lead to cross site scripting. It is possible to launch the attack remotely. The exploit h...
CVE-2026-16229 itsourcecode Courier Management System index.php cross site scripting
A flaw has been found in itsourcecode Courier Management System up to 1.0. Affected by this vulnerability is an unknown functionality of the file /index.php. Executing a manipulation of the argument page can lead to cross site scripting. It is possible to launch the attack remotely. The exploit h...
CVE-2026-16228 SourceCodester Class and Exam Timetabling System edit_schoolyr.php sql injection
A vulnerability was detected in SourceCodester Class and Exam Timetabling System 1.0. Affected is an unknown function of the file /editschoolyr.php. Performing a manipulation of the argument ID results in sql injection. It is possible to initiate the attack remotely. The exploit is now public and...
CVE-2026-16228 SourceCodester Class and Exam Timetabling System edit_schoolyr.php sql injection
A vulnerability was detected in SourceCodester Class and Exam Timetabling System 1.0. Affected is an unknown function of the file /editschoolyr.php. Performing a manipulation of the argument ID results in sql injection. It is possible to initiate the attack remotely. The exploit is now public and...
CVE-2026-53369
In the Linux kernel, the following vulnerability has been resolved: udf: reject descriptors with oversized CRC length udfreadtagged skips CRC verification when descCRCLength + sizeofstruct tag exceeds the block size. A crafted UDF image can set descCRCLength to an oversized value to bypass CRC...
CVE-2026-53371
In the Linux kernel, the following vulnerability has been resolved: RDMA/ionic: bound nodedesc sysfs read with %.64s nodedesc64 in struct ibdevice is not guaranteed to be NUL- terminated. The core IB sysfs handler uses "%.64s" for exactly this reason drivers/infiniband/core/sysfs.c:1307, since...
CVE-2026-53370
In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel: Improve validation and configuration of ACR masks Currently there are several issues on the user space ACR mask validation and configuration. - The validation for user space ACR mask attr.config2 is incomplete,...
CVE-2026-53372
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Block PASID attachment to nested domain with dirty tracking Kernel lacks dirty tracking support on nested domain attached to PASID, fails the attachment early if nesting parent domain is dirty tracking configured,...
CVE-2026-53368
In the Linux kernel, the following vulnerability has been resolved: f2fs: fix fsck inconsistency caused by incorrect natentry flag usage f2fsneeddentrymark reads natentry flags without mutual exclusion with the checkpoint path, which can result in an incorrect inode block marking state. The...
CVE-2026-16225
A security flaw has been discovered in davenardella snap7 up to 1.4.3. The impacted element is the function TSnap7Peer::NegotiatePDULength of the file src/core/s7peer.cpp. The manipulation of the argument PDULength results in out-of-bounds write. The attack can be executed remotely. The exploit h...
CVE-2026-16224
A vulnerability was identified in jxxghp MoviePilot up to 2.13.5. The affected element is an unknown function of the file /jxxghp/MoviePilot of the component Application API. The manipulation leads to improper authorization. Remote exploitation of the attack is possible. The identifier of the pat...
CVE-2026-53367
In the Linux kernel, the following vulnerability has been resolved: selinux: fix avdcache auditing The per-task avdcache was incorrectly saving and reusing the audited vector computed by avcauditrequired rather than recomputing based on the currently requested permissions and distinguishing the...
CVE-2026-16226
A weakness has been identified in SourceCodester Pizzafy Ecommerce System 1.0. This affects the function savesettings of the file /admin/adminclassnovo.php. This manipulation of the argument img causes unrestricted upload. The attack is possible to be carried out remotely...
CVE-2026-16227 SourceCodester Class and Exam Timetabling System edit_subject.php sql injection
A security vulnerability has been detected in SourceCodester Class and Exam Timetabling System 1.0. This impacts an unknown function of the file /editsubject.php. Such manipulation of the argument ID leads to sql injection. The attack may be performed from remote. The exploit has been disclosed...
CVE-2026-16227 SourceCodester Class and Exam Timetabling System edit_subject.php sql injection
A security vulnerability has been detected in SourceCodester Class and Exam Timetabling System 1.0. This impacts an unknown function of the file /editsubject.php. Such manipulation of the argument ID leads to sql injection. The attack may be performed from remote. The exploit has been disclosed...
CVE-2026-53372 iommu/vt-d: Block PASID attachment to nested domain with dirty tracking
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Block PASID attachment to nested domain with dirty tracking Kernel lacks dirty tracking support on nested domain attached to PASID, fails the attachment early if nesting parent domain is dirty tracking configured,...
CVE-2026-53372
In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Block PASID attachment to nested domain with dirty tracking Kernel lacks dirty tracking support on nested domain attached to PASID, fails the attachment early if nesting parent domain is dirty tracking configured,...
CVE-2026-53371 RDMA/ionic: bound node_desc sysfs read with %.64s
In the Linux kernel, the following vulnerability has been resolved: RDMA/ionic: bound nodedesc sysfs read with %.64s nodedesc64 in struct ibdevice is not guaranteed to be NUL- terminated. The core IB sysfs handler uses "%.64s" for exactly this reason drivers/infiniband/core/sysfs.c:1307, since...
CVE-2026-53371
In the Linux kernel, the following vulnerability has been resolved: RDMA/ionic: bound nodedesc sysfs read with %.64s nodedesc64 in struct ibdevice is not guaranteed to be NUL- terminated. The core IB sysfs handler uses "%.64s" for exactly this reason drivers/infiniband/core/sysfs.c:1307, since...
CVE-2026-53370
In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel: Improve validation and configuration of ACR masks Currently there are several issues on the user space ACR mask validation and configuration. - The validation for user space ACR mask attr.config2 is incomplete,...