911 matches found
EUVD-2026-45167
A vulnerability was found in code-projects Hospital Bed Management System 1.0. This affects an unknown part of the component Login Form. Performing a manipulation of the argument Username results in sql injection. Remote exploitation of the attack is possible. The exploit has been made public and...
CVE-2026-15718
CVE-2026-15718 concerns an invalid pointer in Firefox’s JavaScript: WebAssembly component. Affected software: Mozilla Firefox. Root cause (as stated by the CVE entry title): an invalid pointer within the WebAssembly interaction layer of the JavaScript engine. Impact details are not elaborated bey...
CVE-2026-15528
CVE-2026-15528 affects lamaalrajih/kicad-mcp up to 3.3.1. The vulnerability is in kicad_mcp/utils/path_validator.py where manipulating the arguments project_path or schematic_path causes a protection mechanism failure. Local exploitation is required, and the exploit has been made public. The proj...
PT-2026-57615
Name of the Vulnerable Software and Affected Versions lamaalrajih kicad-mcp versions prior to 3.3.2 Description A failure in the protection mechanism occurs during the processing of the file kicad mcp/utils/path validator.py. This issue can be triggered by manipulating the project path or schemat...
PT-2026-57524
Name of the Vulnerable Software and Affected Versions H3C NX15 version V100R017 Description A flaw exists in the Administrator Password Modification Endpoint within the change passwd function of the '/api/login/modify' endpoint. Remote manipulation of the newPass argument can lead to weak passwor...
PT-2026-57574
Name of the Vulnerable Software and Affected Versions coollabsio Coolify versions prior to 4.1.2 Description A flaw in the Policy Handler component, specifically within a function in the /app/Policies/ file, allows for missing authorization. This issue enables remote exploitation through...
EUVD-2026-42809
A security flaw has been discovered in zhayujie CowAgent up to 2.1.0. The impacted element is an unknown function of the file channel/channel.py of the component Message Endpoint. The manipulation results in missing authorization. The attack may be launched remotely. The exploit has been released...
CVE-2026-15320
A vulnerability was detected in Sipeed PicoClaw up to 0.2.9. This vulnerability affects the function rt.ReloadConfig of the file pkg/channels/pico/pico.go. Performing a manipulation of the argument message.send results in missing authorization. It is possible to initiate the attack remotely. The...
CVE-2026-15270 D-link DIR-823G Web boa.conf least privilege violation
A weakness has been identified in D-link DIR-823G 1.0.2B0520181207. Affected by this vulnerability is an unknown functionality of the file /etc/boa/boa.conf of the component Web Interface. Executing a manipulation can lead to least privilege violation. The attack can be launched remotely. The...
EUVD-2026-42632
A security flaw has been discovered in Open5GS 2.7.7. This affects the function amfcontextfinal of the file src/amf/context.c of the component AMF. Performing a manipulation results in use after free. The attack is only possible with local access. The exploit has been released to the public and m...
EUVD-2026-42615
A vulnerability was detected in SourceCodester Simple and Nice Shopping Cart Script 1.0. This affects an unknown part of the file /login.php. Performing a manipulation of the argument Username results in sql injection. Remote exploitation of the attack is possible. The exploit is now public and m...
EUVD-2026-41815
A vulnerability was detected in react create-react-app up to 5.0.1 on macOS. This affects the function startBrowserProcess of the file openBrowser.js of the component react-dev-utils. Performing a manipulation results in os command injection. Remote exploitation of the attack is possible. The...
EUVD-2026-41786
A vulnerability was found in itsourcecode Hospital Management System 1.0. This affects an unknown function of the file /payment.php. The manipulation of the argument patientid results in sql injection. The attack can be launched remotely. The exploit has been made public and could be used...
EUVD-2026-41734
A vulnerability has been found in UTT HiPER 1250GW up to 3.2.7-210907-180535. This affects an unknown function of the file /goform/ConfigWirelessBase5g of the component Web Endpoint. The manipulation of the argument ssid leads to stack-based buffer overflow. The attack is possible to be carried o...
EUVD-2026-41731
A vulnerability was detected in itsourcecode Hospital Management System 1.0. The affected element is an unknown function of the file /patientlogin.php. Performing a manipulation of the argument loginid results in sql injection. Remote exploitation of the attack is possible. The exploit is now...
EUVD-2026-41720
A vulnerability was detected in code-projects Internship Management System 1.0. This affects an unknown function of the file employer/details/changepassword.php of the component Password Change Endpoint. The manipulation of the argument Current results in sql injection. The attack can be executed...
CVE-2026-14692 SourceCodester Multi-Vendor Online Grocery Management System POST Parameter Master.php save_shop_type sql injection
A vulnerability was detected in SourceCodester Multi-Vendor Online Grocery Management System 1.0/5.7.26. Affected is the function saveshoptype of the file classes/Master.php of the component POST Parameter Handler. Performing a manipulation results in sql injection. The attack is possible to be...
DEBIAN-CVE-2026-14686
A vulnerability was found in HdrHistogram up to 2.2.2. This issue affects the function org.HdrHistogram.DoubleHistogram.recordValue of the file src/main/java/org/HdrHistogram/DoubleHistogram.java of the component Range Check. Performing a manipulation results in incorrect comparison. The attack i...
CVE-2026-14686 HdrHistogram Range Check DoubleHistogram.java org.HdrHistogram.DoubleHistogram.recordValue comparison
A vulnerability was found in HdrHistogram up to 2.2.2. This issue affects the function org.HdrHistogram.DoubleHistogram.recordValue of the file src/main/java/org/HdrHistogram/DoubleHistogram.java of the component Range Check. Performing a manipulation results in incorrect comparison. The attack i...
CVE-2026-14686
A vulnerability was found in HdrHistogram up to 2.2.2. This issue affects the function org.HdrHistogram.DoubleHistogram.recordValue of the file src/main/java/org/HdrHistogram/DoubleHistogram.java of the component Range Check. Performing a manipulation results in incorrect comparison. The attack i...