659 matches found
CVE-2026-26892
Sourcecodester Logistic Hub Parcel's Management System v1.0 is vulnerable to SQL Injection in /managecarrier.php...
EUVD-2026-9309
Sourcecodester Logistic Hub Parcel's Management System v1.0 is vulnerable to SQL Injection in /managecarrier.php...
CVE-2026-26891
Sourcecodester Logistic Hub Parcel's Management System v1.0 is vulnerable to SQL Injection in /manageparceltype.php...
CVE-2026-26891
Sourcecodester Logistic Hub Parcel's Management System v1.0 is vulnerable to SQL Injection in /manageparceltype.php...
CVE-2026-26891
Sourcecodester Logistic Hub Parcel's Management System v1.0 is vulnerable to SQL Injection in /manageparceltype.php...
SourceCodester Logistic Hub Parcel Management System 安全漏洞
SourceCodester Logistic Hub Parcel Management System is a simple web-based open-source application project developed by SourceCodester. Its main purpose is to provide a automated platform for logistics centers to manage and track parcel records. Version 1.0 of the SourceCodester Logistic Hub Parc...
CVE-2026-26892
CVE-2026-26892 affects Sourcecodester Logistics Hub Parcel’s Management System v1.0, with SQL Injection in /manage_carrier.php. Documents confirm a network-accessible vulnerability impacting confidentiality, integrity, and availability (CVSSv3.1: C/H, I/H, A/H; AV:N/AC:L/PR:H/UI:N/S:U). No remedi...
PT-2026-22788
Sourcecodester Logistic Hub Parcel's Management System v1.0 is vulnerable to SQL Injection in /manage parcel type.php...
EUVD-2026-9308
Sourcecodester Logistic Hub Parcel's Management System v1.0 is vulnerable to SQL Injection in /manageparceltype.php...
SourceCodester Logistic Hub Parcel Management System 安全漏洞
SourceCodester Logistic Hub Parcel Management System is a simple web-based open-source application project developed by SourceCodester. Its main purpose is to provide a automated platform for logistics centers to manage and track package records. Version 1.0 of the SourceCodester Logistic Hub...
CVE-2026-26891
CVE-2026-26891 affects Sourcecodester Logistic Hub Parcel's Management System v1.0 and is caused by a SQL Injection vulnerability in the endpoint /manage_parcel_type.php. The connected records consistently describe the same issue across multiple feeds (NVD, Red Hat, CVE List, EUVD, etc.). The vul...
CVE-2026-0007
In writeToParcel of WindowInfo.cpp, there is a possible way to trick a user into accepting a permission due to a tapjacking/overlay attack. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...
CVE-2026-0007
Consolidated sources describe CVE-2026-0007 as a vulnerability in WindowInfo.cpp, writeToParcel, enabling a tapjacking/overlay attack that could grant permissions and allow local elevation of privilege without additional execution privileges. Exploitation details are not provided in the Initial d...
ASB-A-433251166
Bulletin has no description...
GHSA-83FC-FQCC-2HMG React Server Components have multiple Denial of Service Vulnerabilities
Impact It was found that the fixes to address DoS in React Server Components were incomplete and we found multiple denial of service vulnerabilities still exist in React Server Components. We recommend updating immediately. The vulnerability exists in versions 19.0.0, 19.0.1, 19.0.2, 19.0.3,...
EUVD-2026-4673
React Server Components have multiple Denial of Service Vulnerabilities...
React Server Components have multiple Denial of Service Vulnerabilities
Impact It was found that the fixes to address DoS in React Server Components were incomplete and we found multiple denial of service vulnerabilities still exist in React Server Components. We recommend updating immediately. The vulnerability exists in versions 19.0.0, 19.0.1, 19.0.2, 19.0.3,...
K000159700: React framework vulnerability CVE-2026-23864
Security Advisory Description Multiple denial of service vulnerabilities exist in React Server Components, affecting the following packages: react-server-dom-parcel, react-server-dom-turbopack, react-server-dom-webpack. The vulnerabilities are triggered by sending specially crafted HTTP requests ...
Allocation of Resources Without Limits or Throttling
Overview react-server-dom-parcel is a React Server Components bindings for DOM using Parcel. This is intended to be integrated into meta-frameworks. It is not intended to be imported directly. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling...
CVE-2026-23864
CVE-2026-23864 affects React Server Components packages: react-server-dom-parcel, react-server-dom-turbopack, and react-server-dom-webpack. The connected advisories describe a denial-of-service condition triggered by specially crafted HTTP requests to Server Function endpoints, potentially causin...