Lucene search
K

309 matches found

NVD
NVD
added 2 days ago6 views

CVE-2026-15520

A vulnerability was determined in GNU LibreDWG 0.13.4-154-g0b573035. This impacts the function decompressR2004section of the file src/decode.c of the component R2004 Section Decompression. Executing a manipulation can lead to heap-based buffer overflow. The attack requires local access. The explo...

5.3CVSS0.00136EPSS
Exploits0References10
EUVD
EUVD
added 3 days ago8 views

EUVD-2026-43201

A vulnerability was found in H3C NX15 V100R017. Affected by this vulnerability is the function changepasswd of the file /api/login/modify of the component Administrator Password Modification Endpoint. The manipulation of the argument newPass results in weak password recovery. The attack may be...

7.5CVSS5.8AI score0.00278EPSS
Exploits0References5
CVE
CVE
added 4 days ago12 views

CVE-2026-15470

Technical details (affected product, versions, root cause, exploit specifics) are not publicly provided in the supplied documents. Monitor for updates.

5.3CVSS5.7AI score0.00207EPSS
Exploits0References5
EUVD
EUVD
added 6 days ago8 views

EUVD-2026-42590

A vulnerability was determined in GPAC 26.03-DEV. This affects the function vobsubreadidx of the file /src/mediatools/vobsub.c of the component MP4Box. Executing a manipulation of the argument numlangs can lead to out-of-bounds read. The attack needs to be launched locally. The exploit has been...

4.8CVSS5.4AI score0.00112EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/07/04 12:0 a.m.17 views

PT-2026-55724

Name of the Vulnerable Software and Affected Versions SourceCodester Class and Exam Timetabling System version 1.0 Description An issue exists in the /edit course.php endpoint where manipulation of the ID variable allows for remote SQL injection. SQL injection is a technique where malicious SQL...

7.5CVSS7.1AI score0.00416EPSS
Exploits0References11
EUVD
EUVD
added 2026/06/28 12:45 p.m.9 views

EUVD-2026-39995

A vulnerability was determined in itsourcecode Hospital Management System 1.0. The impacted element is an unknown function of the file /appointment.php. This manipulation of the argument editid causes sql injection. The attack can be initiated remotely. The exploit has been publicly disclosed and...

6.5CVSS6.5AI score0.00204EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/06/09 2:59 p.m.12 views

CVE-2026-11512

A security vulnerability has been detected in itsourcecode Hospital Management System 1.0. This issue affects some unknown processing of the file /billing.php. The manipulation of the argument patientid leads to cross site scripting. The attack can be initiated remotely. The exploit has been...

5.3CVSS3.8AI score0.00273EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/09 8:59 a.m.14 views

CVE-2026-11490

A vulnerability was determined in code-projects Online Music Site 1.0. This issue affects some unknown processing of the file /Frontend/Search.php. This manipulation of the argument Category causes sql injection. It is possible to initiate the attack remotely. The exploit has been publicly...

7.5CVSS7AI score0.0029EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/06/08 6:30 a.m.6 views

CVE-2026-11497

A vulnerability has been found in D-Link DCS-5615 1.01.00. Affected by this vulnerability is an unknown functionality of the file /etc/conf.d/boa/boa.conf of the component Boa Webserver. Such manipulation leads to least privilege violation. The attack can be executed remotely. The exploit has bee...

6.9CVSS5.4AI score0.00432EPSS
Exploits0References6Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/08 1:30 a.m.12 views

CVE-2026-11476

A security vulnerability has been detected in Kushan2k student-management-system up to f16a4ceaddd6729c4b306ed4641cda3176c1ef2a. Affected by this issue is the function edit-admin of the file controllers/AdminController.php of the component Profile Update Endpoint. The manipulation of the argument...

6.5CVSS6.1AI score0.00209EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.20 views

PT-2026-47291

Name of the Vulnerable Software and Affected Versions UTT HiPER 2610G versions prior to 3.0.0-171107 Description A remote buffer overflow can occur due to the use of the strcpy function within the /goform/formConfigDnsFilterGlobal file. This issue is triggered by manipulating the GroupName...

9CVSS8AI score0.006EPSS
Exploits0References8
EUVD
EUVD
added 2026/06/06 9:15 a.m.13 views

EUVD-2026-34963

A vulnerability was determined in GL.iNet MT3000 up to 4.4.5. This vulnerability affects unknown code of the file ovpnclient.sh of the component OpenVPN Client Import Workflow. This manipulation causes command injection. Remote exploitation of the attack is possible. The exploit has been publicly...

6.5CVSS6.2AI score0.0123EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/06/03 12:30 a.m.9 views

CVE-2026-10703 EIPStackGroup OpENer SendRRData cipmessagerouter.c CreateMessageRouterRequestStructure use after free

A security vulnerability has been detected in EIPStackGroup OpENer up to 2.3.0. Affected is the function CreateMessageRouterRequestStructure of the file cipmessagerouter.c of the component SendRRData Handler. The manipulation leads to use after free. Remote exploitation of the attack is possible...

6.5CVSS6.1AI score0.00243EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/06/01 3:30 a.m.9 views

CVE-2026-10220

A vulnerability was determined in NousResearch hermes-agent up to 2026.4.30. Affected is the function servepluginskill/skillview of the file tools/skillstool.py. Executing a manipulation can lead to injection. The attack may be performed from remote. The exploit has been publicly disclosed and ma...

7.5CVSS6.8AI score0.00304EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2026/06/01 3:30 a.m.51 views

CVE-2026-10220

CVE-2026-10220 affects NousResearch hermes-agent up to version 2026.4.30. The vulnerability targets the function _serve_plugin_skill/skill_view in tools/skills_tool.py, where a manipulation can cause injection. It is described as a remote-access issue with a publicly disclosed exploit (PoC). The ...

7.5CVSS6.8AI score0.00304EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/01 3:0 a.m.11 views

EUVD-2026-33539

A vulnerability has been found in nextlevelbuilder GoClaw up to 3.11.3. This affects the function auth of the file internal/http/evolutionhandlers.go. Such manipulation leads to improper authorization. The attack can be executed remotely. The exploit has been disclosed to the public and may be...

5.5CVSS5.6AI score0.0023EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/05/29 1:45 p.m.14 views

CVE-2026-10062 TRENDnet TEW-432BRP formSetRoute stack-based overflow

A vulnerability was determined in TRENDnet TEW-432BRP 3.10B20. Affected by this vulnerability is the function formSetRoute of the file /goform/formSetRoute. This manipulation of the argument ip/mask/gateway causes stack-based buffer overflow. The attack is possible to be carried out remotely. The...

9CVSS7.8AI score0.00835EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/05/25 10:0 a.m.39 views

CVE-2026-9448 code-projects Employee Management System applyleave.php cross site scripting

A vulnerability was determined in code-projects Employee Management System 1.0. This affects an unknown function of the file /applyleave.php. Executing a manipulation of the argument ID can lead to cross site scripting. The attack may be performed from remote. The exploit has been publicly...

5.3CVSS0.00336EPSS
Exploits0References5
CVE
CVE
added 2026/05/24 9:45 a.m.28 views

CVE-2026-9371

CVE-2026-9371 affects ItzCrazyKns Vane up to 1.12.1, specifically the API route.ts functionality where a missing authentication check exists. The vulnerability arises from missing authentication in that component, enabling remote manipulation. The issue is described as having a high attack comple...

6.3CVSS5.2AI score0.00437EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/05/24 12:0 a.m.17 views

PT-2026-42920

A security vulnerability has been detected in Edimax EW-7438RPn 1.12. This vulnerability affects the function formConnectionSetting of the file /goform/formConnectionSetting of the component Setting Handler. Such manipulation of the argument max Conn/timeOut leads to command injection. The attack...

6.5CVSS6.3AI score0.01158EPSS
Exploits0References4
Rows per page
Query Builder