14361 matches found
EUVD-2026-41711
A security flaw has been discovered in CodeAstro Apartment Visitor Management System 1.0. The impacted element is an unknown function of the file /apartment-visitor/add-apartment.php. The manipulation of the argument apartmentno results in sql injection. The attack may be launched remotely. The...
EUVD-2026-41712
A weakness has been identified in SourceCodester Multi-Vendor Online Grocery Management System 1.0. This affects the function saveusers of the file classes/Users.php. This manipulation causes improper authorization. Remote exploitation of the attack is possible. The exploit has been made availabl...
EUVD-2026-41708
A vulnerability was found in HdrHistogram up to 2.2.2. This issue affects the function org.HdrHistogram.DoubleHistogram.recordValue of the file src/main/java/org/HdrHistogram/DoubleHistogram.java of the component Range Check. Performing a manipulation results in incorrect comparison. The attack i...
CVE-2026-14698
A security flaw has been discovered in SourceCodester Syllabus-Aligned Learning Management and Examination System 1.0. Impacted is an unknown function of the file uploadfiles.php. Performing a manipulation results in unrestricted upload. The attack may be initiated remotely. The exploit has been...
CVE-2026-14686
Technical details about this CVE are not publicly available in the provided documents. Monitor for updates.
CVE-2026-14683
CVE-2026-14683 affects HdrHistogram up to 2.2.2. The vulnerability is in org.HdrHistogram.AbstractHistogram.decodeFromCompressedByteBuffer, where manipulating lengthOfCompressedContents can trigger uncontrolled memory allocation. Exploitation is local, and a public exploit exists. The issue was r...
CVE-2026-14655
CVE-2026-14655 affects code-projects Assessment Management 1.0. The vulnerability is in an unknown functionality of the file admin/view-users.php , where manipulating the argument User can lead to cross-site scripting (XSS) . The attack is described as possible to be performed from remote, with a...
EUVD-2026-41696
A vulnerability was found in SourceCodester Simple and Nice Shopping Cart Script 1.0. This affects an unknown function of the file /admin/login.php of the component Admin Login. The manipulation of the argument Username results in sql injection. The attack may be launched remotely. The exploit ha...
EUVD-2026-41688
A vulnerability was found in CodeAstro Apartment Visitor Management System 1.0. Affected is an unknown function of the file /index.php of the component Login. Performing a manipulation of the argument Username results in sql injection. Remote exploitation of the attack is possible. The exploit ha...
CVE-2026-14640
CVE-2026-14640 describes a SQL injection in CodeAstro Apartment Visitor Management System 1.0. The vulnerability is in the Login component, specifically an unknown function in /index.php, where manipulating the Username argument can lead to remote exploitation. The exploit is publicly available a...
EUVD-2026-41679
A vulnerability was determined in kirilkirkov Ecommerce-CodeIgniter-Bootstrap up to 49b20f53de2b7ec34e920b11c863f1491d911a04. This affects an unknown part of the file /index.php/api/product/set of the component Hidden REST API Endpoint. This manipulation of the argument title/description causes...
CVE-2026-14628
The CVE concerns NousResearch hermes-agent (up to 2026.5.16), specifically the Live Webhook Endpoint component’s gateway/platforms/base.py extract_media function. The vulnerability is a path traversal flaw that can be triggered remotely. Public exploit information exists, and CVSS metrics show a ...
EUVD-2026-41673
A vulnerability was detected in NousResearch hermes-agent up to 2026.5.16. This impacts the function extractmedia of the file gateway/platforms/base.py of the component Live Webhook Endpoint. Performing a manipulation results in path traversal. The attack may be initiated remotely. The exploit is...
EUVD-2026-41670
A weakness has been identified in NousResearch hermes-agent up to 2026.4.30. The impacted element is the function AIAgent.runconversation of the file runagent.py of the component HTTP API. This manipulation of the argument todos causes denial of service. The attack can be initiated remotely. The...
CVE-2026-14622
A vulnerability was found in jairiidriss restaurant-website-php-mysql up to 521428b5b612449df0cf4a5d15ee40cba67f3d35. This vulnerability affects unknown code of the file /admin/ajaxfiles of the component AJAX Endpoint. Performing a manipulation results in missing authentication. The attack is...
EUVD-2026-41661
A vulnerability was found in jairiidriss restaurant-website-php-mysql up to 521428b5b612449df0cf4a5d15ee40cba67f3d35. This vulnerability affects unknown code of the file /admin/ajaxfiles of the component AJAX Endpoint. Performing a manipulation results in missing authentication. The attack is...
EUVD-2026-41611
A vulnerability was detected in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. This issue affects some unknown processing. The manipulation results in session fixiation. The attack can be executed remotely. The attack requires a high level of complexity. The...
EUVD-2026-41563
A security flaw has been discovered in RT-Thread up to 5.0.2. Affected by this issue is the function CANReceive in the library bsp/synwit/libraries/SWM341CSL/CMSIS/DeviceSupport/SWM341.h of the component SWM341 CAN Handler. Performing a manipulation results in stack-based buffer overflow. The...
EUVD-2026-41562
A vulnerability was identified in RT-Thread up to 5.0.2. Affected by this vulnerability is the function recvmsg in the library bsp/loongson/ls1cdev/libraries/ls1ccan.h of the component ls1c CAN Handler. Such manipulation leads to stack-based buffer overflow. Local access is required to approach...
PT-2026-55579
Name of the Vulnerable Software and Affected Versions RT-Thread versions prior to 5.0.3 Description A stack-based buffer overflow exists in the recvmsg function within the bsp/loongson/ls1cdev/libraries/ls1c can.h library of the ls1c CAN Handler component. This issue requires local access to be...