18785 matches found
PT-2026-20646
A flaw has been found in busy up to 2.5.5. The affected element is an unknown function of the file source-code/busy-master/src/server/app.js of the component Callback Handler. Executing a manipulation of the argument state can lead to open redirect. It is possible to launch the attack remotely. T...
PT-2026-20569
Name of the Vulnerable Software and Affected Versions itsourcecode Event Management System version 1.0 Description A flaw exists in itsourcecode Event Management System version 1.0 related to SQL injection. The issue is located in the Admin Login functionality, specifically within the...
CVE-2026-2656
A flaw has been found in ChaiScript up to 6.1.0. This affects the function chaiscript::TypeInfo::bareequal of the file include/chaiscript/dispatchkit/typeinfo.hpp. This manipulation causes use after free. The attack requires local access. The attack's complexity is rated as high. The exploitabili...
CVE-2026-2656 ChaiScript type_info.hpp bare_equal use after free
A flaw has been found in ChaiScript up to 6.1.0. This affects the function chaiscript::TypeInfo::bareequal of the file include/chaiscript/dispatchkit/typeinfo.hpp. This manipulation causes use after free. The attack requires local access. The attack's complexity is rated as high. The exploitabili...
CVE-2026-2615
A flaw has been found in Wavlink WL-NU516U1 up to 20251208. The affected element is the function singlePortForwardDelete of the file /cgi-bin/firewall.cgi. Executing a manipulation of the argument delflag can lead to command injection. The attack may be launched remotely. The exploit has been...
Infinite loop
Overview org.webjars.npm:jsrsasign is a free pure JavaScript cryptographic library. Affected versions of this package are vulnerable to Infinite loop via the bnModInverse function in ext/jsbn2.js when the BigInteger.modInverse implementation receives zero or negative inputs, allowing an attacker ...
PT-2026-20457
A flaw has been found in ChaiScript up to 6.1.0. This affects the function chaiscript::Type Info::bare equal of the file include/chaiscript/dispatchkit/type info.hpp. This manipulation causes use after free. The attack requires local access. The attack's complexity is rated as high. The...
PT-2026-20969
CVE ID : CVE-2026-25421 Published : Feb. 18, 2026, 7:39 a.m. | 34 minutes ago Description : None Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-28448
creationtimestamp| type| source ---|---|--- 2026-02-17 21:37:55+00:00| published-proof-of-concept| https://github.com/advisories/GHSA-33rq-m5x2-fvgf...
CVE-2026-2615
A flaw has been found in Wavlink WL-NU516U1 up to 20251208. The affected element is the function singlePortForwardDelete of the file /cgi-bin/firewall.cgi. Executing a manipulation of the argument delflag can lead to command injection. The attack may be launched remotely. The exploit has been...
CVE-2026-2524
A flaw has been found in Open5GS 2.7.6. The impacted element is the function mmes11handlecreatesessionresponse of the component MME. This manipulation causes denial of service. The attack can be initiated remotely. The exploit has been published and may be used. The project was informed of the...
CVE-2026-2558
A flaw has been found in GeekAI up to 4.2.4. The affected element is the function Download of the file api/handler/nethandler.go. This manipulation of the argument url causes server-side request forgery. Remote exploitation of the attack is possible. The exploit has been published and may be used...
CVE-2026-2558
A flaw has been found in GeekAI up to 4.2.4. The affected element is the function Download of the file api/handler/nethandler.go. This manipulation of the argument url causes server-side request forgery. Remote exploitation of the attack is possible. The exploit has been published and may be used...
CVE-2026-2558 GeekAI net_handler.go Download server-side request forgery
A flaw has been found in GeekAI up to 4.2.4. The affected element is the function Download of the file api/handler/nethandler.go. This manipulation of the argument url causes server-side request forgery. Remote exploitation of the attack is possible. The exploit has been published and may be used...
CVE-2026-2558
A flaw has been found in GeekAI up to 4.2.4. The affected element is the function Download of the file api/handler/nethandler.go. This manipulation of the argument url causes server-side request forgery. Remote exploitation of the attack is possible. The exploit has been published and may be used...
EUVD-2026-6128
A flaw has been found in Tosei Self-service Washing Machine 4.02. Impacted is an unknown function of the file /cgi-bin/toseidatasend.php. Executing a manipulation of the argument adrtxt1 can lead to command injection. It is possible to launch the attack remotely. The exploit has been published an...
Improper Verification of Cryptographic Signature
Overview org.webjars.npm:jsrsasign is a free pure JavaScript cryptographic library. Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature via the DSA domain-parameter validation in KJUR.crypto.DSA.setPublic and the related DSA/X509 verification flow ...
EUVD-2026-6137
A flaw has been found in Open5GS 2.7.6. The impacted element is the function mmes11handlecreatesessionresponse of the component MME. This manipulation causes denial of service. The attack can be initiated remotely. The exploit has been published and may be used. The project was informed of the...
CVE-2026-2524
A flaw has been found in Open5GS 2.7.6. The impacted element is the function mmes11handlecreatesessionresponse of the component MME. This manipulation causes denial of service. The attack can be initiated remotely. The exploit has been published and may be used. The project was informed of the...
PT-2026-8309
Name of the Vulnerable Software and Affected Versions Tosei Self-service Washing Machine version 4.02 Description A flaw exists in Tosei Self-service Washing Machine version 4.02. The issue impacts an unknown function within the /cgi-bin/tosei datasend.php file. Manipulation of the adr txt 1...