CVE-2026-9608 QianFox FoxCMS Administrator Backend edit cross site scripting

A vulnerability was determined in QianFox FoxCMS up to 1.2.6. The impacted element is an unknown function of the file /Tag/edit of the component Administrator Backend. Executing a manipulation can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been...

CVE-2026-9608

A vulnerability was determined in QianFox FoxCMS up to 1.2.6. The impacted element is an unknown function of the file /Tag/edit of the component Administrator Backend. Executing a manipulation can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been...

EUVD-2026-32028

A vulnerability was determined in QianFox FoxCMS up to 1.2.6. The impacted element is an unknown function of the file /Tag/edit of the component Administrator Backend. Executing a manipulation can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been...

CVE-2026-9607

Itsourcecode Courier Management System 1.0 contains a SQL injection in /parcel_list.php triggered by manipulating the s argument. This is exploitable remotely over the network with low privileges and no user interaction, per the published CVE details. The connected documents confirm an in-the-wil...

CVE-2026-9607 itsourcecode Courier Management System parcel_list.php sql injection

A vulnerability was found in itsourcecode Courier Management System 1.0. The affected element is an unknown function of the file /parcellist.php. Performing a manipulation of the argument s results in sql injection. It is possible to initiate the attack remotely. The exploit has been made public...

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.216 contained a resource management vulnerability. This vulnerability stemmed from the reuse of resources after they were released in the ANGLE framework. It could allow remote attackers to execu...

PT-2026-44648

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 148.0.7778.216 Description A heap buffer overflow exists in ANGLE, which is a compatibility layer that allows OpenGL ES to run on various graphics APIs. This issue allows a remote attacker to potentially exploit...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.216 contained a security vulnerability caused by an integer overflow issue in Skia. This vulnerability could allow remote attackers who have compromised rendering processes to execute a sandbox...

PT-2026-43471

A vulnerability was identified in QianFox FoxCMS up to 1.2.6. This affects the function Edit of the file Admin.php. The manipulation leads to weak password recovery. The attack can be initiated remotely. The exploit is publicly available and might be used. The project was informed of the problem...

Synology DiskStation Manager（DSM） 代码问题漏洞

Synology DiskStation Manager DSM is an operating system developed by Synology Inc. It is used for managing data, files, photos, music, and other information on network storage servers. Versions of DSM prior to 7.2.2.6-72806-5 and 7.3.1.8-86003-1 contained code vulnerabilities. These vulnerabiliti...

PT-2026-44050

Name of the Vulnerable Software and Affected Versions TeamSpeak 3 Server versions prior to 3.13.8 Description A use after free issue exists in the Connection State Management component. The flaw occurs when the server receives two clientinit packets in rapid succession on UDP port 9987. While one...

PT-2026-44048

Insecure Permissions vulnerability in kvf-admin v1.0.0 allows a remote attacker to escalate privileges via the UserController.java component...

Google Chrome 资源管理错误漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 148.0.7778.216 contained a resource management vulnerability. This vulnerability stemmed from the reuse of GPU components after they were released, which could allow remote attackers to exploit the system b...

CVE-2026-9606

The vulnerability CVE-2026-9606 affects itsourcecode Courier Management System 1.0, specifically the /manage_user.php component. The root cause is manipulation of the ID parameter that leads to a SQL injection, with remote exploitation confirmed and a public exploit disclosed. The CVSS-based data...

CVE-2026-9606

A vulnerability has been found in itsourcecode Courier Management System 1.0. Impacted is an unknown function of the file /manageuser.php. Such manipulation of the argument ID leads to sql injection. The attack may be performed from remote. The exploit has been disclosed to the public and may be...

CVE-2026-9604

A vulnerability was detected in JeecgBoot up to 3.9.1. This vulnerability affects unknown code of the component AiragModelController. The manipulation of the argument list/queryById results in improper access controls. The attack can be executed remotely. The exploit is now public and may be used...

CVE-2026-9605

GNU libredwg up to 0.13.4.8160 has a heap-based buffer overflow in the bit_read_RC function (bits.c) of the Dwgbmp Utility. The flaw can be triggered remotely and an exploit has been published. A patch identified by hash 8f03865f37f5d4ffd616fef802acc980be54d300 is available; applying the patch is...

CVE-2026-9605 GNU libredwg Dwgbmp Utility bits.c bit_read_RC heap-based overflow

A flaw has been found in GNU libredwg up to 0.13.4.8160. This issue affects the function bitreadRC of the file bits.c of the component Dwgbmp Utility. This manipulation causes heap-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been published and may be...

CVE-2026-9605

A flaw has been found in GNU libredwg up to 0.13.4.8160. This issue affects the function bitreadRC of the file bits.c of the component Dwgbmp Utility. This manipulation causes heap-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been published and may be...

EUVD-2026-32023

A flaw has been found in GNU libredwg up to 0.13.4.8160. This issue affects the function bitreadRC of the file bits.c of the component Dwgbmp Utility. This manipulation causes heap-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been published and may be...