41168 matches found
PT-2026-36211
Name of the Vulnerable Software and Affected Versions SourceCodester Hotel Management System version 1.0 Description An issue exists in the '/index.php/reservation/check' endpoint where manipulation of the room type argument allows for SQL injection, which is a technique used to interfere with th...
PT-2026-36149
Name of the Vulnerable Software and Affected Versions GnuTLS affected versions not specified Description A flaw in DTLS handshake parsing allows malformed fragments with zero length and non-zero offset to cause an integer underflow during reassembly. This leads to an out-of-bounds read, which is...
ROS-20260430-73-0008
Vulnerability in golang related to errors in certificate authentication procedure. The vulnerability can be exploited remotely...
ROS-20260430-73-0016
Vulnerability in golang related to errors in certificate authentication procedure. The vulnerability can be exploited remotely...
CVE-2026-7445 ZachHandley ZMCPTools MCP Log Resource ResourceManager.ts path traversal
A security vulnerability has been detected in ZachHandley ZMCPTools up to 0.2.2. Affected by this issue is some unknown functionality of the file src/managers/ResourceManager.ts of the component MCP Log Resource Handler. The manipulation of the argument dirname leads to path traversal. Remote...
CVE-2026-7420
A security flaw has been discovered in UTT HiPER 1250GW up to 3.2.7-210907-180535. Impacted is the function strcpy of the file route/goform/ConfigAdvideo. The manipulation of the argument Profile results in buffer overflow. The attack can be executed remotely. The exploit has been released to the...
CVE-2026-7419
A vulnerability was identified in UTT HiPER 1250GW up to 3.2.7-210907-180535. This issue affects the function strcpy of the file route/goform/formTaskEditap. The manipulation of the argument Profile leads to buffer overflow. Remote exploitation of the attack is possible. The exploit is publicly...
CVE-2026-7420 UTT HiPER 1250GW ConfigAdvideo strcpy buffer overflow
A security flaw has been discovered in UTT HiPER 1250GW up to 3.2.7-210907-180535. Impacted is the function strcpy of the file route/goform/ConfigAdvideo. The manipulation of the argument Profile results in buffer overflow. The attack can be executed remotely. The exploit has been released to the...
CVE-2026-7420
A security flaw has been discovered in UTT HiPER 1250GW up to 3.2.7-210907-180535. Impacted is the function strcpy of the file route/goform/ConfigAdvideo. The manipulation of the argument Profile results in buffer overflow. The attack can be executed remotely. The exploit has been released to the...
CVE-2026-7420 UTT HiPER 1250GW ConfigAdvideo strcpy buffer overflow
A security flaw has been discovered in UTT HiPER 1250GW up to 3.2.7-210907-180535. Impacted is the function strcpy of the file route/goform/ConfigAdvideo. The manipulation of the argument Profile results in buffer overflow. The attack can be executed remotely. The exploit has been released to the...
CVE-2026-7420
CVE-2026-7420 affects UTT HiPER 1250GW (up to 3.2.7-210907-180535). The vulnerability is in the strcpy usage of route/goform/ConfigAdvideo, where manipulating the Profile argument causes a buffer overflow. This leads to remote code execution potential, with exploits publicly available. Affected c...
CVE-2026-7410
A vulnerability has been found in SourceCodester Pizzafy Ecommerce System 1.0. This vulnerability affects unknown code of the file /admin/ajax.php?action=addtocart. The manipulation of the argument pid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to...
CVE-2026-7418
A vulnerability was determined in UTT HiPER 1250GW up to 3.2.7-210907-180535. This vulnerability affects the function strcpy of the file route/goform/NTP. Executing a manipulation of the argument Profile can lead to buffer overflow. The attack may be launched remotely. The exploit has been public...
CVE-2026-7409
A flaw has been found in SourceCodester Pizzafy Ecommerce System 1.0. This affects the function saveuser of the file /admin/ajax.php?action=saveuser. Executing a manipulation can lead to sql injection. The attack can be launched remotely. The exploit has been published and may be used...
CVE-2026-7419 UTT HiPER 1250GW formTaskEdit_ap strcpy buffer overflow
A vulnerability was identified in UTT HiPER 1250GW up to 3.2.7-210907-180535. This issue affects the function strcpy of the file route/goform/formTaskEditap. The manipulation of the argument Profile leads to buffer overflow. Remote exploitation of the attack is possible. The exploit is publicly...
CVE-2026-7418 UTT HiPER 1250GW NTP strcpy buffer overflow
A vulnerability was determined in UTT HiPER 1250GW up to 3.2.7-210907-180535. This vulnerability affects the function strcpy of the file route/goform/NTP. Executing a manipulation of the argument Profile can lead to buffer overflow. The attack may be launched remotely. The exploit has been public...
CVE-2026-7418
A vulnerability was determined in UTT HiPER 1250GW up to 3.2.7-210907-180535. This vulnerability affects the function strcpy of the file route/goform/NTP. Executing a manipulation of the argument Profile can lead to buffer overflow. The attack may be launched remotely. The exploit has been public...
CVE-2026-7418 UTT HiPER 1250GW NTP strcpy buffer overflow
A vulnerability was determined in UTT HiPER 1250GW up to 3.2.7-210907-180535. This vulnerability affects the function strcpy of the file route/goform/NTP. Executing a manipulation of the argument Profile can lead to buffer overflow. The attack may be launched remotely. The exploit has been public...
CVE-2026-7418
The CVE covers UTT HiPER 1250GW versions up to 3.2.7-210907-180535. The issue affects the function strcpy in file route/goform/NTP, where manipulating the Profile argument can trigger a buffer overflow. This vulnerability is remotely triggerable and has publicly disclosed exploit details. No reme...
EUVD-2026-26294
A vulnerability was found in Algovate xhs-mcp 0.8.11. This affects the function xhspublishcontent of the file src/server/mcp.server.ts of the component MCP Interface. Performing a manipulation of the argument mediapaths results in server-side request forgery. The attack may be initiated remotely...