ROS-20260430-73-0016

Vulnerability in golang related to errors in certificate authentication procedure. The vulnerability can be exploited remotely...

SUSE Manager 4.3.15 - Code Execution

Exploit Title: SUSE Manager 4.3.15 - Code Execution Date: 29.01.2026 Exploit Author: Wiktor Maj Vendor Homepage: https://www.uyuni-project.org/ Software Link: https://github.com/uyuni-project/uyuni Version: Uyuni 2025.05, SUSE Manager 5.0.4, SUSE Manager 4.3.15 Tested on: Debian 12 bookworm, Pyth...

PT-2026-36259

A vulnerability has been found in UTT HiPER 1200GW up to 2.5.3-170306. The impacted element is the function strcpy of the file /goform/formRemoteControl. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used...

PT-2026-36191

Name of the Vulnerable Software and Affected Versions LinkStackOrg LinkStack versions prior to 4.8.7 Description A weakness in the editPage function within the app/Http/Controllers/UserController.php file allows for remote cross-site scripting XSS, which occurs when a user-supplied value is...

FreeBSD 安全漏洞

FreeBSD is a Unix-like operating system developed by the FreeBSD Foundation. FreeBSD has security vulnerabilities; these vulnerabilities stem from incorrect packet validation, which leads to infinite recursion when parsing SCTP block parameters. This can result in stack overflows and crashes...

PT-2026-36211

Name of the Vulnerable Software and Affected Versions SourceCodester Hotel Management System version 1.0 Description An issue exists in the '/index.php/reservation/check' endpoint where manipulation of the room type argument allows for SQL injection, which is a technique used to interfere with th...

PT-2026-36149

Name of the Vulnerable Software and Affected Versions GnuTLS affected versions not specified Description A flaw in DTLS handshake parsing allows malformed fragments with zero length and non-zero offset to cause an integer underflow during reassembly. This leads to an out-of-bounds read, which is...

CVE-2026-7445 ZachHandley ZMCPTools MCP Log Resource ResourceManager.ts path traversal

A security vulnerability has been detected in ZachHandley ZMCPTools up to 0.2.2. Affected by this issue is some unknown functionality of the file src/managers/ResourceManager.ts of the component MCP Log Resource Handler. The manipulation of the argument dirname leads to path traversal. Remote...

CVE-2026-7420

A security flaw has been discovered in UTT HiPER 1250GW up to 3.2.7-210907-180535. Impacted is the function strcpy of the file route/goform/ConfigAdvideo. The manipulation of the argument Profile results in buffer overflow. The attack can be executed remotely. The exploit has been released to the...

CVE-2026-7419

A vulnerability was identified in UTT HiPER 1250GW up to 3.2.7-210907-180535. This issue affects the function strcpy of the file route/goform/formTaskEditap. The manipulation of the argument Profile leads to buffer overflow. Remote exploitation of the attack is possible. The exploit is publicly...

CVE-2026-7420

CVE-2026-7420 affects UTT HiPER 1250GW (up to 3.2.7-210907-180535). The vulnerability is in the strcpy usage of route/goform/ConfigAdvideo, where manipulating the Profile argument causes a buffer overflow. This leads to remote code execution potential, with exploits publicly available. Affected c...

CVE-2026-7420

A security flaw has been discovered in UTT HiPER 1250GW up to 3.2.7-210907-180535. Impacted is the function strcpy of the file route/goform/ConfigAdvideo. The manipulation of the argument Profile results in buffer overflow. The attack can be executed remotely. The exploit has been released to the...

CVE-2026-7420 UTT HiPER 1250GW ConfigAdvideo strcpy buffer overflow

A security flaw has been discovered in UTT HiPER 1250GW up to 3.2.7-210907-180535. Impacted is the function strcpy of the file route/goform/ConfigAdvideo. The manipulation of the argument Profile results in buffer overflow. The attack can be executed remotely. The exploit has been released to the...

CVE-2026-7420 UTT HiPER 1250GW ConfigAdvideo strcpy buffer overflow

A security flaw has been discovered in UTT HiPER 1250GW up to 3.2.7-210907-180535. Impacted is the function strcpy of the file route/goform/ConfigAdvideo. The manipulation of the argument Profile results in buffer overflow. The attack can be executed remotely. The exploit has been released to the...

CVE-2026-7418

A vulnerability was determined in UTT HiPER 1250GW up to 3.2.7-210907-180535. This vulnerability affects the function strcpy of the file route/goform/NTP. Executing a manipulation of the argument Profile can lead to buffer overflow. The attack may be launched remotely. The exploit has been public...

CVE-2026-7410

A vulnerability has been found in SourceCodester Pizzafy Ecommerce System 1.0. This vulnerability affects unknown code of the file /admin/ajax.php?action=addtocart. The manipulation of the argument pid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to...

CVE-2026-7409

A flaw has been found in SourceCodester Pizzafy Ecommerce System 1.0. This affects the function saveuser of the file /admin/ajax.php?action=saveuser. Executing a manipulation can lead to sql injection. The attack can be launched remotely. The exploit has been published and may be used...

CVE-2026-7419 UTT HiPER 1250GW formTaskEdit_ap strcpy buffer overflow

A vulnerability was identified in UTT HiPER 1250GW up to 3.2.7-210907-180535. This issue affects the function strcpy of the file route/goform/formTaskEditap. The manipulation of the argument Profile leads to buffer overflow. Remote exploitation of the attack is possible. The exploit is publicly...

CVE-2026-7418 UTT HiPER 1250GW NTP strcpy buffer overflow

A vulnerability was determined in UTT HiPER 1250GW up to 3.2.7-210907-180535. This vulnerability affects the function strcpy of the file route/goform/NTP. Executing a manipulation of the argument Profile can lead to buffer overflow. The attack may be launched remotely. The exploit has been public...

CVE-2026-7418

The CVE covers UTT HiPER 1250GW versions up to 3.2.7-210907-180535. The issue affects the function strcpy in file route/goform/NTP, where manipulating the Profile argument can trigger a buffer overflow. This vulnerability is remotely triggerable and has publicly disclosed exploit details. No reme...