Lucene search
K

41216 matches found

Positive Technologies
Positive Technologies
added 2026/04/05 12:0 a.m.5 views

PT-2026-30430

A vulnerability was found in PHPGurukul Online Shopping Portal Project 2.1. The impacted element is an unknown function of the file /payment-method.php of the component Parameter Handler. Performing a manipulation of the argument paymethod results in sql injection. It is possible to initiate the...

6.5CVSS6.4AI score0.00246EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/04/05 12:0 a.m.5 views

PT-2026-30415

A vulnerability was identified in PHPGurukul User Registration & Login and User Management System 3.3. The affected element is an unknown function of the file /admin/yesterday-reg-users.php. The manipulation of the argument ID leads to sql injection. Remote exploitation of the attack is possible...

6.5CVSS5.8AI score0.00196EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/04/05 12:0 a.m.6 views

PT-2026-30429

A vulnerability has been found in AntaresMugisho PyBlade 0.1.8-alpha/0.1.9-alpha. The affected element is the function is safe ast of the file sandbox.py of the component AST Validation. Such manipulation leads to improper neutralization of special elements used in a template engine. The attack m...

6.5CVSS6AI score0.00314EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/04/05 12:0 a.m.4 views

PT-2026-30509

A flaw has been found in griptape-ai griptape 0.19.4. This affects an unknown part of the file griptapetoolscomputertool.py of the component ComputerTool. Executing a manipulation of the argument filename can lead to path traversal. It is possible to launch the attack remotely. The exploit has be...

6.5CVSS5.5AI score0.00422EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/04/05 12:0 a.m.9 views

PT-2026-30456

Name of the Vulnerable Software and Affected Versions griptape versions 0.19.4 Description A security issue exists in the FileManagerTool component of griptape. The functions load files from disk, list files from disk, save content to file, and save memory artifacts to disk are susceptible to pat...

6.5CVSS6.4AI score0.00339EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/04/05 12:0 a.m.4 views

PT-2026-30443

Name of the Vulnerable Software and Affected Versions Technostrobe HI-LED-WR120-G2 version 5.5.0.1R6.03.30 Description A security issue exists in the deletefile function of the FsBrowseClean component. Manipulation of the dir/path argument results in missing authorization. The attack can be...

9.1CVSS6.5AI score0.00544EPSS
Exploits1References8
SUSE CVE
SUSE CVE
added 2026/04/04 11:26 p.m.3 views

SUSE CVE-2026-5318

A weakness has been identified in LibRaw up to 0.22.0. This impacts the function HuffTable::initval of the file src/decompressors/losslessjpeg.cpp of the component JPEG DHT Parser. This manipulation of the argument bits causes out-of-bounds write. It is possible to initiate the attack remotely. T...

5.3CVSS5.4AI score0.00629EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2026/04/04 11:26 p.m.3 views

SUSE CVE-2026-5342

A flaw has been found in LibRaw up to 0.22.0. This affects the function LibRaw::nikonloadpaddedpackedraw of the file src/decoders/decoderslibraw.cpp of the component TIFF/NEF. Executing a manipulation of the argument loadflags/rawwidth can lead to out-of-bounds read. It is possible to launch the...

3.3CVSS5.4AI score0.00735EPSS
Exploits1References6
ATTACKERKB
ATTACKERKB
added 2026/04/04 10:15 p.m.2 views

CVE-2026-5526

A security flaw has been discovered in Tenda 4G03 Pro up to 1.0/1.1/04.03.01.53/192.168.0.1. Affected by this vulnerability is an unknown functionality of the file /bin/httpd. The manipulation results in improper access controls. The attack may be performed from remote. The exploit has been...

7.5CVSS5.5AI score0.00362EPSS
Exploits0References5Affected Software1
RedhatCVE
RedhatCVE
added 2026/04/04 5:0 p.m.5 views

CVE-2026-5472

A flaw has been found in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. The affected element is an unknown function of the file /adminpanel/settings.php of the component Profile Picture Handler. This manipulation of the argument File causes unrestrict...

6.5CVSS6.2AI score0.00201EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/04 5:0 p.m.5 views

CVE-2026-5467

A vulnerability was identified in Casdoor 2.356.0. Affected by this issue is some unknown functionality of the component OAuth Authorization Request Handler. Such manipulation of the argument redirecturi leads to open redirect. It is possible to launch the attack remotely. The exploit is publicly...

6.1CVSS5.5AI score0.00324EPSS
Exploits0References1
NCSC
NCSC
added 2026/04/04 1:49 p.m.10 views

Vulnerability fixed in Fortinet's FortiClient EMS

Fortinet has fixed a vulnerability in FortiClient EMS. The vulnerability involves improper access controls in FortiClient EMS. Unauthenticated attackers can bypass security controls by sending specially crafted requests and execute unauthorized code or commands. The vulnerability can be exploited...

9.8CVSS6AI score0.88505EPSS
Exploits8References1
Positive Technologies
Positive Technologies
added 2026/04/04 12:0 a.m.12 views

PT-2026-30387

Name of the Vulnerable Software and Affected Versions MoussaabBadla code-screenshot-mcp versions up to 0.1.0 Description A security issue exists in the HTTP Interface component of MoussaabBadla code-screenshot-mcp. This allows for os command injection, potentially enabling remote attacks. The...

6.5CVSS6.4AI score0.01455EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2026/04/04 12:0 a.m.7 views

PT-2026-30385

Name of the Vulnerable Software and Affected Versions Tenda 4G03 Pro versions 1.0 through 1.1 and 04.03.01.53 Description A security flaw exists in Tenda 4G03 Pro. The issue involves improper access controls related to an unknown functionality within the /bin/httpd file. The attack can be perform...

9.8CVSS7.1AI score0.00362EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/04/04 12:0 a.m.9 views

PT-2026-30386

A weakness has been identified in Tenda 4G03 Pro 1.0/1.0re/01.bin/04.03.01.53. Affected by this issue is some unknown functionality of the file /etc/www/pem/server.key of the component ECDSA P-256 Private Key Handler. This manipulation causes use of hard-coded cryptographic key . It is possible t...

6.9CVSS5.9AI score0.00435EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/04/04 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2026-5315

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was determined in Nothings stb up to 1.26. The affected element is the function stbttbufget8 in the library stbtruetype.h of the component TTF...

8.8CVSS5.5AI score0.00506EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2026/04/03 11:2 p.m.4 views

CVE-2026-5414

A security flaw has been discovered in Newgen OmniDocs up to 12.0.00. Affected by this issue is some unknown functionality of the file /omnidocs/WebApiRequestRedirection. The manipulation of the argument DocumentId results in improper control of resource identifiers. The attack may be performed...

6.9CVSS5.6AI score0.00315EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/03 7:45 p.m.2 views

CVE-2026-5484

A weakness has been identified in BookStackApp BookStack up to 26.03. Affected is the function chapterToMarkdown of the file app/Exports/ExportFormatter.php of the component Chapter Export Handler. Executing a manipulation of the argument pages can lead to improper access controls. It is possible...

6.9CVSS5.5AI score0.00322EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2026/04/03 7:45 p.m.18 views

CVE-2026-5484 BookStackApp BookStack Chapter Export ExportFormatter.php chapterToMarkdown access control

A weakness has been identified in BookStackApp BookStack up to 26.03. Affected is the function chapterToMarkdown of the file app/Exports/ExportFormatter.php of the component Chapter Export Handler. Executing a manipulation of the argument pages can lead to improper access controls. It is possible...

6.9CVSS0.00322EPSS
Exploits0References8
CVE
CVE
added 2026/04/03 7:45 p.m.8 views

CVE-2026-5484

Summary (CVE-2026-5484) : BookStackApp BookStack (up to 26.03) contains a vulnerability in the function chapterToMarkdown within app/Exports/ExportFormatter.php of the Chapter Export Handler . Manipulating the argument pages can bypass access controls, enabling a remote attack. The exploit is pub...

6.9CVSS5.7AI score0.00322EPSS
Exploits0References8
Rows per page
Query Builder