41225 matches found
CVE-2026-5316 Nothings stb stb_vorbis.c setup_free allocation of resources
A vulnerability was identified in Nothings stb up to 1.22. The impacted element is the function setupfree of the file stbvorbis.c. The manipulation leads to allocation of resources. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. The vendor...
CVE-2026-5316 Nothings stb stb_vorbis.c setup_free allocation of resources
A vulnerability was identified in Nothings stb up to 1.22. The impacted element is the function setupfree of the file stbvorbis.c. The manipulation leads to allocation of resources. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. The vendor...
CVE-2026-5316
A vulnerability was identified in Nothings stb up to 1.22. The impacted element is the function setupfree of the file stbvorbis.c. The manipulation leads to allocation of resources. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. The vendor...
PT-2026-29745
A weakness has been identified in itsourcecode Online Enrollment System 1.0. Impacted is an unknown function of the file /enrollment/index.php?view=edit&id=3 of the component Parameter Handler. This manipulation of the argument deptid causes sql injection. The attack is possible to be carried out...
PT-2026-29791
A security flaw has been discovered in Trendnet TEW-657BRM 1.00.1. The impacted element is the function update pcdb of the file /setup.cgi. The manipulation of the argument mac pc dba results in stack-based buffer overflow. The attack can be launched remotely. The exploit has been released to the...
PT-2026-29733
A vulnerability was found in SourceCodester/mayuri k Best Courier Management System 1.0. Affected by this issue is some unknown functionality of the file /ajax.php?action=delete user of the component User Delete Handler. Performing a manipulation of the argument ID results in improper access...
PT-2026-29680
A flaw has been found in vanna-ai vanna up to 2.0.2. Affected by this issue is some unknown functionality of the component FastAPI/Flask Server. Executing a manipulation can lead to permissive cross-domain policy with untrusted domains. The attack can be launched remotely. The exploit has been...
PT-2026-29678
A security vulnerability has been detected in itsourcecode Payroll Management System up to 1.0. Affected is an unknown function of the file /navbar.php. Such manipulation of the argument page leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclos...
PT-2026-29749
Name of the Vulnerable Software and Affected Versions LibRaw versions up to 0.22.0 Description A flaw exists in LibRaw up to version 0.22.0 within the LibRaw::nikon load padded packed raw function located in the src/decoders/decoders libraw.cpp file, related to the TIFF/NEF component. Manipulatio...
PT-2026-29748
A vulnerability was detected in Tenda G103 1.0.0.5. The impacted element is the function action set net settings of the file gpon.lua of the component Setting Handler. Performing a manipulation of the argument...
PT-2026-29679
Name of the Vulnerable Software and Affected Versions vanna-ai vanna versions up to 2.0.2 Description A security issue exists in vanna-ai vanna, specifically within the Chat API Endpoint component. A manipulation of the /api/vanna/v2/ file results in missing authentication. This can be exploited...
PT-2026-29715
A vulnerability was found in Cesanta Mongoose up to 7.20. This impacts the function handle mdns record of the file mongoose.c of the component mDNS Record Handler. Performing a manipulation of the argument buf results in stack-based buffer overflow. Remote exploitation of the attack is possible. ...
PT-2026-29739
A vulnerability was identified in Xiaopi Panel 1.0.0. This vulnerability affects unknown code of the file /demo.php of the component WAF Firewall. The manipulation of the argument param leads to cross site scripting. Remote exploitation of the attack is possible. The exploit is publicly available...
PT-2026-29674
Name of the Vulnerable Software and Affected Versions Nothings stb versions up to 1.22 Description A security flaw exists in Nothings stb, specifically within the start decoder function of the stb vorbis.c file. This flaw results in an out-of-bounds write, and can be exploited remotely. The explo...
PT-2026-29787
A vulnerability was determined in huimeicloud hm editor up to 2.2.3. Impacted is the function client.get of the file src/mcp-server.js of the component image-to-base64 Endpoint. Executing a manipulation of the argument url can lead to server-side request forgery. It is possible to launch the atta...
PT-2026-29734
A vulnerability was determined in OpenCart 4.1.0.3. This affects an unknown part of the file installer.php of the component Extension Installer Page. Executing a manipulation can lead to path traversal. The attack may be launched remotely. The exploit has been publicly disclosed and may be...
PT-2026-29790
A vulnerability was identified in Trendnet TEW-657BRM 1.00.1. The affected element is the function add apcdb of the file /setup.cgi. The manipulation of the argument mac pc dba leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit is publicly available and might ...
PT-2026-29692
A vulnerability has been found in Cesanta Mongoose up to 7.20. This affects the function mg tls recv cert of the file mongoose.c of the component TLS 1.3 Handler. Such manipulation of the argument pubkey leads to heap-based buffer overflow. The attack may be launched remotely. The exploit has bee...
CVE-2026-5314
A vulnerability was found in Nothings stb up to 1.26. Impacted is the function stbttInitFontinternal in the library stbtruetype.h of the component TTF File Handler. Performing a manipulation results in out-of-bounds read. Remote exploitation of the attack is possible. The exploit has been made...
CVE-2026-5315
A vulnerability was determined in Nothings stb up to 1.26. The affected element is the function stbttbufget8 in the library stbtruetype.h of the component TTF File Handler. Executing a manipulation can lead to out-of-bounds read. The attack can be executed remotely. The exploit has been publicly...