Lucene search
K

41225 matches found

Vulnrichment
Vulnrichment
added 2026/04/02 12:0 a.m.0 views

CVE-2026-5316 Nothings stb stb_vorbis.c setup_free allocation of resources

A vulnerability was identified in Nothings stb up to 1.22. The impacted element is the function setupfree of the file stbvorbis.c. The manipulation leads to allocation of resources. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. The vendor...

5.3CVSS5.5AI score0.00439EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/04/02 12:0 a.m.35 views

CVE-2026-5316 Nothings stb stb_vorbis.c setup_free allocation of resources

A vulnerability was identified in Nothings stb up to 1.22. The impacted element is the function setupfree of the file stbvorbis.c. The manipulation leads to allocation of resources. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. The vendor...

5.3CVSS0.00439EPSS
Exploits1References4
Debian CVE
Debian CVE
added 2026/04/02 12:0 a.m.4 views

CVE-2026-5316

A vulnerability was identified in Nothings stb up to 1.22. The impacted element is the function setupfree of the file stbvorbis.c. The manipulation leads to allocation of resources. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. The vendor...

6.5CVSS4.6AI score0.00439EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2026/04/02 12:0 a.m.6 views

PT-2026-29745

A weakness has been identified in itsourcecode Online Enrollment System 1.0. Impacted is an unknown function of the file /enrollment/index.php?view=edit&id=3 of the component Parameter Handler. This manipulation of the argument deptid causes sql injection. The attack is possible to be carried out...

7.5CVSS6.8AI score0.00371EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/04/02 12:0 a.m.7 views

PT-2026-29791

A security flaw has been discovered in Trendnet TEW-657BRM 1.00.1. The impacted element is the function update pcdb of the file /setup.cgi. The manipulation of the argument mac pc dba results in stack-based buffer overflow. The attack can be launched remotely. The exploit has been released to the...

9CVSS7.8AI score0.00815EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2026/04/02 12:0 a.m.4 views

PT-2026-29733

A vulnerability was found in SourceCodester/mayuri k Best Courier Management System 1.0. Affected by this issue is some unknown functionality of the file /ajax.php?action=delete user of the component User Delete Handler. Performing a manipulation of the argument ID results in improper access...

6.9CVSS6.3AI score0.00314EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/04/02 12:0 a.m.5 views

PT-2026-29680

A flaw has been found in vanna-ai vanna up to 2.0.2. Affected by this issue is some unknown functionality of the component FastAPI/Flask Server. Executing a manipulation can lead to permissive cross-domain policy with untrusted domains. The attack can be launched remotely. The exploit has been...

5.3CVSS5.5AI score0.00162EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/04/02 12:0 a.m.12 views

PT-2026-29678

A security vulnerability has been detected in itsourcecode Payroll Management System up to 1.0. Affected is an unknown function of the file /navbar.php. Such manipulation of the argument page leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclos...

5.3CVSS4.2AI score0.00337EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/04/02 12:0 a.m.3 views

PT-2026-29749

Name of the Vulnerable Software and Affected Versions LibRaw versions up to 0.22.0 Description A flaw exists in LibRaw up to version 0.22.0 within the LibRaw::nikon load padded packed raw function located in the src/decoders/decoders libraw.cpp file, related to the TIFF/NEF component. Manipulatio...

6.9CVSS6AI score0.00735EPSS
Exploits1References38
Positive Technologies
Positive Technologies
added 2026/04/02 12:0 a.m.5 views

PT-2026-29748

A vulnerability was detected in Tenda G103 1.0.0.5. The impacted element is the function action set net settings of the file gpon.lua of the component Setting Handler. Performing a manipulation of the argument...

5.8CVSS5.8AI score0.05698EPSS
Exploits1References13
Positive Technologies
Positive Technologies
added 2026/04/02 12:0 a.m.8 views

PT-2026-29679

Name of the Vulnerable Software and Affected Versions vanna-ai vanna versions up to 2.0.2 Description A security issue exists in vanna-ai vanna, specifically within the Chat API Endpoint component. A manipulation of the /api/vanna/v2/ file results in missing authentication. This can be exploited...

7.5CVSS7.1AI score0.00414EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/04/02 12:0 a.m.4 views

PT-2026-29715

A vulnerability was found in Cesanta Mongoose up to 7.20. This impacts the function handle mdns record of the file mongoose.c of the component mDNS Record Handler. Performing a manipulation of the argument buf results in stack-based buffer overflow. Remote exploitation of the attack is possible. ...

6.3CVSS6.1AI score0.00716EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/04/02 12:0 a.m.6 views

PT-2026-29739

A vulnerability was identified in Xiaopi Panel 1.0.0. This vulnerability affects unknown code of the file /demo.php of the component WAF Firewall. The manipulation of the argument param leads to cross site scripting. Remote exploitation of the attack is possible. The exploit is publicly available...

5.1CVSS4.4AI score0.00194EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/04/02 12:0 a.m.4 views

PT-2026-29674

Name of the Vulnerable Software and Affected Versions Nothings stb versions up to 1.22 Description A security flaw exists in Nothings stb, specifically within the start decoder function of the stb vorbis.c file. This flaw results in an out-of-bounds write, and can be exploited remotely. The explo...

8.8CVSS6.3AI score0.00425EPSS
Exploits1References14
Positive Technologies
Positive Technologies
added 2026/04/02 12:0 a.m.5 views

PT-2026-29787

A vulnerability was determined in huimeicloud hm editor up to 2.2.3. Impacted is the function client.get of the file src/mcp-server.js of the component image-to-base64 Endpoint. Executing a manipulation of the argument url can lead to server-side request forgery. It is possible to launch the atta...

7.5CVSS6.7AI score0.00278EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/04/02 12:0 a.m.5 views

PT-2026-29734

A vulnerability was determined in OpenCart 4.1.0.3. This affects an unknown part of the file installer.php of the component Extension Installer Page. Executing a manipulation can lead to path traversal. The attack may be launched remotely. The exploit has been publicly disclosed and may be...

5.8CVSS5.5AI score0.00396EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/04/02 12:0 a.m.11 views

PT-2026-29790

A vulnerability was identified in Trendnet TEW-657BRM 1.00.1. The affected element is the function add apcdb of the file /setup.cgi. The manipulation of the argument mac pc dba leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit is publicly available and might ...

9CVSS7.8AI score0.00772EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2026/04/02 12:0 a.m.4 views

PT-2026-29692

A vulnerability has been found in Cesanta Mongoose up to 7.20. This affects the function mg tls recv cert of the file mongoose.c of the component TLS 1.3 Handler. Such manipulation of the argument pubkey leads to heap-based buffer overflow. The attack may be launched remotely. The exploit has bee...

7.5CVSS6AI score0.00727EPSS
Exploits1References7
NVD
NVD
added 2026/04/01 11:17 p.m.5 views

CVE-2026-5314

A vulnerability was found in Nothings stb up to 1.26. Impacted is the function stbttInitFontinternal in the library stbtruetype.h of the component TTF File Handler. Performing a manipulation results in out-of-bounds read. Remote exploitation of the attack is possible. The exploit has been made...

8.8CVSS0.00664EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/04/01 11:15 p.m.1 views

CVE-2026-5315

A vulnerability was determined in Nothings stb up to 1.26. The affected element is the function stbttbufget8 in the library stbtruetype.h of the component TTF File Handler. Executing a manipulation can lead to out-of-bounds read. The attack can be executed remotely. The exploit has been publicly...

5.3CVSS5.5AI score0.00506EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder