Lucene search
K

41225 matches found

CVE
CVE
added 2026/04/01 11:15 p.m.17 views

CVE-2026-5315

CVE-2026-5315 affects Nothings stb up to 1.26, specifically the stb_truetype.h function stbtt__buf_get8. Root cause is an out-of-bounds read caused by input manipulation, enabling remote execution as described in multiple sources. Public exploit information exists, and vendor contact occurred wit...

8.8CVSS5.5AI score0.00506EPSS
Exploits1References4Affected Software1
Debian CVE
Debian CVE
added 2026/04/01 11:15 p.m.4 views

CVE-2026-5315

A vulnerability was determined in Nothings stb up to 1.26. The affected element is the function stbttbufget8 in the library stbtruetype.h of the component TTF File Handler. Executing a manipulation can lead to out-of-bounds read. The attack can be executed remotely. The exploit has been publicly...

8.8CVSS4.7AI score0.00506EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2026/04/01 11:0 p.m.7 views

CVE-2026-5213

A vulnerability was determined in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. The affected element is the function...

9CVSS7.6AI score0.00715EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/04/01 10:15 p.m.22 views

CVE-2026-5314 Nothings stb TTF File stb_truetype.h stbtt_InitFont_internal out-of-bounds

A vulnerability was found in Nothings stb up to 1.26. Impacted is the function stbttInitFontinternal in the library stbtruetype.h of the component TTF File Handler. Performing a manipulation results in out-of-bounds read. Remote exploitation of the attack is possible. The exploit has been made...

5.3CVSS0.00664EPSS
Exploits1References4
Cvelist
Cvelist
added 2026/04/01 9:30 p.m.22 views

CVE-2026-5313 Nothings stb GIF Decoder stb_image.h stbi__gif_load_next denial of service

A vulnerability has been found in Nothings stb up to 2.30. This issue affects the function stbigifloadnext in the library stbimage.h of the component GIF Decoder. Such manipulation leads to denial of service. The attack may be launched remotely. The exploit has been disclosed to the public and ma...

5.3CVSS0.00286EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/04/01 9:30 p.m.1 views

CVE-2026-5313 Nothings stb GIF Decoder stb_image.h stbi__gif_load_next denial of service

A vulnerability has been found in Nothings stb up to 2.30. This issue affects the function stbigifloadnext in the library stbimage.h of the component GIF Decoder. Such manipulation leads to denial of service. The attack may be launched remotely. The exploit has been disclosed to the public and ma...

5.3CVSS5.3AI score0.00286EPSS
Exploits0References3
NVD
NVD
added 2026/04/01 9:17 p.m.11 views

CVE-2026-5312

A weakness has been identified in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. Affected by this vulnerability is the...

6.9CVSS0.0054EPSS
Exploits1References7
Cvelist
Cvelist
added 2026/04/01 8:30 p.m.18 views

CVE-2026-5312 D-Link DNS-1550-04 dsk_mgr.cgi Get_current_raidtype access control

A weakness has been identified in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. Affected by this vulnerability is the...

6.9CVSS0.0054EPSS
Exploits1References7
ATTACKERKB
ATTACKERKB
added 2026/04/01 8:30 p.m.5 views

CVE-2026-5312

A weakness has been identified in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. Affected by this vulnerability is the...

6.9CVSS5.6AI score0.0054EPSS
Exploits1References7Affected Software20
CVE
CVE
added 2026/04/01 8:30 p.m.15 views

CVE-2026-5312

CVE-2026-5312 affects D-Link DNS-1xx NAS models (e.g., DNS-120, DNS-320/320L/320LW/321, DNS-327L, DNS-1100-4, DNS-1550-04, among others) with the dsk_mgr.cgi Get_current_raidtype path. The vulnerability concerns the functions under /cgi-bin/dsk_mgr.cgi (including Get_Volume_Mapping, Get_current_r...

6.9CVSS5.8AI score0.0054EPSS
Exploits1References7Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/01 7:45 p.m.5 views

CVE-2026-5311 D-Link DNS-1550-04 file_center.cgi Webdav_Access_List access control

A security flaw has been discovered in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. Affected is the function...

6.9CVSS5.8AI score0.00991EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2026/04/01 5:40 p.m.4 views

CVE-2026-5205

A vulnerability was identified in chatwoot up to 4.11.2. Affected by this vulnerability is the function Webhooks::Trigger in the library lib/webhooks/trigger.rb of the component Webhook API. Such manipulation of the argument url leads to server-side request forgery. The attack can be launched...

6.5CVSS6.4AI score0.00259EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/01 5:39 p.m.5 views

CVE-2026-5203

A vulnerability was found in CMS Made Simple up to 2.2.22. This impacts the function copyFilesToFolder in the library modules/UserGuide/lib/class.UserGuideImporterExporter.php of the component UserGuide Module XML Import. The manipulation results in path traversal. It is possible to launch the...

5.8CVSS5.5AI score0.00317EPSS
Exploits1References1
CVE
CVE
added 2026/04/01 4:29 p.m.7 views

CVE-2026-20097

CVE-2026-20097 affects the web-based management interface of Cisco IMC. An authenticated admin could trigger arbitrary code execution as root due to improper validation of user-supplied input, by sending crafted HTTP requests to the device. The impact is execution of code on the underlying OS as ...

6.5CVSS6.2AI score0.00549EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/01 4:28 p.m.19 views

CVE-2026-20093 Cisco Integrated Management Controller Authentication Bypass Vulnerability

A vulnerability in the change password functionality of Cisco Integrated Management Controller IMC could allow an unauthenticated, remote attacker to bypass authentication and gain access to the system as Admin. This vulnerability is due to incorrect handling of password change requests. An...

9.8CVSS0.00991EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/01 10:58 a.m.3 views

CVE-2026-5197

A vulnerability was found in code-projects Student Membership System 1.0. The affected element is an unknown function of the file /deleteuser.php. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit has been made public and could be used...

6.5CVSS6.5AI score0.00192EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/01 9:31 a.m.6 views

EUVD-2026-17826

A vulnerability was determined in AutohomeCorp frostmourne up to 1.0. The affected element is an unknown function of the file frostmourne-monitor/src/main/java/com/autohome/frostmourne/monitor/controller/AlarmController.java of the component Alarm Preview. Executing a manipulation can lead to...

6.5CVSS5.5AI score0.00201EPSS
Exploits0References5
EUVD
EUVD
added 2026/04/01 9:31 a.m.2 views

EUVD-2026-17821

A vulnerability was found in Sanster IOPaint 1.5.3. Impacted is the function getfile of the file iopaint/filemanager/filemanager.py of the component File Manager. Performing a manipulation of the argument filename results in path traversal. The attack is possible to be carried out remotely. The...

7.5CVSS6.7AI score0.00624EPSS
Exploits0References5
NVD
NVD
added 2026/04/01 9:16 a.m.26 views

CVE-2026-5261

A vulnerability was identified in Shandong Hoteam InforCenter PLM up to 8.3.8. The impacted element is the function uploadFileToIIS of the file /Base/BaseHandler.ashx. The manipulation of the argument File leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit i...

7.5CVSS0.00385EPSS
Exploits0References4
NVD
NVD
added 2026/04/01 8:16 a.m.10 views

CVE-2026-5259

A vulnerability was determined in AutohomeCorp frostmourne up to 1.0. The affected element is an unknown function of the file frostmourne-monitor/src/main/java/com/autohome/frostmourne/monitor/controller/AlarmController.java of the component Alarm Preview. Executing a manipulation can lead to...

6.5CVSS0.00201EPSS
Exploits0References4
Rows per page
Query Builder