CVE-2026-8138 Tenda CX12L SetPptpServerCfg” formSetPPTPServer stack-based overflow

A vulnerability was found in Tenda CX12L 16.03.53.12. This issue affects the function formSetPPTPServer of the file /goform/SetPptpServerCfg”. The manipulation results in stack-based buffer overflow. The attack can be executed remotely. The exploit has been made public and could be used...

CVE-2026-4463

Heap buffer overflow in WebRTC in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

EUVD-2024-51316

Malicious code in bioql PyPI...

ROS-20250729-05

A vulnerability in the JSSE component of the Oracle Java SE software platform, Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition virtual machines is associated with access control errors. JDK and Oracle GraalVM Enterprise Edition virtual machines is related to access control errors...

PT-2025-27349 · Code Projects · Code-Projects Simple Forum

Name of the Vulnerable Software and Affected Versions: code-projects Simple Forum version 1.0 Description: A critical issue was found in the code, affecting the /forum edit.php file. The manipulation of the iii argument leads to SQL injection. This issue can be exploited remotely. Recommendations...

CVE-2024-49361

ACON is a widely-used library of tools for machine learning that focuses on adaptive correlation optimization. A potential vulnerability has been identified in the input validation process, which could lead to arbitrary code execution if exploited. This issue could allow an attacker to submit...

CVE-2021-39805

In l2cbleprocesssigcmd of l2cble.cc, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure through Bluetooth with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

PT-2025-21879 · Unknown · Phpgurukul Zoo Management System

Name of the Vulnerable Software and Affected Versions: PHPGurukul Zoo Management System version 2.1 Description: A critical issue has been found in the PHPGurukul Zoo Management System, affecting the processing of the file /admin/edit-animal-details.php. The manipulation of the aname argument lea...

PT-2025-21573 · Sourcecodester · Sourcecodester Student Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Student Result Management System version 1.0 Description: A critical issue was found in the system, affecting the file academic/core/drop student.php. The manipulation of the img argument leads to path traversal. This issue can...

CVE-2025-3974

A vulnerability has been found in PHPGurukul COVID19 Testing Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /edit-phlebotomist.php?pid=11. The manipulation of the argument mobilenumber leads to sql injection. The attack can be initiated...

PT-2025-17999 · Unknown · Phpgurukul Covid19 Testing Management System

Name of the Vulnerable Software and Affected Versions: PHPGurukul COVID19 Testing Management System version 1.0 Description: A critical vulnerability has been found in the PHPGurukul COVID19 Testing Management System. The issue affects some unknown functionality of the file...

PT-2025-11549 · Unknown · Code-Projects Online Class/Exam Scheduling System

Name of the Vulnerable Software and Affected Versions: code-projects Online Class and Exam Scheduling System version 1.0 Description: A critical issue has been found in the system, affecting the processing of the file /pages/activate.php. The manipulation of the id argument leads to SQL injection...

PT-2025-10750 · Mrcms · Mrcms

Name of the Vulnerable Software and Affected Versions: MRCMS version 3.1.2 Description: A critical issue has been discovered that affects the delete function of the /admin/file/delete.do endpoint, specifically within the org.marker.mushroom.controller.FileController component. The manipulation of...

PT-2025-10589

Name of the Vulnerable Software and Affected Versions Open Asset Import Library Assimp version 5.4.3 Description A critical issue has been found in the Open Asset Import Library Assimp, affecting the function Assimp::BaseImporter::ConvertToUTF8 of the file BaseImporter.cpp in the File Handler...

The vulnerability of the Adobe Experience Manager (AEM) content and media data management system lies in the insufficient protection of the website structure, allowing attackers to execute arbitrary code.

The vulnerability of the Adobe Experience Manager AEM content and media data management system is related to insufficient protection of the website structure. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code remotely...

PT-2024-39453

Name of the Vulnerable Software and Affected Versions Olgu Computer Systems e-Belediye versions prior to 2.0.642 Description The issue allows external control of file name or path due to incorrect permission assignment for critical resources, enabling manipulation of web input to file system call...

PT-2024-3229 · Tenda · Tenda Ac500

Name of the Vulnerable Software and Affected Versions: Tenda AC500 version V2.0.1.91307 Description: The issue is related to a stack overflow vulnerability in the fromDhcpListClient function, which is accessible through the /goform/DhcpListClient API endpoint. This vulnerability is caused by a...

Schweitzer Engineering Laboratories SEL-411L

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 4.3 ATTENTION : Exploitable remotely/low attack complexity Vendor : Schweitzer Engineering Laboratories Equipment : SEL-411L Vulnerability : Improper Restriction of Rendered UI Layers or Frames 2. RISK EVALUATION Successful exploitation of this vulnerability...

CVE-2021-4100

Object lifecycle issue in ANGLE in Google Chrome prior to 96.0.4664.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page...

The vulnerability of the software system for managing enterprise assets in IBM Maximo Asset Management lies in the insufficient verification of incoming requests, allowing a hacker to execute an SSRF attack.

The vulnerability of the IBM Maximo Asset Management software system for managing corporate assets is related to insufficient verification of incoming requests. Exploiting this vulnerability could allow a malicious actor, operating remotely, to execute an SSRF attack...