Lucene search
K

11604 matches found

OSV
OSV
added 2026/07/01 3:17 p.m.3 views

UBUNTU-CVE-2026-14324

RAOP module accepts unbounded Content-Length values and does not check the pwarrayadd return...

6.5CVSS5.8AI score0.00175EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2026/07/01 2:9 p.m.6 views

CVE-2026-14324

RAOP module accepts unbounded Content-Length values and does not check the pwarrayadd return...

6.5CVSS5.8AI score0.00175EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/07/01 2:9 p.m.5 views

CVE-2026-14324

RAOP module accepts unbounded Content-Length values and does not check the pwarrayadd return...

6.5CVSS5.8AI score0.00175EPSS
Exploits0References3
EUVD
EUVD
added 2026/07/01 2:9 p.m.8 views

EUVD-2026-41006

RAOP module accepts unbounded Content-Length values and does not check the pwarrayadd return...

6.5CVSS5.8AI score0.00175EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/07/01 2:9 p.m.7 views

CVE-2026-14324

RAOP module accepts unbounded Content-Length values and does not check the pwarrayadd return. Mitigation If AirPlay streaming is not required, unload or disable the module-raop-discover and module-raop-sink PipeWire modules...

6.5CVSS5.8AI score0.00175EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/07/01 12:0 a.m.15 views

PT-2026-54643

Name of the Vulnerable Software and Affected Versions RAOP module affected versions not specified Description The RAOP module accepts unbounded Content-Length values and fails to verify the return value of the pw array add function. This lack of validation can lead to memory management issues whe...

6.5CVSS6.1AI score0.00175EPSS
Exploits0References12
CVE
CVE
added 2026/06/30 12:57 p.m.20 views

CVE-2026-58011

CVE-2026-58011 (GLib) : A flaw in GLib’s g_date_time_get_ymd (glib/gdatetime.c) allows an out-of-bounds read of 2 bytes when an invalid GDateTime object from g_date_time_add_full is processed. This can corrupt date output and potentially cause logic errors leading to a denial of service. Exploita...

7.5CVSS5.7AI score0.00344EPSS
Exploits1References4Affected Software2
ATTACKERKB
ATTACKERKB
added 2026/06/30 11:19 a.m.5 views

CVE-2026-53691

An Unrestricted File Upload vulnerability in Redeight CMS version 1.0 allows authenticated attackers to achieve Remote Code Execution via the POST "/admin/index.php?module=pages&mode=FileAdd" endpoint. The application fails to validate file extensions and MIME types, permitting the upload of...

9.3CVSS6.1AI score0.00488EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/06/30 11:4 a.m.28 views

CVE-2026-57079

CVE-2026-57079 affects Net::BitTorrent for Perl up to version 2.0.1. The flaw arises when parsing peer-supplied metadata (BEP09 ut_metadata path) where attacker-controlled file names are passed to Storage::add_file and Storage::_parse_file_tree; Path::Tiny’s child() does not collapse "..", so a v...

5.3CVSS5.8AI score0.00282EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2026/06/30 12:0 a.m.8 views

The vulnerability of the gf_isom_add_track_kind() function in the isomedia/isom_write.c file, implemented by the MP4Box encoder for the GPAC multimedia platform, allows a malicious actor to cause service interruptions using a specially created MP4 file.

The vulnerability of the gfisomaddtrackkind function in the isomedia/isomwrite.c file, belonging to the MP4Box encoder of the GPAC multimedia platform, is related to pointer dereferencing errors. Exploiting this vulnerability could allow an attacker to cause service failures through the use of a...

7.8CVSS5.9AI score0.00352EPSS
Exploits1References7Affected Software2
OSV
OSV
added 2026/06/29 11:50 a.m.5 views

PYSEC-2026-283 ArchiveBox Vulnerable to RCE via unvalidated per-crawl config overrides in AddView

The /add/ endpoint AddView in core/views.py accepts a config JSON field that gets merged into the crawl config without validation. This config is exported as environment variables when archive plugins run, allowing injection of arbitrary tool arguments to achieve RCE. When PUBLICADDVIEW=True comm...

9.8CVSS6.4AI score0.00404EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/06/29 10:30 a.m.5 views

CVE-2026-13559

A weakness has been identified in code-projects Real State Services 1.0. Impacted is an unknown function of the file /single-listsale.php?action=add. Executing a manipulation of the argument ID can lead to sql injection. The attack can be executed remotely. The exploit has been made available to...

7.5CVSS7AI score0.00412EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2026/06/29 10:0 a.m.38 views

CVE-2026-13557 itsourcecode Online Hotel Management System POST Request controller.php add cross site scripting

A vulnerability was identified in itsourcecode Online Hotel Management System 1.0. This vulnerability affects unknown code of the file /admin/modroom/controller.php?action=add of the component POST Request Handler. Such manipulation of the argument Name leads to cross site scripting. The attack m...

5.3CVSS0.00443EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/29 10:0 a.m.8 views

EUVD-2026-40061

A vulnerability was identified in itsourcecode Online Hotel Management System 1.0. This vulnerability affects unknown code of the file /admin/modroom/controller.php?action=add of the component POST Request Handler. Such manipulation of the argument Name leads to cross site scripting. The attack m...

5.3CVSS4.2AI score0.00443EPSS
Exploits0References6
CVE
CVE
added 2026/06/29 10:0 a.m.19 views

CVE-2026-13557

The CVE-2026-13557 affects itsourcecode Online Hotel Management System 1.0. An attacker can manipulate the Name argument in the POST handler at /admin/mod_room/controller.php?action=add, triggering cross-site scripting. The vulnerability is exploitable remotely, and public exploit code appears to...

5.3CVSS4.2AI score0.00443EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/06/29 9:30 a.m.8 views

CVE-2026-13555 itsourcecode Online Hotel Management System controller.php add sql injection

A vulnerability was found in itsourcecode Online Hotel Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/modusers/controller.php?action=add. The manipulation of the argument Name results in sql injection. The attack can be launched remotely. The exploi...

7.5CVSS6.9AI score0.00412EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/29 9:30 a.m.6 views

EUVD-2026-40058

A vulnerability was found in itsourcecode Online Hotel Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/modusers/controller.php?action=add. The manipulation of the argument Name results in sql injection. The attack can be launched remotely. The exploi...

7.5CVSS6.9AI score0.00412EPSS
Exploits0References6
CVE
CVE
added 2026/06/29 9:30 a.m.26 views

CVE-2026-13555

The CVE-2026-13555 entry affects itsourcecode Online Hotel Management System 1.0. Affected component: /admin/mod_users/controller.php?action=add. Description indicates that manipulating the Name parameter yields SQL injection, exploitable remotely. Public exploit exists (proof-of-concept level). ...

7.5CVSS6.9AI score0.00412EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/06/29 9:0 a.m.7 views

CVE-2026-13553

A flaw has been found in itsourcecode Online Hotel Management System 1.0. Affected is an unknown function of the file /admin/modamenities/controller.php?action=add. Executing a manipulation of the argument image can lead to unrestricted upload. It is possible to launch the attack remotely. The...

7.5CVSS6.8AI score0.00474EPSS
Exploits0References6Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.9 views

Linux Distros Unpatched Vulnerability : CVE-2026-53081

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - bpf: Enforce regsafe base id consistency for BPFADDCONST scalars When regsafe compares two scalar registers that both carry BPFADDCONST, checkscalarids maps the...

7.8CVSS6AI score0.00116EPSS
Exploits0References3
Rows per page
Query Builder