Lucene search
K

192450 matches found

Vulnrichment
Vulnrichment
added 2026/03/08 4:2 a.m.3 views

CVE-2026-3702 SourceCodester Loan Management System index.php cross site scripting

A vulnerability was detected in SourceCodester Loan Management System 1.0. Affected by this issue is some unknown functionality of the file /index.php. Performing a manipulation of the argument page results in cross site scripting. The attack is possible to be carried out remotely. The exploit is...

5.3CVSS4.3AI score0.00305EPSS
Exploits1References5
EUVD
EUVD
added 2026/03/08 3:30 a.m.8 views

EUVD-2026-10201

A flaw has been found in Shy2593666979 AgentChat up to 2.3.0. This issue affects the function getuserinfo/updateuserinfo of the file /src/backend/agentchat/api/v1/user.py of the component User Endpoint. This manipulation of the argument userid causes improper control of resource identifiers. It i...

7.5CVSS6.7AI score0.00403EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/03/08 3:28 a.m.30 views

CVE-2026-3704 Wavlink NU516U1 Incomplete Fix CVE-2025-10959 firewall.cgi sub_405B2C command injection

A vulnerability has been found in Wavlink NU516U1 251208. This vulnerability affects the function sub405B2C of the file /cgi-bin/firewall.cgi of the component Incomplete Fix CVE-2025-10959. The manipulation leads to command injection. It is possible to initiate the attack remotely. The exploit ha...

5.8CVSS0.04461EPSS
Exploits1References6
OSV
OSV
added 2026/03/08 1:15 a.m.8 views

CVE-2026-3695

A vulnerability has been found in SourceCodester Modern Image Gallery App 1.0. Impacted is an unknown function of the file /delete.php. Such manipulation of the argument filename leads to path traversal. It is possible to launch the attack remotely. The exploit has been disclosed to the public an...

6.5CVSS5.5AI score0.00785EPSS
Exploits1References6
NVD
NVD
added 2026/03/08 1:15 a.m.7 views

CVE-2026-3693

A flaw has been found in Shy2593666979 AgentChat up to 2.3.0. This issue affects the function getuserinfo/updateuserinfo of the file /src/backend/agentchat/api/v1/user.py of the component User Endpoint. This manipulation of the argument userid causes improper control of resource identifiers. It i...

7.5CVSS0.00403EPSS
Exploits0References6
NVD
NVD
added 2026/03/08 1:15 a.m.6 views

CVE-2026-3695

A vulnerability has been found in SourceCodester Modern Image Gallery App 1.0. Impacted is an unknown function of the file /delete.php. Such manipulation of the argument filename leads to path traversal. It is possible to launch the attack remotely. The exploit has been disclosed to the public an...

6.9CVSS0.00785EPSS
Exploits1References6
CVE
CVE
added 2026/03/08 12:32 a.m.17 views

CVE-2026-3693

Shy2593666979 AgentChat (up to 2.3.0) contains a vulnerability in the User Endpoint: get_user_info/update_user_info in /src/backend/agentchat/api/v1/user.py, where manipulating the argument user_id causes improper control of resource identifiers. The issue can be exploited remotely and an exploit...

7.5CVSS6.7AI score0.00403EPSS
Exploits0References6
EUVD
EUVD
added 2026/03/08 12:31 a.m.5 views

EUVD-2026-10191

A vulnerability was determined in Freedom Factory dGEN1 up to 20260221. Affected by this issue is the function FakeAppReceiver of the component org.ethosmobile.ethoslauncher. Executing a manipulation can lead to improper authorization. The attack needs to be launched locally. The exploit has been...

5.3CVSS5.4AI score0.00103EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/03/08 12:0 a.m.7 views

PT-2026-23911

A vulnerability has been found in Wavlink NU516U1 251208. This vulnerability affects the function sub 405B2C of the file /cgi-bin/firewall.cgi of the component Incomplete Fix CVE-2025-10959. The manipulation leads to command injection. It is possible to initiate the attack remotely. The exploit h...

8.8CVSS5.9AI score0.0661EPSS
Exploits2References7
Positive Technologies
Positive Technologies
added 2026/03/08 12:0 a.m.7 views

PT-2026-23928

Name of the Vulnerable Software and Affected Versions code-projects Simple Flight Ticket Booking System version 1.0 Description A security flaw exists in code-projects Simple Flight Ticket Booking System version 1.0. The issue involves SQL injection, potentially allowing remote attackers to explo...

9.8CVSS7AI score0.0037EPSS
Exploits1References13
Positive Technologies
Positive Technologies
added 2026/03/08 12:0 a.m.5 views

PT-2026-23908

Name of the Vulnerable Software and Affected Versions UTT HiPER 810G versions through 1.7.7-171114 Description A buffer overflow issue exists in the strcpy function within the /goform/NTP file. Remote attackers can exploit this by manipulating the function, potentially leading to a compromise of...

9CVSS7.5AI score0.00655EPSS
Exploits1References15
Packet Storm News
Packet Storm News
added 2026/03/08 12:0 a.m.4 views

Learning the APT Kill Chain: Temporal Reasoning over Provenance Data for Attack Stage Estimation

Advanced Persistent Threats APTs evolve through multiple stages, each exhibiting distinct temporal and structural behaviors. Accurate stage estimation is critical for enabling adaptive cyber defense. This paper presents StageFinder, a temporal graph learning framework for multi-stage attack...

5.8AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/03/08 12:0 a.m.11 views

PT-2026-23981

A weakness has been identified in itsourcecode sanitize or validate this input 1.0. Affected is an unknown function of the file /admin/teacher-attendance.php. Executing a manipulation of the argument teacher id can lead to sql injection. The attack may be launched remotely. The exploit has been...

6.5CVSS5.8AI score0.00265EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2026/03/08 12:0 a.m.6 views

PT-2026-23915

A vulnerability was determined in mkj Dropbear up to 2025.89. Impacted is the function unpackneg of the file src/curve25519.c of the component S Range Check. This manipulation causes improper verification of cryptographic signature. The attack can be initiated remotely. The attack is considered t...

6.3CVSS5.3AI score0.00162EPSS
Exploits0References9
Packet Storm News
Packet Storm News
added 2026/03/08 12:0 a.m.2 views

Energy-Time Attack on Detectors in Quantum Key Distribution

Quantum key distribution is unbreakable in theory but may be hacked via imperfections in its hardware implementations. While many imperfections have been mitigated by countermeasures and advanced security proofs, several remain unsolved. One of these is a superlinear behaviour in single-photon...

5.8AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/03/08 12:0 a.m.8 views

PT-2026-23935

Name of the Vulnerable Software and Affected Versions itsourcecode Free Hotel Reservation System version 1.0 Description A security flaw exists in itsourcecode Free Hotel Reservation System version 1.0. The issue involves a SQL injection impacting an unknown function within the file...

9.8CVSS7AI score0.00357EPSS
Exploits1References17
EUVD
EUVD
added 2026/03/07 9:33 p.m.5 views

EUVD-2026-10187

A vulnerability was detected in Freedom Factory dGEN1 up to 20260221. Affected is an unknown function of the component com.dgen.alarm. Performing a manipulation results in improper authorization. The attack requires a local approach. The exploit is now public and may be used. The vendor was...

5.3CVSS5.5AI score0.00105EPSS
Exploits0References5
CVE
CVE
added 2026/03/07 9:32 p.m.19 views

CVE-2026-3672

JeecgBoot up to 3.9.1 contains a SQL injection flaw in isExistSqlInjectKeyword, located in /jeecg-boot/sys/api/getDictItems, allowing remote exploitation. The exploit has been disclosed publicly. No remediation details are provided in the supplied documents.

6.5CVSS5.6AI score0.00192EPSS
Exploits0References4
Snyk
Snyk
added 2026/03/07 8:3 p.m.5 views

Remote Code Execution (RCE)

Overview org.webjars.npm:simple-git is an A light weight interface for running git commands in any node.js application. Affected versions of this package are vulnerable to Remote Code Execution RCE due to an incomplete fix for CVE-2022-25912 that blocks the -c option but not the equivalent --conf...

9.8CVSS9.4AI score0.02784EPSS
Exploits2References2
NVD
NVD
added 2026/03/07 7:15 p.m.6 views

CVE-2026-3670

A vulnerability was detected in Freedom Factory dGEN1 up to 20260221. Affected is an unknown function of the component com.dgen.alarm. Performing a manipulation results in improper authorization. The attack requires a local approach. The exploit is now public and may be used. The vendor was...

5.3CVSS0.00105EPSS
Exploits0References4
Rows per page
Query Builder