Lucene search
K

192414 matches found

NVD
NVD
added 2026/02/06 8:16 p.m.8 views

CVE-2026-2065

A security flaw has been discovered in Flycatcher Toys smART Pixelator 2.0. Affected by this issue is some unknown functionality of the component Bluetooth Low Energy Interface. Performing a manipulation results in missing authentication. The attack can only be performed from the local network. T...

8.8CVSS0.00549EPSS
Exploits0References5
CVE
CVE
added 2026/02/06 8:2 p.m.12 views

CVE-2026-2065

The CVE-2026-2065 entry concerns Flycatcher Toys smART Pixelator 2.0, specifically the Bluetooth Low Energy Interface. The connected documents provide concrete details: a manipulation of the BLE interface leads to missing authentication, the attack is executable from the local network, and exploi...

8.8CVSS5AI score0.00549EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2026/02/06 7:16 p.m.4 views

CVE-2026-2063

A security flaw has been discovered in D-Link DIR-823X 250416. This vulnerability affects unknown code of the file /goform/setacserver of the component Web Management Interface. The manipulation of the argument acserver results in os command injection. The attack can be launched remotely. The...

7.2CVSS5.6AI score0.04016EPSS
Exploits1References5
OSV
OSV
added 2026/02/06 7:5 p.m.6 views

CVE-2026-25752 FUXA Unauthenticated Remote Arbitrary Device Tag Write

FUXA is a web-based Process Visualization SCADA/HMI/Dashboard software. An authorization bypass vulnerability in FUXA allows an unauthenticated, remote attacker to modify device tags via WebSockets. Exploitation allows an unauthenticated, remote attacker to bypass role-based access controls and...

9.3CVSS5.5AI score0.00479EPSS
Exploits0References4
Github Security Blog
Github Security Blog
added 2026/02/06 6:10 p.m.11 views

Gogs user can update repository content with read-only permission

Vulnerability Description The endpoint PUT /repos/:owner/:repo/contents/ does not require write permissions and allows access with read permission only via repoAssignment. After passing the permission check, PutContents invokes UpdateRepoFile, which results in: Commit creation Execution of git pu...

6.5CVSS5.8AI score0.00282EPSS
Exploits0References5Affected Software1
EUVD
EUVD
added 2026/02/06 5:32 p.m.8 views

EUVD-2026-5644

A vulnerability was found in code-projects Simple Blood Donor Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /simpleblooddonor/editcampaignform.php. Performing a manipulation of the argument ID results in sql injection. It is possible to initiate the...

7.5CVSS7.1AI score0.00326EPSS
Exploits1References5
GithubExploit
GithubExploit
added 2026/02/06 5:24 p.m.199 views

Exploit for CVE-2026-25050

CVE-2026-25050 – Authentication Timing Attack This repository...

6.9CVSS5.5AI score0.00364EPSS
Exploits1
EUVD
EUVD
added 2026/02/06 4:41 p.m.7 views

EUVD-2019-19398

thejshen Globitek CMS 1.4 contains a SQL injection vulnerability that allows attackers to manipulate database queries through the 'id' GET parameter. Attackers can exploit boolean-based, time-based, and UNION-based SQL injection techniques to potentially extract or modify database information...

7.1CVSS5.7AI score0.00214EPSS
Exploits0References3
OSV
OSV
added 2026/02/06 3:57 p.m.5 views

OESA-2026-1309 python-django security update

A high-level Python Web framework that encourages rapid development and clean, pragmatic design. Security Fixes: An issue was discovered in Django versions before 6.0.2, before 5.2.11, and before 4.2.28. The django.contrib.auth.handlers.modwsgi.checkpassword function for authentication via modwsg...

8.5CVSS6.9AI score0.09436EPSS
Exploits2References7
OSV
OSV
added 2026/02/06 3:57 p.m.8 views

OESA-2026-1308 python-django security update

A high-level Python Web framework that encourages rapid development and clean, pragmatic design. Security Fixes: An issue was discovered in Django versions before 6.0.2, before 5.2.11, and before 4.2.28. The django.contrib.auth.handlers.modwsgi.checkpassword function for authentication via modwsg...

8.5CVSS6.9AI score0.09436EPSS
Exploits2References7
OSV
OSV
added 2026/02/06 3:57 p.m.6 views

OESA-2026-1307 python-django security update

A high-level Python Web framework that encourages rapid development and clean, pragmatic design. Security Fixes: An issue was discovered in Django versions before 6.0.2, before 5.2.11, and before 4.2.28. The django.contrib.auth.handlers.modwsgi.checkpassword function for authentication via modwsg...

8.5CVSS6.9AI score0.09436EPSS
Exploits2References7
NVD
NVD
added 2026/02/06 1:15 p.m.12 views

CVE-2026-2054

A security flaw has been discovered in D-Link DIR-605L and DIR-619L 2.06B01/2.13B01. Impacted is an unknown function of the component Wifi Setting Handler. Performing a manipulation results in information disclosure. The attack may be initiated remotely. The exploit has been released to the publi...

7.5CVSS0.00907EPSS
Exploits1References6
OSV
OSV
added 2026/02/06 1:15 p.m.5 views

CVE-2026-2054

A security flaw has been discovered in D-Link DIR-605L and DIR-619L 2.06B01/2.13B01. Impacted is an unknown function of the component Wifi Setting Handler. Performing a manipulation results in information disclosure. The attack may be initiated remotely. The exploit has been released to the publi...

7.5CVSS5.5AI score0.00907EPSS
Exploits1References6
Cvelist
Cvelist
added 2026/02/06 1:2 p.m.27 views

CVE-2026-2055 D-Link DIR-605L/DIR-619L DHCP Client Information information disclosure

A weakness has been identified in D-Link DIR-605L and DIR-619L 2.06B01/2.13B01. The affected element is an unknown function of the component DHCP Client Information Handler. Executing a manipulation can lead to information disclosure. The attack may be launched remotely. The exploit has been made...

6.9CVSS0.00907EPSS
Exploits1References6
CVE
CVE
added 2026/02/06 1:2 p.m.11 views

CVE-2026-2055

D-Link DIR-605L/DIR-619L routers (versions 2.06B01 and 2.13B01) contain a weakness in the DHCP Client Information Handler. Manipulation of this component can lead to information disclosure. The attack is remote, and an exploit is publicly available. These products are no longer supported by the m...

7.5CVSS5.6AI score0.00907EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2026/02/06 12:2 p.m.30 views

CVE-2026-2018 itsourcecode School Management System controller.php sql injection

A flaw has been found in itsourcecode School Management System 1.0. This affects an unknown part of the file /ramonsys/settings/controller.php. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been published and may be used...

7.5CVSS0.00326EPSS
Exploits1References5
CVE
CVE
added 2026/02/06 9:2 a.m.14 views

CVE-2026-2012

The CVE-2026-2012 vulnerability affects itsourcecode Student Management System 1.0. The flaw is a SQL injection caused by manipulation of the ID argument in /ramonsys/facultyloading/index.php, enabling remote exploitation. Public disclosures exist for the exploit. Remediation guidance across sour...

9.8CVSS7.2AI score0.00326EPSS
Exploits1References5Affected Software1
The Hacker News
The Hacker News
added 2026/02/06 8:40 a.m.9 views

Compromised dYdX npm and PyPI Packages Deliver Wallet Stealers and RAT Malware

Cybersecurity researchers have discovered a new supply chain attack in which legitimate packages on npm and the Python Package Index PyPI repository have been compromised to push malicious versions to facilitate wallet credential theft and remote code execution. The compromised versions of the tw...

6.7AI score
Exploits0
GithubExploit
GithubExploit
added 2026/02/06 7:40 a.m.140 views

davids-xss-attack-defense

XSS Attack & Defense EXPERIMENT 1: Stored XSS Attack aler...

5.2AI score
Exploits0
CVE
CVE
added 2026/02/06 7:32 a.m.11 views

CVE-2026-2009

The vulnerability CVE-2026-2009 affects SourceCodester Gas Agency Management System 1.0. It targets the file /gasmark/php_action/createUser.php, where improper access controls allow manipulation that enables unauthorized account creation. Exploitation appears remote and an exploit has been publis...

6.5CVSS6.3AI score0.00254EPSS
Exploits1References5Affected Software1
Rows per page
Query Builder