Lucene search
K

192484 matches found

Cvelist
Cvelist
added 2026/02/06 12:2 p.m.30 views

CVE-2026-2018 itsourcecode School Management System controller.php sql injection

A flaw has been found in itsourcecode School Management System 1.0. This affects an unknown part of the file /ramonsys/settings/controller.php. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been published and may be used...

7.5CVSS0.00326EPSS
Exploits1References5
CVE
CVE
added 2026/02/06 9:2 a.m.14 views

CVE-2026-2012

The CVE-2026-2012 vulnerability affects itsourcecode Student Management System 1.0. The flaw is a SQL injection caused by manipulation of the ID argument in /ramonsys/facultyloading/index.php, enabling remote exploitation. Public disclosures exist for the exploit. Remediation guidance across sour...

9.8CVSS7.2AI score0.00326EPSS
Exploits1References5Affected Software1
The Hacker News
The Hacker News
added 2026/02/06 8:40 a.m.9 views

Compromised dYdX npm and PyPI Packages Deliver Wallet Stealers and RAT Malware

Cybersecurity researchers have discovered a new supply chain attack in which legitimate packages on npm and the Python Package Index PyPI repository have been compromised to push malicious versions to facilitate wallet credential theft and remote code execution. The compromised versions of the tw...

6.7AI score
Exploits0
GithubExploit
GithubExploit
added 2026/02/06 7:40 a.m.141 views

davids-xss-attack-defense

XSS Attack & Defense EXPERIMENT 1: Stored XSS Attack aler...

5.2AI score
Exploits0
CVE
CVE
added 2026/02/06 7:32 a.m.11 views

CVE-2026-2009

The vulnerability CVE-2026-2009 affects SourceCodester Gas Agency Management System 1.0. It targets the file /gasmark/php_action/createUser.php, where improper access controls allow manipulation that enables unauthorized account creation. Exploitation appears remote and an exploit has been publis...

6.5CVSS6.3AI score0.00254EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2026/02/06 6:15 a.m.10 views

CVE-2026-1991

A vulnerability was detected in libuvc up to 0.0.7. Affected is the function uvcscanstreaming of the file src/device.c of the component UVC Descriptor Handler. The manipulation results in null pointer dereference. The attack needs to be approached locally. The exploit is now public and may be use...

5.5CVSS0.0018EPSS
Exploits1References6
ATTACKERKB
ATTACKERKB
added 2026/02/06 6:2 a.m.5 views

CVE-2026-1998

A flaw has been found in micropython up to 1.27.0. This vulnerability affects the function mpimportall of the file py/runtime.c. This manipulation causes memory corruption. The attack needs to be launched locally. The exploit has been published and may be used. Patch name:...

4.8CVSS4.9AI score0.00203EPSS
Exploits1References8
EUVD
EUVD
added 2026/02/06 5:32 a.m.7 views

EUVD-2026-5585

A vulnerability was detected in libuvc up to 0.0.7. Affected is the function uvcscanstreaming of the file src/device.c of the component UVC Descriptor Handler. The manipulation results in null pointer dereference. The attack needs to be approached locally. The exploit is now public and may be use...

4.8CVSS4.4AI score0.0018EPSS
Exploits1References6
ATTACKERKB
ATTACKERKB
added 2026/02/06 5:32 a.m.8 views

CVE-2026-1991

A vulnerability was detected in libuvc up to 0.0.7. Affected is the function uvcscanstreaming of the file src/device.c of the component UVC Descriptor Handler. The manipulation results in null pointer dereference. The attack needs to be approached locally. The exploit is now public and may be use...

4.8CVSS4.9AI score0.0018EPSS
Exploits1References6
Snyk
Snyk
added 2026/02/06 2:47 a.m.7 views

Improper Resource Shutdown or Release

Overview Affected versions of this package are vulnerable to Improper Resource Shutdown or Release via the ResolveNodeIdToIp function in the SMF component. An attacker can cause a service disruption by sending specially crafted requests remotely. Remediation Upgrade...

7.5CVSS6.1AI score0.00499EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/02/06 2:32 a.m.4 views

CVE-2026-1975 Free5GC pfcp_reports.go identityTriggerType null pointer dereference

A security flaw has been discovered in Free5GC up to 4.1.0. This impacts the function identityTriggerType of the file pfcpreports.go. The manipulation results in null pointer dereference. The attack can be executed remotely. The exploit has been released to the public and may be used for attacks...

6.9CVSS5.1AI score0.00526EPSS
Exploits1References7
RedhatCVE
RedhatCVE
added 2026/02/06 1:26 a.m.6 views

CVE-2026-1892

A security vulnerability has been detected in WeKan up to 8.20. This affects the function setBoardOrgs of the file models/boards.js of the component REST API. Such manipulation of the argument item.cardId/item.checklistId/card.boardId leads to improper authorization. The attack may be launched...

5CVSS5AI score0.00241EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/06 1:25 a.m.7 views

CVE-2025-68643

Axigen Mail Server before 10.5.57 allows stored Cross-Site Scripting XSS in the handling of the timeFormat account preference parameter. Attackers can exploit this by deploying a multi-stage attack. In the first stage, a malicious JavaScript payload is injected into the timeFormat preference by...

5.4CVSS5.4AI score0.00177EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/06 1:25 a.m.6 views

CVE-2026-1884

A weakness has been identified in ZenTao up to 21.7.6-85642. The impacted element is the function fetchHook of the file module/webhook/model.php of the component Webhook Module. This manipulation causes server-side request forgery. The attack may be initiated remotely. The exploit has been made...

5.8CVSS4.9AI score0.00381EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/02/06 1:25 a.m.6 views

CVE-2023-38010

IBM Cloud Pak System displays sensitive information in user messages that could aid in further attacks against the system...

7.5CVSS5.2AI score0.00292EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/06 1:25 a.m.6 views

CVE-2026-1897

A vulnerability was found in WeKan up to 8.20. Affected by this issue is some unknown functionality of the file server/methods/positionHistory.js of the component Position-History Tracking. The manipulation results in missing authorization. The attack may be performed from remote. Upgrading to...

5.3CVSS4.6AI score0.003EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/06 1:25 a.m.6 views

CVE-2026-1898

A vulnerability was determined in WeKan up to 8.20. This affects an unknown part of the file packages/wekan-ldap/server/syncUser.js of the component LDAP User Sync. This manipulation causes improper access controls. It is possible to initiate the attack remotely. Upgrading to version 8.21 is able...

6.5CVSS6.1AI score0.00266EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/06 1:2 a.m.31 views

CVE-2026-1972 Edimax BR-6208AC auth_check_userpass2 default credentials

A vulnerability was found in Edimax BR-6208AC 21.02. The affected element is the function authcheckuserpass2. Performing a manipulation of the argument Username/Password results in use of default credentials. The attack may be initiated remotely. The exploit has been made public and could be used...

6.9CVSS0.00598EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/02/06 12:0 a.m.4 views

Atlassian Jira Service Management Data Center and Server 10.3.0 < 10.3.13 / 11.0.x < 11.2.1 / 11.3.0 (JSDSERVER-16480)

The version of Atlassian Jira Service Management Data Center and Server Jira Service Desk running on the remote host is affected by a vulnerability as referenced in the JSDSERVER-16480 advisory. - Axios is a promise based HTTP client for the browser and Node.js. When Axios prior to versions 0.30....

7.5CVSS5.9AI score0.01099EPSS
Exploits1References2
Packet Storm News
Packet Storm News
added 2026/02/06 12:0 a.m.6 views

Next-Generation Cyberattack Detection with Large Language Models: Anomaly Analysis across Heterogeneous Logs

This project explores large language models LLMs for anomaly detection across heterogeneous log sources. Traditional intrusion detection systems suffer from high false positive rates, semantic blindness, and data scarcity, as logs are inherently sensitive, making clean datasets rare. We address...

5.5AI score
Exploits0
Rows per page
Query Builder