18993 matches found
CVE-2026-3287
A security flaw has been discovered in youlaitech youlai-mall 2.0.0. This affects the function listPagedSpuForApp of the file mall-pms/pms-boot/src/main/java/com/youlai/mall/pms/controller/app/SpuController.java of the component App-side Product Pagination Endpoint. Performing a manipulation of t...
CVE-2026-3286
A vulnerability was identified in itwanger paicoding 1.0.0/1.0.1/1.0.2/1.0.3. The impacted element is the function Save of the file paicoding-web/src/main/java/com/github/paicoding/forum/web/common/image/rest/ImageRestController.java of the component Image Save Endpoint. Such manipulation of the...
CVE-2026-26682
An issue in fastCMS before v.0.1.6 allows a local attacker to execute arbitrary code via the PluginController.java component...
CVE-2026-3287
CVE-2026-3287 affects youlaitech youlai-mall 2.0.0, specifically the App-side Product Pagination Endpoint: SpuController.java, listPagedSpuForApp. The vulnerability arises from manipulating the sortField/sort parameters, enabling SQL injection. This is described as remotely exploitable with a pub...
CVE-2026-3286
The CVE-2026-3286 entry concerns itwanger paicoding 1.0.0/1.0.1/1.0.2/1.0.3. The vulnerable component is the Image Save Endpoint, specifically the Save function in paicoding-web/src/main/java/com/github/paicoding/forum/web/common/image/rest/ImageRestController.java. The issue arises from manipula...
CVE-2026-3286 itwanger paicoding Image Save Endpoint ImageRestController.java save server-side request forgery
A vulnerability was identified in itwanger paicoding 1.0.0/1.0.1/1.0.2/1.0.3. The impacted element is the function Save of the file paicoding-web/src/main/java/com/github/paicoding/forum/web/common/image/rest/ImageRestController.java of the component Image Save Endpoint. Such manipulation of the...
CVE-2026-3286 itwanger paicoding Image Save Endpoint ImageRestController.java save server-side request forgery
A vulnerability was identified in itwanger paicoding 1.0.0/1.0.1/1.0.2/1.0.3. The impacted element is the function Save of the file paicoding-web/src/main/java/com/github/paicoding/forum/web/common/image/rest/ImageRestController.java of the component Image Save Endpoint. Such manipulation of the...
Improper Resource Shutdown or Release
Overview Affected versions of this package are vulnerable to Improper Resource Shutdown or Release in the handleRequestInternal function of the Session Handler component. An attacker can cause a service disruption by sending specially crafted requests remotely. Remediation There is no fixed versi...
CVE-2025-67860
A vulnerability has been identified in the NeuVector scanner where the scanner process accepts registry and controller credentials as command-line arguments, potentially exposing sensitive credentials to local users...
EUVD-2026-8941
A flaw has been found in psi-probe PSI Probe up to 5.3.0. The impacted element is the function handleRequestInternal of the file psi-probe-core/src/main/java/psiprobe/controllers/sessions/ExpireSessionsController.java of the component Session Handler. Executing a manipulation can lead to denial o...
PSI Probe: Broken access control can lead to DoS
A flaw has been found in psi-probe PSI Probe up to 5.3.0. The impacted element is the function handleRequestInternal of the file psi-probe-core/src/main/java/psiprobe/controllers/sessions/ExpireSessionsController.java of the component Session Handler. Executing a manipulation can lead to denial o...
GHSA-RX6W-2W6H-R346 PSI Probe: Broken access control can lead to DoS
A flaw has been found in psi-probe PSI Probe up to 5.3.0. The impacted element is the function handleRequestInternal of the file psi-probe-core/src/main/java/psiprobe/controllers/sessions/ExpireSessionsController.java of the component Session Handler. Executing a manipulation can lead to denial o...
CVE-2026-3269
A flaw has been found in psi-probe PSI Probe up to 5.3.0. The impacted element is the function handleRequestInternal of the file psi-probe-core/src/main/java/psiprobe/controllers/sessions/ExpireSessionsController.java of the component Session Handler. Executing a manipulation can lead to denial o...
CVE-2026-3269
A flaw has been found in psi-probe PSI Probe up to 5.3.0. The impacted element is the function handleRequestInternal of the file psi-probe-core/src/main/java/psiprobe/controllers/sessions/ExpireSessionsController.java of the component Session Handler. Executing a manipulation can lead to denial o...
PT-2026-22312
Name of the Vulnerable Software and Affected Versions rubyipmi affected versions not specified Description A flaw exists in rubyipmi, a gem used in the Baseboard Management Controller BMC component of Red Hat Satellite. An authenticated attacker possessing host creation or update permissions can...
PT-2026-22411
Name of the Vulnerable Software and Affected Versions WeGIA versions prior to 3.6.5 Description WeGIA is a web manager for charitable institutions. Prior to version 3.6.5, the adicionar tipo docs atendido.php script does not utilize the project’s central controller and lacks appropriate...
CVE-2026-3269 psi-probe PSI Probe Session ExpireSessionsController.java handleRequestInternal denial of service
A flaw has been found in psi-probe PSI Probe up to 5.3.0. The impacted element is the function handleRequestInternal of the file psi-probe-core/src/main/java/psiprobe/controllers/sessions/ExpireSessionsController.java of the component Session Handler. Executing a manipulation can lead to denial o...
CVE-2026-3269
PSI Probe
CVE-2026-3268 psi-probe PSI Probe Session Attribute RemoveSessAttributeController.java access control
A vulnerability was detected in psi-probe PSI Probe up to 5.3.0. The affected element is an unknown function of the file psi-probe-core/src/main/java/psiprobe/controllers/sessions/RemoveSessAttributeController.java of the component Session Attribute Handler. Performing a manipulation results in...
EUVD-2026-8915
Manyfold is an open source, self-hosted web application for managing a collection of 3d models, particularly focused on 3d printing. Prior to version 0.133.1, the getmodel method in ModelFilesController line 158-160 loads models using Model.findparamparams:modelid without policyscope, bypassing...