1260305 matches found
CVE-2024-23566
CVE-2024-23566 : Affects HCL Aftermarket EPC. The login/authentication mechanism is vulnerable due to lack of captcha, enabling brute-force and automated login attempts that could lead to account enumeration. CVSS 3.1 base score 6.5 (Medium): Network access, low impact to confidentiality/ integri...
CVE-2026-16016
A vulnerability was identified in poco-ai poco-claw up to 0.5.4. This issue affects the function runtask of the file executor/app/api/v1/task.py. The manipulation of the argument callbackurl leads to server-side request forgery. The attack is possible to be carried out remotely. The exploit is...
CVE-2024-23567
HCL Aftermarket EPC is affected by Sensitive Information in GET method & in URL which allows application to pass sensitive data via URL parameters during normal usage. Data passed in this manner can be exposed because it may end up stored in unintended locations, including server logs, local...
CVE-2026-13082
GD::SecurityImage versions through 1.75 for Perl use rand to generate secrets. The random method creates the challenge text used for the CAPTCHA by sampling characters from an array using Perl's built-in rand function, and generates a by default six-character string. The built-in rand function is...
CVE-2026-7488 Sensitive Data Exposure in IKAS Technologies' E-Commerce
Insertion of sensitive information into sent data vulnerability in IKAS Technology Inc. E-Commerce allows Retrieve Embedded Sensitive Data. This issue affects E-Commerce: through 03062026...
Important: Red Hat Security Advisory: kernel-rt security update
An update for kernel-rt is now available for Red Hat Enterprise Linux 7 Extended Lifecycle Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...
CVE-2026-7189
Insertion of sensitive information into sent data vulnerability in Proliz Software Ltd. Co. Proliz's OBS allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Proliz's OBS: before v3.6.0...
ROOT-APP-PYPI-CVE-2025-69223 CVE-2025-69223 in rootio-aiohttp - Patched by Root
Root has patched CVE-2025-69223 in the rootio-aiohttp package for Root:PyPI. Multiple fixed versions available...
ROOT-APP-PYPI-CVE-2025-69229 CVE-2025-69229 in rootio-aiohttp - Patched by Root
Root has patched CVE-2025-69229 in the rootio-aiohttp package for Root:PyPI. Multiple fixed versions available...
ROOT-APP-PYPI-CVE-2026-54275 CVE-2026-54275 in rootio-aiohttp - Patched by Root
Root has patched CVE-2026-54275 in the rootio-aiohttp package for Root:PyPI. Multiple fixed versions available...
CVE-2026-8396
CVE-2026-8396 is an XML external entity (XXE) vulnerability in NetGIS from Netcad Software Inc. The issue arises from an improper restriction of XML external entity references, enabling Serialized Data External Linking. Affected products/versions: NetGIS 5.0.66 through before 7.2.2 (i.e., 5.0.66 ...
CVE-2026-8396 XXE in Netcad's NetGIS
Improper restriction of XML external entity reference vulnerability in Netcad Software Inc. NetGIS allows Serialized Data External Linking. This issue affects NetGIS: from 5.0.66 before 7.2.2...
ROOT-OS-DEBIAN-11-CVE-2026-42216 CVE-2026-42216 in rootio-openexr - Patched by Root
Root has patched CVE-2026-42216 in the rootio-openexr package for Root:Debian:11. Multiple fixed versions available...
ROOT-OS-DEBIAN-11-CVE-2026-27622 CVE-2026-27622 in rootio-openexr - Patched by Root
Root has patched CVE-2026-27622 in the rootio-openexr package for Root:Debian:11. Multiple fixed versions available...
ROOT-OS-DEBIAN-13-CVE-2025-12840 CVE-2025-12840 in rootio-openexr - Patched by Root
Root has patched CVE-2025-12840 in the rootio-openexr package for Root:Debian:13. Multiple fixed versions available...
CVE-2026-16013
CVE-2026-16013 affects liftoff-sr CIPster; vulnerable is the function CipAppPath::deserialize_symbolic in source/src/cip/cipepath.cc. The issue enables an out-of-bounds read and may be exploitable remotely. Public disclosure of the exploit is noted. There are no version details due to the rolling...
CVE-2026-16013 liftoff-sr CIPster cipepath.cc deserialize_symbolic out-of-bounds
A vulnerability has been found in liftoff-sr CIPster up to 632336d414ef708a542377c1aa8d6fdb7c70a760. Affected by this issue is the function CipAppPath::deserializesymbolic of the file source/src/cip/cipepath.cc. Such manipulation leads to out-of-bounds read. The attack may be launched remotely. T...
CVE-2026-59695
Improper Validation of Specified Quantity in Input in ZenHive mpp allows an unauthenticated remote client to drain the fee-payer wallet in a single request by naming an arbitrarily high gas price. When the mpp Elixir library is configured as fee payer feepayer: true,...
CVE-2026-16009
The provided Connected documents identify CVE-2026-16009 in itsourcecode Hospital Management System 1.0. Affected is an unknown function in /prescriptionorderdetail.php where manipulating the delid argument invokes SQL injection. The vulnerability can be exploited remotely, and public exploits ar...
CVE-2023-46849
creationtimestamp| type| source ---|---|--- 2026-07-17 11:00:06+00:00| seen| https://t.me/cyberwarehouse/177 2026-07-18 00:00:28+00:00| seen| https://t.me/cyberwarehouse/177...