530 matches found
CVE-2026-56667
ZITADEL is an open source identity management platform. Prior to 4.15.3, ZITADEL Login V2 OIDC and SAML FailedPrecondition error paths return loginSettings.defaultRedirectUri to router.push without applying the isSafeRedirectUri check, allowing an organization or instance administrator to store a...
CVE-2026-56668 ZITADEL: Unauthorized Token Privilege Escalation in OAuth2 Token Exchange
ZITADEL is an open source identity management platform. Prior to 4.15.3, ZITADEL's OAuth2 Token Exchange endpoint for urn:ietf:params:oauth:grant-type:token-exchange does not verify that the subject token belongs to the requesting client or that requested scopes remain within the original token's...
CVE-2026-56664
ZITADEL’s external JWT Identity Provider validation (internal/idp/providers/jwt/session.go) did not enforce maximum token age (missing iat) in tokens, allowing arbitrarily old tokens from a trusted issuer to pass authentication. Affected: ZITADEL core platform; vulnerable code path in the JWT IdP...
EUVD-2026-42537
The User Frontend: AI Powered Frontend Posting, User Directory, Profile, Membership & User Registration plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 4.3.7. This is due to the plugin not properly verifying that a user is authorized to perform an...
CVE-2025-15668
A vulnerability was identified in GPAC up to b40ce70f5. This issue affects the function sgpddelentry of the file src/isomedia/boxcodebase.c of the component MP4Box. Such manipulation of the argument data leads to heap-based buffer overflow. Local access is required to approach this attack. The...
CVE-2025-15668
GPAC MP4Box contains a heap-based overflow in sgpd_del_entry (src/isomedia/box_code_base.c). Local access is required. The exploit is publicly available; a patch is identified as f29f955f2a3b5e8e507caad3e52319f961bf37bf. Affected version range is GPAC up to b40ce70f5. Remediation is to apply the ...
CVE-2025-15668 GPAC MP4Box box_code_base.c sgpd_del_entry heap-based overflow
A vulnerability was identified in GPAC up to b40ce70f5. This issue affects the function sgpddelentry of the file src/isomedia/boxcodebase.c of the component MP4Box. Such manipulation of the argument data leads to heap-based buffer overflow. Local access is required to approach this attack. The...
PT-2026-52327
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the network PHY subsystem where the sfp bus del upstream function is not called during a probe failure path. This results in the sfp-bus retaining a dangling upstream...
CVE-2026-52949
In the Linux kernel, the following vulnerability has been resolved: drm/ttm: Fix ttmboshrink infinite LRU walk on backup failure Apply the same fix as b2ed01e7ad "drm/ttm: Fix ttmboswapout infinite LRU walk on swapout failure" to the ttmboshrink path. Move delbulkmove from before the backup to...
CVE-2026-52949
In CVE-2026-52949, the Linux kernel DRM/TTM component ttm_bo_shrink() was fixed to prevent an infinite LRU walk on backup failure. The patch mirrors the prior ttm_bo_swapout() fix: move del_bulk_move from before the backup to after success, and switch to using ttm_resource_del_bulk_move_unevictab...
PT-2026-51843
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the drm/ttm component where a backup failure can lead to an infinite LRU Least Recently Used walk within the ttm bo shrink function. This occurs because the del bulk...
CVE-2026-36800
Shenzhen Tenda Technology Co., Ltd Tenda G0 v15.11.0.5 was discovered to contain a buffer overflow in the IPMacBindIndex parameter of the formIPMacBindDel function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted HTTP request...
CVE-2026-11533
A security vulnerability has been detected in imvks786 studentmanagementsystem up to 9599b560ad3c3b83e75d328b76bedcd489ef1f46. Affected by this vulnerability is an unknown functionality of the file /see.php of the component Student Deletion Endpoint. The manipulation of the argument del leads to...
EUVD-2026-35414
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: use listdelrcu for netlink hooks nftnetdevunregisterhooks and nftunregisterflowtablenethooks need to use listdelrcu, this list can be walked by concurrent dumpers. Add a new helper and use it consistently...
PT-2026-47761
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the netfilter nf tables component where the functions nft netdev unregister hooks and nft unregister flowtable net hooks fail to use list del rcu. This is problematic...
CVE-2026-11533
A security vulnerability has been detected in imvks786 studentmanagementsystem up to 9599b560ad3c3b83e75d328b76bedcd489ef1f46. Affected by this vulnerability is an unknown functionality of the file /see.php of the component Student Deletion Endpoint. The manipulation of the argument del leads to...
EUVD-2026-35130
A security vulnerability has been detected in imvks786 studentmanagementsystem up to 9599b560ad3c3b83e75d328b76bedcd489ef1f46. Affected by this vulnerability is an unknown functionality of the file /see.php of the component Student Deletion Endpoint. The manipulation of the argument del leads to...
CVE-2026-11533
A security vulnerability has been detected in imvks786 studentmanagementsystem up to 9599b560ad3c3b83e75d328b76bedcd489ef1f46. Affected by this vulnerability is an unknown functionality of the file /see.php of the component Student Deletion Endpoint. The manipulation of the argument del leads to...
CVE-2026-11533
The CVE-2026-11533 entry concerns imvks786 student_management_system (up to commit 9599b560ad3c3b83e75d328b76bedcd489ef1f46). A vulnerability in the file /see.php of the Student Deletion Endpoint allows manipulation of the del parameter to bypass authorization, with remote exploitation possible. ...
CVE-2026-11533 imvks786 student_management_system Student Deletion Endpoint see.php improper authorization
A security vulnerability has been detected in imvks786 studentmanagementsystem up to 9599b560ad3c3b83e75d328b76bedcd489ef1f46. Affected by this vulnerability is an unknown functionality of the file /see.php of the component Student Deletion Endpoint. The manipulation of the argument del leads to...