217 matches found
EUVD-2026-1940
Stored Cross-Site Scripting XSS vulnerability in WorkDo's eCommerceGo SaaS, consisting of a lack of proper validation of user input by sending a POST request to ‘/store-ticket’, using the ‘subject’ and ‘description’ parameters...
EUVD-2026-1900
A flaw has been found in Flycatcher Toys smART Sketcher up to 2.0. This affects an unknown part of the component Bluetooth Low Energy Interface. This manipulation causes missing authentication. The attack can only be done within the local network. The exploit has been published and may be used. T...
EUVD-2026-1709
A vulnerability was determined in guchengwuyue yshopmall up to 1.9.1. Affected is the function getPage of the file /api/jobs. This manipulation of the argument sort causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized. The project...
EUVD-2026-1807
Not used...
EUVD-2026-1563
An Improper Neutralization of Argument Delimiters in a Command 'Argument Injection' vulnerability allows local users ton perform arbitrary unmounts via smb4k mount helper...
EUVD-2026-1587
Not used...
EUVD-2026-1453
KAYSUS KS-WR3600 routers with firmware 1.0.5.9.1 mishandle configuration management. Once any user is logged in and maintains an active session, an attacker can directly query the backup endpoint and download a full configuration archive. This archive contains sensitive files such as /etc/shadow,...
EUVD-2026-1242
EUVD-2026-1242...
EUVD-2026-1204
OpenAirInterface CN5G AMF=v2.1.9 has a buffer overflow vulnerability in processing NAS messages. Unauthorized remote attackers can launch a denial-of-service attack and potentially execute malicious code by accessing port N1 and sending an imsi string longer than 1000 to AMF...
EUVD-2026-0994
Missing Authorization vulnerability in Tickera Tickera tickera-event-ticketing-system allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Tickera: from n/a through = 3.5.6.4...
EUVD-2026-1024
iDS6 DSSPro Digital Signage System 6.2 contains a sensitive information disclosure vulnerability that allows remote attackers to intercept authentication credentials through cleartext cookie transmission. Attackers can exploit the autoSave feature to capture user passwords during man-in-the-middl...
EUVD-2026-1001
Sony BRAVIA Digital Signage 1.7.8 contains a remote file inclusion vulnerability that allows attackers to inject arbitrary client-side scripts through the content material URL parameter. Attackers can exploit this vulnerability to hijack user sessions, execute cross-site scripting code, and modif...
EUVD-2026-0912
A vulnerability was found in bg5sbk MiniCMS up to 1.8. The impacted element is an unknown function of the file /minicms/mc-admin/post.php of the component Trash File Restore Handler. Performing a manipulation results in improper authentication. It is possible to initiate the attack remotely. The...
EUVD-2026-0789
EUVD-2026-0789...
EUVD-2026-0051
This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure...
EUVD-2026-0183
This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure...
EUVD-2026-0203
This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure...
EUVD-2026-0239
This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure...
EUVD-2026-0300
This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure...
EUVD-2026-0302
This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure...