969 matches found
EUVD-2026-16271
Stirling-PDF is a locally hosted web application that allows you to perform various operations on PDF files. In version 2.7.3, the /api/v1/convert/eml/pdf endpoint with parameter downloadHtml=true returns unsanitized HTML from the email body with Content-Type: text/html. An attacker who sends a...
PT-2026-28600
Name of the Vulnerable Software and Affected Versions Stirling-PDF versions prior to 2.8.0 Description Stirling-PDF is a locally hosted web application designed for PDF file operations. The /api/v1/convert/eml/pdf API endpoint, when used with the downloadHtml=true parameter, returns unsanitized...
CVE-2026-34053
OpenEMR prior to version 8.0.0.3 has a missing authorization issue in the AJAX deletion endpoint at interface/forms/procedure_order/handle_deletions.php. This allows any authenticated user, regardless of role, to irreversibly delete procedure orders, answers, and specimens for any patient. Versio...
CVE-2026-33934
OpenEMR is a free and open source electronic health records and medical practice management application. Versions prior to 8.0.0.3 have a missing authorization check in portal/sign/lib/show-signature.php that allows any authenticated patient portal user to retrieve the drawn signature image of an...
CVE-2026-33917
OpenEMR is a free and open source electronic health records and medical practice management application. Versions prior to 8.0.0.3 contais a SQL injection vulnerability in the ajaxsave CAMOS form that can be exploited by authenticated attackers. The vulnerability exists due to insufficient input...
EUVD-2026-16016
OpenEMR is a free and open source electronic health records and medical practice management application. Versions up to and including 8.0.0.2 contain a SQL injection vulnerability in the patient selection feature that can be exploited by authenticated attackers. The vulnerability exists due to...
EUVD-2026-15565
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Theme-one The Grid the-grid allows Stored XSS.This issue affects The Grid: from n/a through 2.8.0...
CVE-2026-33720
n8n (open source workflow automation) has a vulnerability in pre-2.8.0 where setting N8N_SKIP_AUTH_ON_OAUTH_CALLBACK=true causes the OAuth callback to skip ownership verification of the OAuth state. An attacker can trick a victim into completing an OAuth flow for a credential the attacker control...
EUVD-2025-208954
Census CSWeb 8.0.1 allows "app/config" to be reachable via HTTP in some deployments. A remote, unauthenticated attacker could send requests to configuration files and obtain leaked secrets. Fixed in 8.1.0 alpha...
CVE-2026-33548 MantisBT has Stored HTML Injection / XSS when displaying Tags in Timeline
Mantis Bug Tracker MantisBT is an open source issue tracker. In version 2.28.0, improper escaping of tag names retrieved from History in Timeline myviewpage.php allows an attacker to inject HTML and, if CSP settings permit, achieve execution of arbitrary JavaScript, when displaying a tag that has...
EUVD-2026-13641
FileRise is a self-hosted web file manager / WebDAV server. In versions prior to 3.8.0, the WebDAV upload endpoint accepts any file extension including .phtml, .php5, .htaccess, and other server-side executable types, bypassing the filename validation enforced by the regular upload path. In...
CVE-2026-33025
AVideo versions before 8.0 are affected by a SQL injection in getSqlFromPost() in Object.php, where $_POST['sort'] keys are used directly as ORDER BY identifiers. Although real_escape_string() is applied, it only escapes string-context chars and does not protect SQL identifiers. The issue is fixe...
CVE-2026-33025 AVideo-Encoder is Vulnerable to Authenticated SQL Injection via ORDER BY Clause
AVideo is a video-sharing Platform. Versions prior to 8.0 contain a SQL Injection vulnerability in the getSqlFromPost method of Object.php. The $POST'sort' array keys are used directly as SQL column identifiers inside an ORDER BY clause. Although realescapestring was applied, it only escapes...
CVE-2026-33024 AVideo-Encoder has Unauthenticated Blind Server-Side Request Forgery via Public Thumbnail Generator
AVideo is a video-sharing Platform. Versions prior to 8.0 contain a Server-Side Request Forgery vulnerability CWE-918 in the public thumbnail endpoints getImage.php and getImageMP4.php. Both endpoints accept a base64Url GET parameter, base64-decode it, and pass the resulting URL to ffmpeg as an...
CVE-2026-25745
OpenEMR is a free and open source electronic health records and medical practice management application. In versions up to and including 8.0.0, the message/note update endpoint e.g. PUT or POST updates by message/note ID only and does not verify that the message belongs to the current patient or...
Access Control Bypass
Overview Affected versions of this package are vulnerable to Access Control Bypass in the proxy module due to blindly trusting ExternalIPs/LoadBalancer IPs. An attacker can redirect cluster-wide network traffic or disrupt DNS services by assigning arbitrary external IPs or loadBalancer IPs withou...
OpenEMR 安全漏洞
OpenEMR is a set of open-source medical management systems developed by the OpenEMR community. This system can be used for medical practice management, electronic medical records, prescription writing, and medical billing applications. OpenEMR versions 8.0.0 and earlier have security...
Linux Distros Unpatched Vulnerability : CVE-2025-69693
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out-of-bounds read in FFmpeg 8.0 and 8.0.1 RV60 video decoder libavcodec/rv60dec.c. The quantization parameter qp validation at line 2267 only checks the lower...
EUVD-2025-208761
Out-of-bounds read in FFmpeg 8.0 and 8.0.1 RV60 video decoder libavcodec/rv60dec.c. The quantization parameter qp validation at line 2267 only checks the lower bound qp 0 but is missing upper bound validation. The qp value can reach 65 base value 63 from 6-bit frame header + offset +2 from...
UBUNTU-CVE-2025-69693
Out-of-bounds read in FFmpeg 8.0 and 8.0.1 RV60 video decoder libavcodec/rv60dec.c. The quantization parameter qp validation at line 2267 only checks the lower bound qp 0 but is missing upper bound validation. The qp value can reach 65 base value 63 from 6-bit frame header + offset +2 from...