986 matches found
CVE-2026-3386
A flaw has been found in wren-lang wren up to 0.4.0. Affected by this vulnerability is the function emitOp of the file src/vm/wrencompiler.c. This manipulation causes out-of-bounds read. It is possible to launch the attack on the local host. The exploit has been published and may be used. The...
EUVD-2026-9121
A flaw has been found in wren-lang wren up to 0.4.0. Affected by this vulnerability is the function emitOp of the file src/vm/wrencompiler.c. This manipulation causes out-of-bounds read. It is possible to launch the attack on the local host. The exploit has been published and may be used. The...
EUVD-2026-9114
A flaw has been found in Tenda F453 1.0.0.3. This affects the function fromqossetting of the file /goform/qossetting. Executing a manipulation of the argument qos can lead to buffer overflow. The attack can be launched remotely. The exploit has been published and may be used...
PT-2026-22508
A flaw has been found in wren-lang wren up to 0.4.0. Affected by this vulnerability is the function emitOp of the file src/vm/wren compiler.c. This manipulation causes out-of-bounds read. It is possible to launch the attack on the local host. The exploit has been published and may be used. The...
CVE-2026-3194
A flaw has been found in Chia Blockchain 2.1.0. The affected element is the function sendtransaction/getprivatekey of the component RPC Server Master Passphrase Handler. This manipulation causes missing authentication. The attack can only be executed locally. The attack's complexity is rated as...
CVE-2026-3269 psi-probe PSI Probe Session ExpireSessionsController.java handleRequestInternal denial of service
A flaw has been found in psi-probe PSI Probe up to 5.3.0. The impacted element is the function handleRequestInternal of the file psi-probe-core/src/main/java/psiprobe/controllers/sessions/ExpireSessionsController.java of the component Session Handler. Executing a manipulation can lead to denial o...
CVE-2026-3152
A flaw has been found in itsourcecode College Management System 1.0. This issue affects some unknown processing of the file /admin/teacher-salary.php. This manipulation of the argument teacherid causes sql injection. It is possible to initiate the attack remotely. The exploit has been published a...
CVE-2026-3194
A flaw has been found in Chia Blockchain 2.1.0. The affected element is the function sendtransaction/getprivatekey of the component RPC Server Master Passphrase Handler. This manipulation causes missing authentication. The attack can only be executed locally. The attack's complexity is rated as...
CVE-2026-3194 Chia Blockchain RPC Server Master Passphrase get_private_key missing authentication
A flaw has been found in Chia Blockchain 2.1.0. The affected element is the function sendtransaction/getprivatekey of the component RPC Server Master Passphrase Handler. This manipulation causes missing authentication. The attack can only be executed locally. The attack's complexity is rated as...
CVE-2026-3171
A flaw has been found in SourceCodester/Patrick Mvuma Patients Waiting Area Queue Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /queue.php. This manipulation of the argument firstname/lastname causes cross site scripting. The attack is possible to b...
CVE-2026-3152
A flaw has been found in itsourcecode College Management System 1.0. This issue affects some unknown processing of the file /admin/teacher-salary.php. This manipulation of the argument teacherid causes sql injection. It is possible to initiate the attack remotely. The exploit has been published a...
CVE-2026-3152
The CVE-2026-3152 entry concerns itsourcecode College Management System 1.0. A vulnerability in the /admin/teacher-salary.php handling of the teacher_id parameter enables SQL injection. The flaw is exploitable remotely, and public exploits have been published. Multiple sources corroborate affecte...
PT-2026-21969
Name of the Vulnerable Software and Affected Versions Chia Blockchain version 2.1.0 Description A security issue exists in Chia Blockchain version 2.1.0 related to missing authentication within the RPC Server Master Passphrase Handler component. Specifically, the send transaction/get private key...
CVE-2026-3043
A flaw has been found in itsourcecode Event Management System 1.0. The impacted element is an unknown function of the file /admin/navbar.php. Executing a manipulation of the argument page can lead to cross site scripting. The attack may be performed from remote. The exploit has been published and...
CVE-2026-2979
A flaw has been found in FastApiAdmin up to 2.2.0. This issue affects the function useravataruploadcontroller of the file /backend/app/api/v1/modulesystem/user/controller.py of the component Scheduled Task API. Executing a manipulation can lead to unrestricted upload. The attack can be launched...
CVE-2026-2926
A flaw has been found in D-Link DWR-M960 1.01.07. This affects the function sub4237AC of the file /boafrm/formLteSetup of the component LTE Configuration Endpoint. Executing a manipulation of the argument submit-url can lead to stack-based buffer overflow. The attack can be launched remotely. The...
CVE-2026-2960
The CVE-2026-2960 affects D-Link DWR-M960 firmware 1.01.07. A flaw in the /boafrm/formDhcpv6s module’s sub_468D64 function allows manipulation of the submit-url to cause a stack-based buffer overflow, enabling remote access. Exploit details have been published and may be used. Remediation recomme...
PT-2026-21556
Name of the Vulnerable Software and Affected Versions ShuoRen Smart Heating Integrated Management Platform version 1.0.0 Description A flaw exists in ShuoRen Smart Heating Integrated Management Platform version 1.0.0, related to an unknown functionality within the file...
CVE-2026-2952
A flaw has been found in Vaelsys 4.1.0. This vulnerability affects unknown code of the file /tree/treeserver.php of the component HTTP POST Request Handler. This manipulation of the argument xajaxargs causes os command injection. The attack is possible to be carried out remotely. The exploit has...
CVE-2026-2910
A flaw has been found in Tenda HG9 300001138. This vulnerability affects unknown code of the file /boaform/formPing6. Executing a manipulation of the argument pingAddr can lead to stack-based buffer overflow. The attack may be performed from remote. The exploit has been published and may be used...