Lucene search
+L

1035 matches found

EUVD
EUVD
added 2 days ago11 views

EUVD-2026-44837

A flaw has been found in H3C SecPath F1000-C8300 up to 20260522. This impacts an unknown function of the file /webui/?g=logfwnbcmailjsondata. Executing a manipulation of the argument subject can lead to sql injection. The attack can be executed remotely. The exploit has been published and may be...

7.5CVSS6.7AI score0.00254EPSS
Exploits0References6
Cvelist
Cvelist
added 5 days ago35 views

CVE-2026-15526 augmnt augments-mcp-server scan_project_deps scan-project-deps.ts scanProjectDeps path traversal

A flaw has been found in augmnt augments-mcp-server 7.1.0. This issue affects the function scanProjectDeps of the file src/tools/v4/scan-project-deps.ts of the component scanprojectdeps. Executing a manipulation of the argument packageJsonPath can lead to path traversal. The attack can only be...

4.8CVSS0.00137EPSS
Exploits0References6
NVD
NVD
added 5 days ago6 views

CVE-2026-15517

A flaw has been found in Jinher OA 1.0. The affected element is an unknown function of the file /C6/JHSoft.Web.PlanSummarize/PlanGiveOut.aspx. This manipulation of the argument httpOID causes sql injection. Remote exploitation of the attack is possible. The exploit has been published and may be...

7.5CVSS0.00254EPSS
Exploits0References5
Cvelist
Cvelist
added 5 days ago38 views

CVE-2026-15517 Jinher OA PlanGiveOut.aspx sql injection

A flaw has been found in Jinher OA 1.0. The affected element is an unknown function of the file /C6/JHSoft.Web.PlanSummarize/PlanGiveOut.aspx. This manipulation of the argument httpOID causes sql injection. Remote exploitation of the attack is possible. The exploit has been published and may be...

7.5CVSS0.00254EPSS
Exploits0References5
EUVD
EUVD
added 2026/07/10 3:0 p.m.9 views

EUVD-2026-42923

A flaw has been found in Eleveo Call Recording Software 9.7.0. This affects an unknown function of the file /callrec/roleAddAction.do of the component Group Interface. Executing a manipulation can lead to improper authorization. It is possible to launch the attack remotely. The exploit has been...

6.5CVSS6.3AI score0.00256EPSS
Exploits0References5
NVD
NVD
added 2026/07/09 10:17 p.m.8 views

CVE-2026-15276

A flaw has been found in pdeljanov Symphonia up to 0.6.0. This vulnerability affects unknown code of the component Metadata Handler. This manipulation causes denial of service. The attack needs to be launched locally. The exploit has been published and may be used. The pull request to fix this...

4.8CVSS0.0012EPSS
Exploits0References7
OSV
OSV
added 2026/07/09 10:17 p.m.4 views

UBUNTU-CVE-2026-15276

A flaw has been found in pdeljanov Symphonia up to 0.6.0. This vulnerability affects unknown code of the component Metadata Handler. This manipulation causes denial of service. The attack needs to be launched locally. The exploit has been published and may be used. The pull request to fix this...

4.8CVSS5.5AI score0.0012EPSS
Exploits0References9
ATTACKERKB
ATTACKERKB
added 2026/07/09 10:0 p.m.5 views

CVE-2026-15276

A flaw has been found in pdeljanov Symphonia up to 0.6.0. This vulnerability affects unknown code of the component Metadata Handler. This manipulation causes denial of service. The attack needs to be launched locally. The exploit has been published and may be used. The pull request to fix this...

4.8CVSS5.3AI score0.0012EPSS
Exploits0References7Affected Software1
CVE
CVE
added 2026/07/09 10:0 p.m.12 views

CVE-2026-15276

Symphonia (pdeljanov) up to version 0.6.0 exposes a denial-of-service vulnerability in the Metadata Handler. The issue affects unknown code paths; exploitation requires local access and a publicly published exploit exists. A fix is in a pull request but has not yet been accepted. The advisory not...

4.8CVSS5.3AI score0.0012EPSS
Exploits0References7
OSV
OSV
added 2026/07/09 10:0 p.m.3 views

CVE-2026-15276 pdeljanov Symphonia Metadata denial of service

A flaw has been found in pdeljanov Symphonia up to 0.6.0. This vulnerability affects unknown code of the component Metadata Handler. This manipulation causes denial of service. The attack needs to be launched locally. The exploit has been published and may be used. The pull request to fix this...

4.8CVSS5.5AI score0.0012EPSS
Exploits0References9
EUVD
EUVD
added 2026/07/09 12:31 a.m.9 views

EUVD-2026-42468

A flaw has been found in davenardella snap7 up to 1.4.3. This affects the function TS7Worker::PerformFunctionRead of the file src/core/s7server.cpp of the component ReadVar Request Handler. This manipulation causes deserialization. The attack requires access to the local network. The exploit has...

6.3CVSS5.5AI score0.00285EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2026/07/09 12:0 a.m.9 views

PT-2026-56991

Name of the Vulnerable Software and Affected Versions pdeljanov Symphonia versions prior to 0.6.1 Description A flaw in the Metadata Handler component allows a local attacker to cause a denial of service. Recommendations At the moment, there is no information about a newer version that contains a...

4.8CVSS6.1AI score0.0012EPSS
Exploits0References10
OSV
OSV
added 2026/07/06 3:16 a.m.5 views

UBUNTU-CVE-2026-14790

A flaw has been found in GPAC 26.02.0. This affects the function nhmldumpsendframe of the file src/filters/writenhml.c of the component Media File Handler. Executing a manipulation can lead to null pointer dereference. The attack requires local access. The exploit has been published and may be...

4.8CVSS5.5AI score0.00115EPSS
Exploits0References9
NVD
NVD
added 2026/07/05 10:16 a.m.8 views

CVE-2026-14734

A flaw has been found in SourceCodester Class and Exam Timetabling System 1.0. Impacted is an unknown function of the file /editproduct.php. This manipulation of the argument ID causes sql injection. Remote exploitation of the attack is possible. The exploit has been published and may be used...

7.5CVSS0.00412EPSS
Exploits0References6
NVD
NVD
added 2026/07/05 5:16 a.m.11 views

CVE-2026-14702

A flaw has been found in zcaceres markdownify-mcp up to 1.1.0. This impacts the function saveToTempFile of the file src/Markdownify.ts of the component webpage-to-markdown/youtube-to-markdown/bing-search-to-markdown. This manipulation causes insufficiently random values. The attack is restricted ...

2.5CVSS0.00108EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/07/05 4:0 a.m.8 views

CVE-2026-14702

A flaw has been found in zcaceres markdownify-mcp up to 1.1.0. This impacts the function saveToTempFile of the file src/Markdownify.ts of the component webpage-to-markdown/youtube-to-markdown/bing-search-to-markdown. This manipulation causes insufficiently random values. The attack is restricted ...

2.5CVSS5.2AI score0.00108EPSS
Exploits0References7Affected Software1
OSV
OSV
added 2026/07/05 12:17 a.m.4 views

DEBIAN-CVE-2026-14684

A flaw has been found in HdrHistogram up to 2.2.2. This affects the function org.HdrHistogram.AbstractHistogram.decodeFromByteBuffer of the file src/main/java/org/HdrHistogram/AbstractHistogram.java. This manipulation of the argument numberOfSignificantValueDigits causes uncontrolled memory...

4.8CVSS5.7AI score0.0012EPSS
Exploits0References1
NVD
NVD
added 2026/07/05 12:17 a.m.10 views

CVE-2026-14684

A flaw has been found in HdrHistogram up to 2.2.2. This affects the function org.HdrHistogram.AbstractHistogram.decodeFromByteBuffer of the file src/main/java/org/HdrHistogram/AbstractHistogram.java. This manipulation of the argument numberOfSignificantValueDigits causes uncontrolled memory...

4.8CVSS0.0012EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/07/05 12:0 a.m.12 views

PT-2026-55800

Name of the Vulnerable Software and Affected Versions code-projects Hotel and Tourism Reservation version 1.0 Description A remote SQL injection flaw exists in the /admin/add room.php endpoint. The issue occurs when manipulating the delete image, edit, description, number, price, rooms, or type...

7.5CVSS7.2AI score0.00269EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2026/07/05 12:0 a.m.12 views

PT-2026-55823

Name of the Vulnerable Software and Affected Versions SourceCodester Class and Exam Timetabling System version 1.0 Description An issue exists in the /edit exam1.php file where a manipulation of the ID argument can lead to SQL injection, a technique used to interfere with the queries that an...

7.5CVSS7.2AI score0.00269EPSS
Exploits0References8
Rows per page
Query Builder