220874 matches found
CVE-2026-9512 Totolink CA750-PoE Setting cstecgi.cgi setPasswordCfg os command injection
A security flaw has been discovered in Totolink CA750-PoE 6.2c.510. This vulnerability affects the function setPasswordCfg of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. Performing a manipulation of the argument admuser/admpass results in os command injection. The attack can b...
CVE-2026-9512
CVE-2026-9512 affects Totolink CA750-PoE (firmware 6.2c.510) in the Setting Handler’s /cgi-bin/cstecgi.cgi, where manipulating the admuser/admpass arguments enables an os command injection in the setPasswordCfg function. The issue is remotely exploitable and, per the metrics, has an in-the-wild p...
EUVD-2026-31760
A vulnerability was identified in Totolink CA750-PoE 6.2c.510. This affects the function setWebWlanIdx of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. Such manipulation of the argument webWlanIdx leads to os command injection. It is possible to launch the attack remotely. The...
CVE-2026-9503
A security flaw has been discovered in GNU LibreDWG up to 0.14. This impacts the function dwgnextentity of the file src/decode.c of the component DWG File Handler. The manipulation results in null pointer dereference. The attack must be initiated from a local position. The exploit has been releas...
CVE-2026-9502
A vulnerability was identified in GNU LibreDWG up to 0.14. This affects the function decompressR2004section of the file src/decode.c of the component Dwgread Utility. The manipulation leads to heap-based buffer overflow. The attack must be carried out locally. The exploit is publicly available an...
CVE-2026-9504
GNU LibreDWG (up to 0.14) is affected in the Dwggrep Utility, specifically the bit_convert_TU function in programs/dwggrep.c, which can trigger an out-of-bounds read. The issue requires local access to exploit and the public exploit is available. A patch be996bf2178a40e98720f18c2414815d244413db i...
CVE-2026-9503 GNU LibreDWG DWG File decode.c dwg_next_entity null pointer dereference
A security flaw has been discovered in GNU LibreDWG up to 0.14. This impacts the function dwgnextentity of the file src/decode.c of the component DWG File Handler. The manipulation results in null pointer dereference. The attack must be initiated from a local position. The exploit has been releas...
EUVD-2026-31741
A security flaw has been discovered in GNU LibreDWG up to 0.14. This impacts the function dwgnextentity of the file src/decode.c of the component DWG File Handler. The manipulation results in null pointer dereference. The attack must be initiated from a local position. The exploit has been releas...
CVE-2026-9503
Summary: CVE-2026-9503 affects GNU LibreDWG up to v0.14, specifically the DWG File Handler’s dwg_next_entity function in src/decode.c. The issue is a null pointer dereference arising from the function’s handling of certain DWG entities, with exploitation requiring local access. The exploit has be...
CVE-2026-9503 GNU LibreDWG DWG File decode.c dwg_next_entity null pointer dereference
A security flaw has been discovered in GNU LibreDWG up to 0.14. This impacts the function dwgnextentity of the file src/decode.c of the component DWG File Handler. The manipulation results in null pointer dereference. The attack must be initiated from a local position. The exploit has been releas...
CVE-2026-9502
Summary: CVE-2026-9502 affects GNU LibreDWG’s Dwgread Utility (up to 0.14). The issue is in decompress_R2004_section (src/decode.c), causing a heap-based buffer overflow. The attack is local and there is a publicly available exploit. A patch is identified by commit/id e501cb9926c1e9a07a0d1cc997f3...
CVE-2026-9502 GNU LibreDWG Dwgread Utility decode.c decompress_R2004_section heap-based overflow
A vulnerability was identified in GNU LibreDWG up to 0.14. This affects the function decompressR2004section of the file src/decode.c of the component Dwgread Utility. The manipulation leads to heap-based buffer overflow. The attack must be carried out locally. The exploit is publicly available an...
CVE-2026-9502 GNU LibreDWG Dwgread Utility decode.c decompress_R2004_section heap-based overflow
A vulnerability was identified in GNU LibreDWG up to 0.14. This affects the function decompressR2004section of the file src/decode.c of the component Dwgread Utility. The manipulation leads to heap-based buffer overflow. The attack must be carried out locally. The exploit is publicly available an...
EUVD-2026-31740
A vulnerability was identified in GNU LibreDWG up to 0.14. This affects the function decompressR2004section of the file src/decode.c of the component Dwgread Utility. The manipulation leads to heap-based buffer overflow. The attack must be carried out locally. The exploit is publicly available an...
EUVD-2026-31737
A vulnerability was determined in GNU LibreDWG up to 0.14. The impacted element is the function decompressR2004section of the file src/decode.c of the component Dwgread Utility. Executing a manipulation can lead to reachable assertion. The attack is restricted to local execution. The exploit has...
CVE-2026-9484
A vulnerability was determined in SourceCodester Student Grades Management System 1.0. Affected by this vulnerability is the function getClassroomStudents/removeStudentFromClassroom of the file classroom.php. Executing a manipulation of the argument classroomid can lead to improper authorization...
CVE-2026-9500 GNU LibreDWG Dwgread Utility decode.c read_2004_compressed_section heap-based overflow
A vulnerability was found in GNU LibreDWG up to 0.14. The affected element is the function read2004compressedsection of the file src/decode.c of the component Dwgread Utility. Performing a manipulation results in heap-based buffer overflow. The attack is only possible with local access. The explo...
EUVD-2026-31732
A vulnerability was found in GNU LibreDWG up to 0.14. The affected element is the function read2004compressedsection of the file src/decode.c of the component Dwgread Utility. Performing a manipulation results in heap-based buffer overflow. The attack is only possible with local access. The explo...
CVE-2026-9486 SourceCodester Student Grades Management System cross-site request forgery
A security flaw has been discovered in SourceCodester Student Grades Management System 1.0. This affects an unknown part. The manipulation results in cross-site request forgery. The attack can be executed remotely. The exploit has been released to the public and may be used for attacks...
EUVD-2026-31726
A security flaw has been discovered in SourceCodester Student Grades Management System 1.0. This affects an unknown part. The manipulation results in cross-site request forgery. The attack can be executed remotely. The exploit has been released to the public and may be used for attacks...