57475 matches found
DEBIAN-CVE-2026-48687
FastNetMon Community Edition through 1.2.9 contains an OS command injection vulnerability in the Juniper router integration plugin. The log function in src/juniperplugin/fastnetmonjuniper.php lines 117-118 constructs shell commands by concatenating the $msg parameter directly into exec calls:...
CVE-2026-48687
FastNetMon Community Edition through 1.2.9 contains an OS command injection vulnerability in the Juniper router integration plugin. The log function in src/juniperplugin/fastnetmonjuniper.php lines 117-118 constructs shell commands by concatenating the $msg parameter directly into exec calls:...
UBUNTU-CVE-2026-48687
FastNetMon Community Edition through 1.2.9 contains an OS command injection vulnerability in the Juniper router integration plugin. The log function in src/juniperplugin/fastnetmonjuniper.php lines 117-118 constructs shell commands by concatenating the $msg parameter directly into exec calls:...
CVE-2026-7568
A flaw was found in PHP. The metaphone function in ext/standard/metaphone.c uses a signed int variable to track the current position within the input string. When an input string is longer than 2,147,483,647 bytes, a signed integer overflow can occur, leading to undefined behavior and an...
UBUNTU-CVE-2026-9541
A security flaw has been discovered in Squirrel up to 3.2. Impacted is the function ReadObject of the file squirrel/sqobject.cpp of the component Cnut File Handler. Performing a manipulation results in heap-based buffer overflow. The attack is only possible with local access. The exploit has been...
CVE-2026-9541
A security flaw has been discovered in Squirrel up to 3.2. Impacted is the function ReadObject of the file squirrel/sqobject.cpp of the component Cnut File Handler. Performing a manipulation results in heap-based buffer overflow. The attack is only possible with local access. The exploit has been...
CVE-2026-9541 Squirrel Cnut File sqobject.cpp ReadObject heap-based overflow
A security flaw has been discovered in Squirrel up to 3.2. Impacted is the function ReadObject of the file squirrel/sqobject.cpp of the component Cnut File Handler. Performing a manipulation results in heap-based buffer overflow. The attack is only possible with local access. The exploit has been...
EUVD-2026-31813
A security flaw has been discovered in Squirrel up to 3.2. Impacted is the function ReadObject of the file squirrel/sqobject.cpp of the component Cnut File Handler. Performing a manipulation results in heap-based buffer overflow. The attack is only possible with local access. The exploit has been...
CVE-2026-44410 Function Abusement Vulnerability in ZTE ZXUniPOS NDS-LTE
This vulnerability stems from a business logic flaw.Attackers can exploit legitimate application functions in unintended and abnormal ways, deviating from the designer's expectations, to carry out malicious attacks...
Malicious code in react-ui-polyfills (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 63c43460df1ee670b8a5982d77e7028aef7df25fa38922f743489fd52b41b5ea Package advertises itself as React polyfills / UI compatibility helpers but ships no React or polyfill code. The exported getPlugin function returns ...
EUVD-2026-31793
Versions of the package pacote from 11.2.7 are vulnerable to Denial of Service DoS via the addGitSha function. An attacker can exploit this vulnerability by supplying a specially crafted spec.rawSpec value that triggers the function’s regex replacement and string-manipulation logic, causing...
CVE-2026-9496
CVE-2026-9496 affects the npm package pacote
curl: TLS conn reuse and session cache ignore fsslctx callback and ssl_config_data flags ( incomplete fix variant of 7541ae569 )
Summary matchsslprimaryconfig in lib/vtls/vtls.c:194 and the session-cache key built by cfsslpeerkeybuild in lib/vtls/vtlsscache.c:240 both compare only struct sslprimaryconfig fields when deciding whether to reuse a TLS connection or cached session. Several fields that materially change the TLS...
EUVD-2026-31783
A flaw has been found in xianrendzw EasyReport up to 2.0.17.0522Beta. Affected by this issue is the function execute of the component REST Endpoint. Executing a manipulation of the argument reportParams can lead to sql injection. The attack can be launched remotely. The vendor was contacted early...
CVE-2026-9518
A vulnerability was identified in hemant6488 CodeIgniter-StudentManagementSystem. The impacted element is the function addStudent of the file viewstudents.php of the component Students Controller. The manipulation of the argument Name leads to cross site scripting. The attack is possible to be...
CVE-2026-9518 hemant6488 CodeIgniter-StudentManagementSystem Students Controller view_students.php addStudent cross site scripting
A vulnerability was identified in hemant6488 CodeIgniter-StudentManagementSystem. The impacted element is the function addStudent of the file viewstudents.php of the component Students Controller. The manipulation of the argument Name leads to cross site scripting. The attack is possible to be...
CVE-2026-9518
A vulnerability was identified in hemant6488 CodeIgniter-StudentManagementSystem. The impacted element is the function addStudent of the file viewstudents.php of the component Students Controller. The manipulation of the argument Name leads to cross site scripting. The attack is possible to be...
Malicious code in fe-utils-core (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6181b15ad071542a35154cffc71bc4771db039f548eabfe4100271000e4e3116 The package's default-exported getPlugin function fetches https://svganchordev.net/icons/110 and passes the response's data.credits field to new...
CVE-2026-9517
A vulnerability was determined in hemant6488 CodeIgniter-StudentManagementSystem. The affected element is an unknown function of the file /index.php/students/addStudentView of the component Student Management Handler. Executing a manipulation can lead to improper access controls. The attack can b...
CVE-2026-9517
CVE-2026-9517 affects the hemant6488 CodeIgniter-StudentManagementSystem. The vulnerable element is an unknown function in the file /index.php/students/addStudentView of the Student Management Handler, where manipulation can lead to improper access controls. The issue is exploitable remotely and ...