54683 matches found
CVE-2025-15568
A command injection vulnerability was identified in the web module of Archer AXE75 v1.6/v1.0 router. An authenticated attacker with adjacent-network access may be able to perform remote code execution RCE when the router is configured with sysmode=ap. Successful exploitation results in root-level...
CVE-2025-70046
An issue pertaining to CWE-829: Inclusion of Functionality from Untrusted Control Sphere was discovered in Miazzy oa-front-service master...
CVE-2026-30910
Crypt::Sodium::XS versions through 0.001000 for Perl has potential integer overflows. Combined aead encryption, combined signature creation, and bin2hex functions do not check that output size will be less than SIZEMAX, which could lead to integer wraparound causing an undersized output buffer...
CVE-2026-3819
A vulnerability has been found in SourceCodester Resort Reservation System 1.0. The affected element is an unknown function of the file /?page=managereservation of the component Reservation Management Module. Such manipulation of the argument ID leads to cross site scripting. The attack may be...
CVE-2026-3720
A security flaw has been discovered in 1024-lab/lab1024 SmartAdmin up to 3.29. Impacted is an unknown function of the file smart-admin-web-javascript/src/views/business/oa/notice/components/notice-form-drawer.vue of the component Notice Module. The manipulation results in cross site scripting. Th...
TP-LINK Archer AXE75 安全漏洞
The TP-LINK Archer AXE75 is a wireless router produced by TP-LINK Corporation. The TP-LINK Archer AXE75 v1.6/v1.0 1.3.2 Build 20250107 and earlier versions have security vulnerabilities. These vulnerabilities stem from command injection in the web module, which may lead to remote code execution...
PT-2026-24082
Name of the Vulnerable Software and Affected Versions Archer AXE75 versions 1.0 through 1.3.2 Build 20250107 Description A command injection issue exists in the web module of the Archer AXE75 router. An authenticated attacker with adjacent-network access may be able to execute remote code RCE whe...
Huawei HarmonyOS Print Module Competitive Conditions Vulnerability (CNVD-2026-18800)
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A competitive condition vulnerability exists in the Huawei HarmonyOS Printing Module, which can be exploited by an attacker to cause availability to be...
Huawei HarmonyOS Window Module Double Release Vulnerability
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A double-release vulnerability exists in the Huawei HarmonyOS window module, which can be exploited by an attacker to cause availability to be compromised...
PT-2026-24004
Name of the Vulnerable Software and Affected Versions Qi-ANXIN QAX Virus Removal versions prior to 2025-10-23 Description A weakness exists in Qi-ANXIN QAX Virus Removal. The issue is related to improper access controls that can be triggered by manipulating the ZwTerminateProcess function within...
Huawei HarmonyOS Device Security Management Module Competitive Conditions Vulnerability
Huawei HarmonyOS is an operating system from Huawei China. It provides a full-scenario distributed operating system based on a microkernel. A competitive condition vulnerability exists in the Huawei HarmonyOS device security management module, which can be exploited by an attacker to cause...
EUVD-2026-10249
A vulnerability was determined in SourceCodester Simple Responsive Tourism Website 1.0. Affected by this vulnerability is an unknown functionality of the file /tourism/classes/Login.php?f=login of the component Login. This manipulation of the argument Username causes sql injection. The attack may...
CVE-2026-3750
A security vulnerability has been detected in ContiNew Admin up to 4.2.0. This issue affects the function URI.create of the file continew-system/src/main/java/top/continew/admin/system/factory/S3ClientFactory.java of the component Storage Management Module. The manipulation leads to server-side...
CVE-2026-3750 ContiNew Admin Storage Management S3ClientFactory.java URI.create server-side request forgery
A security vulnerability has been detected in ContiNew Admin up to 4.2.0. This issue affects the function URI.create of the file continew-system/src/main/java/top/continew/admin/system/factory/S3ClientFactory.java of the component Storage Management Module. The manipulation leads to server-side...
EUVD-2026-10225
A weakness has been identified in 1024-lab/lab1024 SmartAdmin up to 3.29. The affected element is an unknown function of the file sa-base/src/main/java/net/lab1024/sa/base/module/support/helpdoc/domain/form/HelpDocAddForm.java of the component Help Documentation Module. This manipulation causes...
CVE-2026-3721
A weakness has been identified in 1024-lab/lab1024 SmartAdmin up to 3.29. The affected element is an unknown function of the file sa-base/src/main/java/net/lab1024/sa/base/module/support/helpdoc/domain/form/HelpDocAddForm.java of the component Help Documentation Module. This manipulation causes...
CVE-2026-3721
A weakness has been identified in 1024-lab/lab1024 SmartAdmin up to 3.29. The affected element is an unknown function of the file sa-base/src/main/java/net/lab1024/sa/base/module/support/helpdoc/domain/form/HelpDocAddForm.java of the component Help Documentation Module. This manipulation causes...
CVE-2026-3720
A security flaw has been discovered in 1024-lab/lab1024 SmartAdmin up to 3.29. Impacted is an unknown function of the file smart-admin-web-javascript/src/views/business/oa/notice/components/notice-form-drawer.vue of the component Notice Module. The manipulation results in cross site scripting. Th...
CVE-2026-3721
A weakness has been identified in 1024-lab/lab1024 SmartAdmin up to 3.29. The affected element is an unknown function of the file sa-base/src/main/java/net/lab1024/sa/base/module/support/helpdoc/domain/form/HelpDocAddForm.java of the component Help Documentation Module. This manipulation causes...
CVE-2026-3720
A security flaw has been discovered in 1024-lab/lab1024 SmartAdmin up to 3.29. Impacted is an unknown function of the file smart-admin-web-javascript/src/views/business/oa/notice/components/notice-form-drawer.vue of the component Notice Module. The manipulation results in cross site scripting. Th...