Lucene search
K

545 matches found

NVD
NVD
added 2026/06/15 2:16 a.m.11 views

CVE-2026-12207

A security flaw has been discovered in medkey-org medkey up to fc09b7ba9441ff590b72d428d5380834216b09ed. Impacted is the function actionGetPatientById of the file app\modules\medical\port\rest\controllers\PatientController.php of the component HTTP REST API. The manipulation of the argument ID...

5.3CVSS0.00226EPSS
Exploits0References5
Debian CVE
Debian CVE
added 2026/04/01 11:15 p.m.4 views

CVE-2026-5315

A vulnerability was determined in Nothings stb up to 1.26. The affected element is the function stbttbufget8 in the library stbtruetype.h of the component TTF File Handler. Executing a manipulation can lead to out-of-bounds read. The attack can be executed remotely. The exploit has been publicly...

8.8CVSS4.7AI score0.00506EPSS
Exploits1
NVD
NVD
added 2026/02/03 3:16 p.m.5 views

CVE-2025-5319

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Emit Informatics and Communication Technologies Industry and Trade Ltd. Co. DIGITA Efficiency Management System allows SQL Injection. This issue affects DIGITA Efficiency Management System: through...

9.8CVSS0.00421EPSS
Exploits0References2
EUVD
EUVD
added 2026/02/03 8:22 a.m.4 views

EUVD-2025-206660

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Kod8 Software Technologies Trade Ltd. Co. Kod8 Individual and SME Website allows Reflected XSS.This issue affects Kod8 Individual and SME Website: through 03022026. NOTE: The vendor was...

7.6CVSS5.3AI score0.00175EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:17 a.m.8 views

CVE-2025-1354

A cross-site scripting XSS vulnerability in the RT-N10E/ RT-N12E 2.0.0.x firmware . This vulnerability caused by improper input validation and can be triggered via the manipulation of the SSID argument in the sysinfo.asp file, leading to disclosure of sensitive information. Note: All versions of...

4.8CVSS3.5AI score0.00418EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:14 a.m.7 views

CVE-2024-2497

A vulnerability was found in RaspAP raspap-webgui 3.0.9 and classified as critical. This issue affects some unknown processing of the file includes/provider.php of the component HTTP POST Request Handler. The manipulation of the argument country leads to code injection. The attack may be initiate...

7.2CVSS7.4AI score0.00907EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:13 a.m.7 views

CVE-2024-2817

A vulnerability, which was classified as problematic, has been found in Tenda AC15 15.03.05.18. Affected by this issue is the function fromSysToolRestoreSet of the file /goform/SysToolRestoreSet. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The exploi...

6.5CVSS6.7AI score0.00335EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:12 a.m.8 views

CVE-2024-2532

A vulnerability classified as critical was found in MAGESH-K21 Online-College-Event-Hall-Reservation-System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/update-users.php. The manipulation of the argument id leads to sql injection. The attack can be launched...

8.8CVSS9AI score0.00514EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/01 9:32 p.m.3 views

CVE-2025-15414 go-sonic Theme Fetching API git_fetcher.go FetchTheme server-side request forgery

A flaw has been found in go-sonic sonic up to 1.1.4. The affected element is the function FetchTheme of the file service/theme/gitfetcher.go of the component Theme Fetching API. Executing a manipulation of the argument uri can lead to server-side request forgery. The attack may be launched...

5.8CVSS4.8AI score0.00223EPSS
Exploits0References5
NVD
NVD
added 2025/12/01 1:16 a.m.4 views

CVE-2025-13799

A vulnerability has been found in ADSLR NBR1005GPEV2 250814-r037c. This vulnerability affects the function apmacfilterdel of the file /sendorder.cgi. The manipulation of the argument mac leads to command injection. It is possible to initiate the attack remotely. The exploit has been disclosed to...

9.8CVSS0.08583EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2025/10/17 2:2 p.m.3 views

CVE-2025-11903

A flaw has been found in yanyutao0402 ChanCMS up to 3.3.2. Affected by this issue is the function update of the file /cms/article/update. Executing a manipulation of the argument cid can lead to sql injection. The attack can be launched remotely. The exploit has been published and may be used. Th...

7.2CVSS5.3AI score0.00575EPSS
Exploits1References5Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.2 views

EUVD-2024-44202

Malicious code in bioql PyPI...

5CVSS5.1AI score0.00428EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-16776

Malicious code in bioql PyPI...

8.8CVSS7.3AI score0.01485EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.2 views

EUVD-2024-33669

Malicious code in bioql PyPI...

6.9CVSS4.9AI score0.00367EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.11 views

EUVD-2025-16406

Malicious code in bioql PyPI...

4.8CVSS4.4AI score0.0015EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-59366

Malicious code in bioql PyPI...

8.8CVSS6.1AI score0.00546EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-59213

Malicious code in bioql PyPI...

9.8CVSS7AI score0.00695EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-57973

Malicious code in bioql PyPI...

9.8CVSS6.1AI score0.00668EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-58310

Malicious code in bioql PyPI...

9.8CVSS7AI score0.01032EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-32923

Malicious code in bioql PyPI...

9CVSS8.8AI score0.00991EPSS
Exploits1References5
Rows per page
Query Builder