CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10759 matches found

EUVD•added 2026/01/27 4:30 p.m.•5 views

EUVD-2026-4776

An out-of-band SQL injection vulnerability OOB SQLi has been detected in the Performance Evaluation EDD application developed by Gabinete Técnico de Programación. Exploiting this vulnerability in the parameter 'Idusuario' and 'Idevaluacion’ in ‘/evaluacionhcaevalua.aspx’, could allow an attacker ...

9.3CVSS5.8AI score0.00327EPSS

Exploits0References1

CVE•added 2026/01/27 4:30 p.m.•13 views

CVE-2026-1478

The CVE-2026-1478 issue concerns the Performance Evaluation (EDD) application from Gabinete Técnico de Programación. It describes an out-of-band SQL injection (OOB SQLi) in the API endpoints, specifically in the parameters Id_usuario and Id_evaluacion of /evaluacion_hca_evalua.aspx. The vulnerabi...

9.3CVSS5.8AI score0.00327EPSS

Exploits0References1Affected Software1

ATTACKERKB•added 2026/01/27 4:30 p.m.•4 views

CVE-2026-1477

9.3CVSS5.8AI score0.00327EPSS

Exploits0References2

Cvelist•added 2026/01/27 4:30 p.m.•19 views

CVE-2026-1477 Out-of-band SQL injection in Quatuor Performance Evaluation

9.3CVSS0.00327EPSS

Exploits0References1

CVE•added 2026/01/27 4:30 p.m.•12 views

CVE-2026-1477

CVE-2026-1477 affects the Performance Evaluation (EDD) application by Gabinete Técnico de Programación. Affected component: API endpoints handling the parameters in the old evaluation page (/evaluacion_competencias_evalua_old.aspx), specifically Id_usuario and Id_evaluacion. Root cause: out-of-ba...

9.3CVSS5.8AI score0.00327EPSS

Exploits0References1Affected Software1

EUVD•added 2026/01/27 4:30 p.m.•4 views

EUVD-2026-4749

9.3CVSS5.8AI score0.00327EPSS

Exploits0References1

EUVD•added 2026/01/27 4:29 p.m.•4 views

EUVD-2026-4748

An out-of-band SQL injection vulnerability OOB SQLi has been detected in the Performance Evaluation EDD application developed by Gabinete Técnico de Programación. Exploiting this vulnerability in the parameter 'Idusuario' in ‘/evaluacionaccionesverauto.aspx’, could allow an attacker to extract...

9.3CVSS5.8AI score0.00327EPSS

Exploits0References1

Cvelist•added 2026/01/27 4:28 p.m.•21 views

CVE-2026-1475 Out-of-band SQL injection in Quatuor Performance Evaluation

An out-of-band SQL injection vulnerability OOB SQLi has been detected in the Performance Evaluation EDD application developed by Gabinete Técnico de Programación. Exploiting this vulnerability in the parameter ‘Idusuario' in ‘/evaluacionaccionesevalua.aspx’, could allow an attacker to extract...

9.3CVSS0.00327EPSS

Exploits0References1

Vulnrichment•added 2026/01/27 4:28 p.m.•2 views

CVE-2026-1475 Out-of-band SQL injection in Quatuor Performance Evaluation

An out-of-band SQL injection vulnerability OOB SQLi has been detected in the Performance Evaluation EDD application developed by Gabinete Técnico de Programación. Exploiting this vulnerability in the parameter ‘Idusuario' in ‘/evaluacionaccionesevalua.aspx’, could allow an attacker to extract...

9.3CVSS5.8AI score0.00327EPSS

Exploits0References1

EUVD•added 2026/01/27 4:27 p.m.•3 views

EUVD-2026-4746

An out-of-band SQL injection vulnerability OOB SQLi has been detected in the Performance Evaluation EDD application developed by Gabinete Técnico de Programación. Exploiting this vulnerability in the parameter 'Idusuario' and 'Idevaluacion' en ‘/evaluacioninicio.aspx’, could allow an attacker to...

9.3CVSS5.8AI score0.00327EPSS

Exploits0References1

CVE•added 2026/01/27 4:27 p.m.•8 views

CVE-2026-1474

CVE-2026-1474 describes an out-of-band SQL injection in the Performance Evaluation (EDD) application by Gabinete Técnico de Programación. The vulnerability affects the /evaluacion_inicio.aspx endpoint, where the parameters Id_usuario and Id_evaluacion can be exploited to extract data from the dat...

9.3CVSS5.8AI score0.00327EPSS

Exploits0References1Affected Software1

Cvelist•added 2026/01/27 4:27 p.m.•24 views

CVE-2026-1473 Out-of-band SQL injection in Quatuor Performance Evaluation

An out-of-band SQL injection vulnerability OOB SQLi has been detected in the Performance Evaluation EDD application developed by Gabinete Técnico de Programación. Exploiting this vulnerability in the parameter 'Idusuario’ in '/evaluacioncompetenciasevalua.aspx', could allow an attacker to extract...

9.3CVSS0.00321EPSS

Exploits0References1

OSV•added 2026/01/27 10:41 a.m.•3 views

CLSA-2026-1769510460 python3: Fix of CVE-2025-12084

CVE-2025-12084: optimize clearidcache function for faster performance when building nested elements with xml.dom.minidom methods like appendChild...

6.3CVSS7.1AI score0.00696EPSS

Exploits0References1

Positive Technologies•added 2026/01/27 12:0 a.m.•6 views

PT-2026-4976

Name of the Vulnerable Software and Affected Versions Performance Evaluation EDD application versions affected versions not specified Description An out-of-band SQL injection flaw exists in the Performance Evaluation EDD application developed by Gabinete Técnico de Programación. Exploitation of...

9.3CVSS5.9AI score0.00327EPSS

Exploits0References5

Positive Technologies•added 2026/01/27 12:0 a.m.•2 views

PT-2026-4972

An out-of-band SQL injection vulnerability OOB SQLi has been detected in the Performance Evaluation EDD application developed by Gabinete Técnico de Programación. Exploiting this vulnerability in the parameter ‘Id usuario' in ‘/evaluacion acciones evalua.aspx’, could allow an attacker to extract...

9.3CVSS5.8AI score0.00327EPSS

Exploits0References2

Positive Technologies•added 2026/01/27 12:0 a.m.•2 views

PT-2026-4969

Name of the Vulnerable Software and Affected Versions Performance Evaluation EDD application versions affected versions not specified Description An out-of-band SQL injection vulnerability OOB SQLi exists in the Performance Evaluation EDD application developed by Gabinete Técnico de Programación...

9.3CVSS5.5AI score0.00327EPSS

Exploits0References4

Positive Technologies•added 2026/01/27 12:0 a.m.•4 views

PT-2026-4974

Name of the Vulnerable Software and Affected Versions Performance Evaluation EDD application affected versions not specified Description An out-of-band SQL injection flaw exists in the Performance Evaluation EDD application developed by Gabinete Técnico de Programación. Exploitation of this flaw...

9.3CVSS5.9AI score0.00327EPSS

Exploits0References4

Positive Technologies•added 2026/01/27 12:0 a.m.•5 views

PT-2026-4970

9.3CVSS5.5AI score0.00321EPSS

Exploits0References4

Broadcom•added 2026/01/27 12:0 a.m.•11 views

The allocate_structures function insufficiently checks bounds before arithmetic multiplication

sysstat is a set of system performance tools for the Linux operating system. On 32 bit systems, in versions 9.1.16 and newer but prior to 12.7.1, allocatestructures contains a sizet overflow in sacommon.c. The allocatestructures function insufficiently checks bounds before arithmetic...

7.8CVSS6AI score0.01096EPSS

Exploits1

CNNVD•added 2026/01/27 12:0 a.m.•8 views

Suricata security vulnerabilities

Suricata is a network IDS, IPS, and NSM engine developed by the Open Information Security Foundation. Versions of Suricata prior to 8.0.3 and 7.0.14 contained security vulnerabilities. These vulnerabilities were due to inefficient processing of xff, which could lead to significant performance...

5.3CVSS5.8AI score0.00312EPSS

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by