61255 matches found
EUVD-2025-31188
Open Babel has NULL pointer dereference in ChemKinFormat::ReadReactionQualifierLines...
SUSE CVE-2026-13574
A vulnerability was determined in llvm llvm-project up to 22.1.6. This impacts the function GCRelocateInst::getBasePtr in the library llvm/lib/IR/IntrinsicInst.cpp of the component Bitcode File Handler. This manipulation causes heap-based buffer overflow. It is possible to launch the attack on th...
CVE-2026-13583
Edimax EW-7478APC (firmware 1.04) contains a buffer overflow in the POST handler: formUSBFolder (/goform/formUSBFolder) via manipulation of ShareName/SelectName. The issue is exploitable remotely, with exploit disclosed publicly; no remediation details are provided in the supplied documents.
EUVD-2026-40089
A security vulnerability has been detected in weng-xianhu EyouCMS up to 1.7.1. This issue affects some unknown processing of the file /index.php of the component API. Such manipulation of the argument clicklike leads to sql injection. The attack can be executed remotely. The exploit has been...
CVE-2026-13560
A security vulnerability has been detected in Edimax EW-7478APC 1.04. The affected element is the function formAccept of the file /goform/formAccept of the component POST Request Handler. The manipulation of the argument submit-url leads to os command injection. The attack is possible to be carri...
EUVD-2026-40076
A vulnerability was determined in SourceCodester Class and Exam Timetabling System 1.0/1.php. Affected by this vulnerability is an unknown functionality of the file /editclass1.php. Executing a manipulation of the argument ID can lead to sql injection. The attack can be launched remotely. The...
EUVD-2026-40074
A vulnerability has been found in Edimax EW-7478APC 1.04. This impacts the function formL2TPSetup of the file /goform/formL2TPSetup of the component POST Request Handler. Such manipulation of the argument L2TPUserName leads to stack-based buffer overflow. It is possible to launch the attack...
CVE-2026-13556
A vulnerability was determined in itsourcecode Online Hotel Management System 1.0. This affects an unknown part of the file /admin/modusers/controller.php?action=edit of the component POST Request Handler. This manipulation of the argument Name causes cross site scripting. The attack may be...
EUVD-2026-40057
A security vulnerability has been detected in itsourcecode Baptism Information Management System 1.0. This affects an unknown function of the file /editBaptism.php. Such manipulation of the argument ID leads to sql injection. The attack may be performed from remote. The exploit has been disclosed...
EUVD-2026-40047
A vulnerability was determined in Hanwang e-Face General Management Platform 6.3.5.4. This issue affects some unknown processing of the file /manage/resourceUpload/upload.do. Executing a manipulation of the argument File can lead to unrestricted upload. The attack may be launched remotely. The...
CVE-2026-13529
A vulnerability was determined in YzmCMS up to 7.5. This affects an unknown function of the file /application/install/index.php. Executing a manipulation of the argument siteurl can lead to sql injection. The attack can be executed remotely. A high complexity level is associated with this attack...
CVE-2026-13529
CVE-2026-13529 : In YzmCMS (up to v7.5), a vulnerability affects an unknown function in /application/install/index.php where manipulating the siteurl parameter can cause SQL injection. The issue is exploitable remotely with high attack complexity and partial confidentiality/integrity/availability...
CVE-2026-13529 YzmCMS index.php sql injection
A vulnerability was determined in YzmCMS up to 7.5. This affects an unknown function of the file /application/install/index.php. Executing a manipulation of the argument siteurl can lead to sql injection. The attack can be executed remotely. A high complexity level is associated with this attack...
CVE-2026-13524
The CVE-2026-13524 entry concerns CherryHQ cherry-studio up to 1.9.6. Affected component: MCP OAuth Local Callback Server, specifically the source file src/main/services/mcp/oauth/callback.ts. The vulnerability is caused by manipulation of the argument code, leading to improper authorization. The...
CVE-2026-13518
A vulnerability has been found in Tenda JD12L 16.03.53.23. This affects the function fromAddressNat of the file /goform/addressNat. The manipulation of the argument page leads to stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been disclosed to the publ...
EUVD-2026-40008
A vulnerability was determined in VoltAgent up to 2.1.17. Affected by this issue is the function handleGetMemoryConversation of the file packages/server-core/src/handlers/memory.handlers.ts of the component Memory REST API. Executing a manipulation of the argument conversationId can lead to...
CVE-2026-13501
The vulnerability CVE-2026-13501 affects ANTLR4 (up to 4.13.2), specifically the GoTarget component within the gofmt tool in GoTarget.java. The issue is a local command-injection exploit caused by manipulation of the GoTarget codegen path. Public disclosure exists, and no vendor response is repor...
CVE-2026-13497
A vulnerability was determined in itsourcecode Hospital Management System 1.0. The impacted element is an unknown function of the file /appointment.php. This manipulation of the argument editid causes sql injection. The attack can be initiated remotely. The exploit has been publicly disclosed and...
CVE-2026-13495 itsourcecode Hospital Management System adminprofile.php sql injection
A vulnerability has been found in itsourcecode Hospital Management System 1.0. Impacted is an unknown function of the file /adminprofile.php. The manipulation of the argument loginid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the publ...
EUVD-2026-39993
A vulnerability has been found in itsourcecode Hospital Management System 1.0. Impacted is an unknown function of the file /adminprofile.php. The manipulation of the argument loginid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the publ...