Lucene search
K

14438 matches found

EUVD
EUVD
added 4 hours ago6 views

EUVD-2025-210430

A vulnerability was identified in GPAC up to b40ce70f5. This issue affects the function sgpddelentry of the file src/isomedia/boxcodebase.c of the component MP4Box. Such manipulation of the argument data leads to heap-based buffer overflow. Local access is required to approach this attack. The...

4.8CVSS6.1AI score
Exploits0References8
NVD
NVD
added 7 hours ago5 views

CVE-2026-14800

A weakness has been identified in imhamzaazam ecommerceFlask up to cb7d9e24c30a99379651b7493b32048126ef402b. The affected element is an unknown function. This manipulation causes cross-site request forgery. The attack may be initiated remotely. The exploit has been made available to the public an...

5.3CVSS
Exploits0References6
Cvelist
Cvelist
added 9 hours ago8 views

CVE-2026-14802 react create-react-app react-dev-utils openBrowser.js startBrowserProcess os command injection

A vulnerability was detected in react create-react-app up to 5.0.1 on macOS. This affects the function startBrowserProcess of the file openBrowser.js of the component react-dev-utils. Performing a manipulation results in os command injection. Remote exploitation of the attack is possible. The...

7.5CVSS
Exploits0References6
NVD
NVD
added 9 hours ago8 views

CVE-2026-14798

A vulnerability was identified in CodeAstro Apartment Visitor Management System 1.0. This issue affects some unknown processing of the file /apartment-visitor/visitor-entry.php. The manipulation of the argument visname leads to sql injection. The attack can be initiated remotely. The exploit is...

6.5CVSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 9 hours ago3 views

CVE-2026-14800

A weakness has been identified in imhamzaazam ecommerceFlask up to cb7d9e24c30a99379651b7493b32048126ef402b. The affected element is an unknown function. This manipulation causes cross-site request forgery. The attack may be initiated remotely. The exploit has been made available to the public an...

5.3CVSS5.5AI score
Exploits0References6
Cvelist
Cvelist
added 9 hours ago5 views

CVE-2026-14800 imhamzaazam ecommerceFlask cross-site request forgery

A weakness has been identified in imhamzaazam ecommerceFlask up to cb7d9e24c30a99379651b7493b32048126ef402b. The affected element is an unknown function. This manipulation causes cross-site request forgery. The attack may be initiated remotely. The exploit has been made available to the public an...

5.3CVSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 11 hours ago4 views

CVE-2026-14796

A vulnerability was found in CodeAstro Apartment Visitor Management System 1.0. This affects an unknown part of the file /apartment-visitor/report.php. Performing a manipulation of the argument fromdate results in sql injection. It is possible to initiate the attack remotely. The exploit has been...

6.5CVSS6.5AI score
Exploits0References6Affected Software1
CVE
CVE
added 11 hours ago7 views

CVE-2026-14796

CVE-2026-14796 affects CodeAstro Apartment Visitor Management System 1.0. Affected component: /apartment-visitor/report.php; vulnerability: SQL injection triggered by manipulating the fromdate parameter. Attackable remotely over network with no user interaction; attacker privileges required: LOW....

6.5CVSS6.5AI score
Exploits0References6
EUVD
EUVD
added 11 hours ago7 views

EUVD-2026-41807

A vulnerability was found in CodeAstro Apartment Visitor Management System 1.0. This affects an unknown part of the file /apartment-visitor/report.php. Performing a manipulation of the argument fromdate results in sql injection. It is possible to initiate the attack remotely. The exploit has been...

6.5CVSS5.8AI score
Exploits0References6
Cvelist
Cvelist
added 11 hours ago6 views

CVE-2026-14796 CodeAstro Apartment Visitor Management System report.php sql injection

A vulnerability was found in CodeAstro Apartment Visitor Management System 1.0. This affects an unknown part of the file /apartment-visitor/report.php. Performing a manipulation of the argument fromdate results in sql injection. It is possible to initiate the attack remotely. The exploit has been...

6.5CVSS
Exploits0References6
NVD
NVD
added 12 hours ago5 views

CVE-2026-14791

A weakness has been identified in crater-invoice-inc crater up to 6.0.6. This affects the function getFormattedString of the file app/Http/Requests/InvoicesRequest.php of the component Invoice Note Handler. Executing a manipulation of the argument notes can lead to cross site scripting. The attac...

5.1CVSS
Exploits0References6
EUVD
EUVD
added 13 hours ago6 views

EUVD-2026-41802

A weakness has been identified in crater-invoice-inc crater up to 6.0.6. This affects the function getFormattedString of the file app/Http/Requests/InvoicesRequest.php of the component Invoice Note Handler. Executing a manipulation of the argument notes can lead to cross site scripting. The attac...

5.1CVSS4.1AI score
Exploits0References6
ATTACKERKB
ATTACKERKB
added 13 hours ago2 views

CVE-2026-14789

A vulnerability was detected in radareorg radare2 up to 6.1.6. Affected by this issue is some unknown functionality of the file libr/bin/format/mdmp/mdmp.c of the component Memory64ListStream Parser. Performing a manipulation results in stack-based buffer overflow. The attack requires a local...

4.8CVSS6.2AI score
Exploits0References7Affected Software1
CVE
CVE
added 13 hours ago6 views

CVE-2026-14789

Radare2 (radareorg) up to 6.1.6 has a stack-based buffer overflow in libr/bin/format/mdmp/mdmp.c of the Memory64ListStream Parser. The vulnerability requires local access; an exploit is public. Patch: 175d4addb68981331c85b10681c2161c38fb5762. Apply the official patch to address the issue.

4.8CVSS6.2AI score
Exploits0References7
CVE
CVE
added 14 hours ago7 views

CVE-2026-14786

The CVE affects radare2 (radareorg) up to version 6.1.6. The vulnerability is in the function r_str_word_get0set within libr/util/str.c, where input handling leads to an integer overflow. Exploitation requires local access, and exploitation details are publicly available via the referenced commit...

4.8CVSS5.7AI score
Exploits0References7
EUVD
EUVD
added 15 hours ago7 views

EUVD-2026-41791

A security flaw has been discovered in SourceCodester Onlne Examination & Learning Management System 1.0. Affected by this vulnerability is the function pathinfo of the file /uploadfiles.php of the component Filename Extension. Performing a manipulation results in unrestricted upload. Remote...

6.5CVSS5.6AI score
Exploits0References7
Cvelist
Cvelist
added yesterday7 views

CVE-2026-14777 SourceCodester Onlne Examination & Learning Management System announcements.php unrestricted upload

A weakness has been identified in SourceCodester Onlne Examination & Learning Management System 1.0. Affected by this issue is some unknown functionality of the file /announcements.php. Executing a manipulation can lead to unrestricted upload. The attack can be executed remotely. The exploit has...

6.5CVSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added yesterday4 views

CVE-2026-14776

A security flaw has been discovered in SourceCodester Onlne Examination & Learning Management System 1.0. Affected by this vulnerability is the function pathinfo of the file /uploadfiles.php of the component Filename Extension. Performing a manipulation results in unrestricted upload. Remote...

6.5CVSS6.3AI score
Exploits0References6Affected Software1
ATTACKERKB
ATTACKERKB
added yesterday3 views

CVE-2026-14773

A vulnerability was found in itsourcecode Hospital Management System 1.0. This affects an unknown function of the file /payment.php. The manipulation of the argument patientid results in sql injection. The attack can be launched remotely. The exploit has been made public and could be used...

6.5CVSS6.5AI score
Exploits0References6Affected Software1
EUVD
EUVD
added yesterday6 views

EUVD-2026-41780

A vulnerability was detected in SourceCodester Class and Exam Timetabling System 1.0. Impacted is an unknown function of the file /editroom.php. Performing a manipulation of the argument ID results in sql injection. It is possible to initiate the attack remotely. The exploit is now public and may...

7.5CVSS6.9AI score
Exploits0References6
Rows per page
Query Builder