Lucene search
K

47659 matches found

EUVD
EUVD
added 8 hours ago5 views

EUVD-2026-43615

A vulnerability was determined in nextlevelbuilder GoClaw 3.13.3-beta.3. This affects the function writeFile of the file internal/providers/acp/toolbridge.go of the component ACP ToolBridge Workspace Handler. This manipulation causes path traversal. The attack is possible to be carried out...

6.5CVSS6.3AI score
Exploits0References7
Cvelist
Cvelist
added yesterday20 views

CVE-2026-15544 Shibby Tomato apcupsd tomatodata.cgi getupsvar stack-based overflow

A vulnerability was determined in Shibby Tomato up to 1.28.0000. Affected is the function getupsvar of the file www/apcupsd/tomatodata.cgi of the component apcupsd. This manipulation of the argument Field causes stack-based buffer overflow. The attack may be initiated remotely. The exploit has be...

9CVSS0.00438EPSS
Exploits0References5
EUVD
EUVD
added yesterday10 views

EUVD-2026-43263

A vulnerability was determined in GNU LibreDWG 0.13.4-154-g0b573035. This impacts the function decompressR2004section of the file src/decode.c of the component R2004 Section Decompression. Executing a manipulation can lead to heap-based buffer overflow. The attack requires local access. The explo...

5.3CVSS6.1AI score0.00136EPSS
Exploits0References10
EUVD
EUVD
added 2 days ago7 views

EUVD-2026-43193

A vulnerability was found in Eleveo Call Recording Software 9.7.0. This affects an unknown part of the file /callrec/pcidssstatus.jsp. Performing a manipulation results in improper authorization. Remote exploitation of the attack is possible. The exploit has been made public and could be used. Th...

5.3CVSS5.8AI score0.00207EPSS
Exploits0References5
CVE
CVE
added 5 days ago12 views

CVE-2026-15138

Technical details beyond the generic description are not publicly available in the provided documents. Monitor for updates on affected components, versions, and remediation.

7.5CVSS6.2AI score0.00347EPSS
Exploits0References6
NVD
NVD
added 2026/07/05 11:16 p.m.11 views

CVE-2026-14774

A vulnerability was determined in itsourcecode Hospital Management System 1.0. This impacts an unknown function of the file /paymentdischarge.php. This manipulation of the argument patientid causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed and ma...

6.5CVSS0.00204EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/07/05 10:30 p.m.10 views

CVE-2026-14774

A vulnerability was determined in itsourcecode Hospital Management System 1.0. This impacts an unknown function of the file /paymentdischarge.php. This manipulation of the argument patientid causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed and ma...

6.5CVSS6.5AI score0.00204EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2026/07/05 10:16 p.m.6 views

CVE-2026-14772

A vulnerability has been found in SourceCodester Class and Exam Timetabling System 1.0/1.php. The impacted element is an unknown function of the file /editcourse1.php. The manipulation of the argument ID leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed ...

7.5CVSS0.00269EPSS
Exploits0References6
NVD
NVD
added 2026/07/05 9:16 p.m.9 views

CVE-2026-14769

A security vulnerability has been detected in code-projects Real State Services 1.0. This issue affects some unknown processing of the file /pay.php. Such manipulation of the argument Bankname leads to sql injection. The attack may be performed from remote. The exploit has been disclosed publicly...

7.5CVSS0.00269EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/07/05 8:15 p.m.8 views

CVE-2026-14769

A security vulnerability has been detected in code-projects Real State Services 1.0. This issue affects some unknown processing of the file /pay.php. Such manipulation of the argument Bankname leads to sql injection. The attack may be performed from remote. The exploit has been disclosed publicly...

7.5CVSS6.8AI score0.00269EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2026/07/05 3:16 p.m.11 views

CVE-2026-14757

A vulnerability was determined in radareorg radare2 up to 6.1.6. This affects the function coreanalbytes of the file libr/core/cmdanal.inc. This manipulation causes integer overflow. The attack needs to be launched locally. The exploit has been publicly disclosed and may be utilized. It is...

7.8CVSS0.00142EPSS
Exploits1References6
ATTACKERKB
ATTACKERKB
added 2026/07/05 2:30 p.m.5 views

CVE-2026-14756

A vulnerability was found in code-projects Hotel and Tourism Reservation 1.0. Affected by this issue is some unknown functionality of the file /admin/addtour.php of the component Tour Management Page. The manipulation of the argument deleteimage results in sql injection. The attack may be launche...

7.5CVSS6.7AI score0.00269EPSS
Exploits0References6Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/07/05 11:45 a.m.5 views

CVE-2026-14746

A security vulnerability has been detected in code-projects Real State Services 1.0. Affected is an unknown function of the file /addprojectrent.php. The manipulation of the argument amen leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed publicly and may...

7.5CVSS6.9AI score0.00269EPSS
Exploits0References6Affected Software1
EUVD
EUVD
added 2026/07/05 12:30 a.m.9 views

EUVD-2026-41709

A vulnerability was determined in 666ghj BettaFish up to 1.2.1. Impacted is the function deduplicateresults of the file InsightEngine/agent.py of the component InsightEngine search-result Deduplication. Executing a manipulation can lead to partial string comparison. The attack can be launched...

6.9CVSS5.8AI score0.00332EPSS
Exploits0References7
CVE
CVE
added 2026/07/04 10:30 p.m.17 views

CVE-2026-14660

The CVE-2026-14660 entry concerns code-projects Online Job Portal 1.0. The vulnerability lies in login.php where manipulating the arguments txtUser/txtPass causes SQL injection. Attack could be performed remotely and an exploit has been publicly released. Affected component: login handling in Onl...

7.5CVSS6.8AI score0.00412EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/07/03 8:0 p.m.40 views

CVE-2026-14608 SourceCodester CET Automated Grading System with AI Predictive Analytics POST index.php view_student authorization

A security vulnerability has been detected in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. This vulnerability affects unknown code of the file /index.php?action=viewstudent of the component POST Handler. The manipulation of the argument ID leads to authorization...

5.3CVSS0.00223EPSS
Exploits0References5
NVD
NVD
added 2026/07/03 7:16 p.m.10 views

CVE-2026-14604

A vulnerability was determined in Open Asset Import Library Assimp up to 6.0.4. Affected is the function Assimp::Exporter::ExportToBlob of the file code/AssetLib/Ply/PlyLoader.cpp of the component PLY Model Handler. This manipulation causes double free. The attack can be initiated remotely. The...

6.5CVSS0.00233EPSS
Exploits0References6
NVD
NVD
added 2026/06/29 3:16 a.m.10 views

CVE-2026-13524

A security vulnerability has been detected in CherryHQ cherry-studio up to 1.9.6. This vulnerability affects unknown code of the file src/main/services/mcp/oauth/callback.ts of the component MCP OAuth Local Callback Server. The manipulation of the argument code leads to improper authorization. Th...

6.3CVSS0.00264EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/06/29 1:45 a.m.9 views

CVE-2026-13524

A security vulnerability has been detected in CherryHQ cherry-studio up to 1.9.6. This vulnerability affects unknown code of the file src/main/services/mcp/oauth/callback.ts of the component MCP OAuth Local Callback Server. The manipulation of the argument code leads to improper authorization. Th...

6.3CVSS5.7AI score0.00264EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2026/06/28 12:45 p.m.34 views

CVE-2026-13497 itsourcecode Hospital Management System appointment.php sql injection

A vulnerability was determined in itsourcecode Hospital Management System 1.0. The impacted element is an unknown function of the file /appointment.php. This manipulation of the argument editid causes sql injection. The attack can be initiated remotely. The exploit has been publicly disclosed and...

6.5CVSS0.00204EPSS
Exploits0References6
Rows per page
Query Builder