Lucene search
K

88964 matches found

Vulnrichment
Vulnrichment
added 2026/06/10 3:15 a.m.8 views

CVE-2026-26239 File Station 5

A buffer overflow vulnerability has been reported to affect File Station 5. If a remote attacker gains a user account, they can then exploit the vulnerability to modify memory or crash processes. We have already fixed the vulnerability in the following version: File Station 5 5.5.6.5208 and later...

8.7CVSS5.8AI score0.00292EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/10 3:8 a.m.15 views

EUVD-2026-35975

A NULL pointer dereference vulnerability has been reported to affect several QNAP operating system versions. If a remote attacker gains an administrator account, they can then exploit the vulnerability to launch a denial-of-service DoS attack. We have already fixed the vulnerability in the...

5.1CVSS5.5AI score0.00331EPSS
Exploits0References1
CVE
CVE
added 2026/06/10 3:7 a.m.35 views

CVE-2026-22899

The CVE-2026-22899 entry describes a NULL pointer dereference in File Station 6 that can be triggered remotely by an authenticated user to cause a DoS. Affected software: File Station 6 (specific versions affected not explicitly listed beyond the fixed release). Underlying cause: NULL pointer der...

6.5CVSS5.5AI score0.0028EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2026/06/10 2:59 a.m.10 views

CVE-2026-11620

A security flaw has been discovered in TOTOLINK EX200 4.0.3c.7646. This affects an unknown function of the file /etc/vsftpd.conf of the component vsftpd. The manipulation results in least privilege violation. It is possible to launch the attack remotely. The exploit has been released to the publi...

6.9CVSS5.5AI score0.00285EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.12 views

QNAP qts 异常处理不当漏洞

QNAP Systems QTS and QNAP Systems QuTS hero are software products with data storage and management functions developed by QNAP Systems, a company based in Taiwan, China. There are code-related vulnerabilities in QNAP Systems QTS and QNAP Systems QuTS hero, which stem from null pointer...

7.2CVSS5.9AI score0.00331EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/10 12:0 a.m.13 views

PT-2026-48385

Name of the Vulnerable Software and Affected Versions Dahua products affected versions not specified Description An unauthenticated remote attacker can send a specially crafted packet to trigger an exception, causing the system to reboot unexpectedly and resulting in a denial of service a conditi...

8.7CVSS5.5AI score0.00395EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/10 12:0 a.m.8 views

EulerOS 2.0 SP13 : gdk-pixbuf2 (EulerOS-SA-2026-2287)

According to the versions of the gdk-pixbuf2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in the gdk-pixbuf library. This heap-based buffer overflow vulnerability occurs in the JPEG image loader due to improper...

7.5CVSS7.5AI score0.01069EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/06/10 12:0 a.m.7 views

EulerOS 2.0 SP13 : gdk-pixbuf2 (EulerOS-SA-2026-2330)

According to the versions of the gdk-pixbuf2 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : A flaw was found in the gdk-pixbuf library. This heap-based buffer overflow vulnerability occurs in the JPEG image loader due to improper...

7.5CVSS7.5AI score0.01069EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2026/06/09 8:59 p.m.11 views

CVE-2026-11534

A vulnerability was detected in imvks786 studentmanagementsystem up to 9599b560ad3c3b83e75d328b76bedcd489ef1f46. Affected by this issue is some unknown functionality of the file /add.php. The manipulation of the argument name/address/fname results in cross site scripting. It is possible to launch...

5.1CVSS4AI score0.00199EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/09 8:59 p.m.14 views

CVE-2026-11533

A security vulnerability has been detected in imvks786 studentmanagementsystem up to 9599b560ad3c3b83e75d328b76bedcd489ef1f46. Affected by this vulnerability is an unknown functionality of the file /see.php of the component Student Deletion Endpoint. The manipulation of the argument del leads to...

5.5CVSS5.5AI score0.0023EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/09 6:30 p.m.10 views

EUVD-2026-35692

Stack-based buffer overflow in Active Directory Domain Services allows an authorized attacker to execute code over a network...

8.8CVSS6AI score0.01124EPSS
Exploits0References2
AlpineLinux
AlpineLinux
added 2026/06/09 4:3 p.m.12 views

CVE-2026-34183

Issue summary: Remote peer may exhaust heap memory of the QUIC server or client by flooding it with packets containing PATHCHALLENGE frames. Impact summary: A malicious remote peer can cause an unbounded memory allocation which can lead to an abnormal termination of the application acting as a QU...

7.5CVSS5.5AI score0.00511EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/09 2:59 p.m.12 views

CVE-2026-11514

A flaw has been found in itsourcecode Hospital Management System 1.0. The affected element is an unknown function of the file /addpatient.php. This manipulation of the argument admissiontme causes sql injection. The attack may be initiated remotely. The exploit has been published and may be used...

6.5CVSS5.4AI score0.002EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/09 2:59 p.m.11 views

CVE-2026-11512

A security vulnerability has been detected in itsourcecode Hospital Management System 1.0. This issue affects some unknown processing of the file /billing.php. The manipulation of the argument patientid leads to cross site scripting. The attack can be initiated remotely. The exploit has been...

5.3CVSS3.8AI score0.00273EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/09 2:59 p.m.12 views

CVE-2026-11502

A weakness has been identified in JeecgBoot up to 3.9.2. Impacted is the function HttpServletResponse.sendRedirect of the file jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/ThirdLoginController.java of the component Third-Party Login. This manipulation of...

3.1CVSS4.7AI score0.0025EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/09 2:59 p.m.11 views

CVE-2026-11501

A security flaw has been discovered in SourceCodester Hospitals Patient Records Management System 1.0. This issue affects some unknown processing of the file /classes/Master.php?f=savepatient. The manipulation of the argument ID results in sql injection. It is possible to launch the attack...

7.5CVSS5.4AI score0.00263EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/09 6:1 a.m.11 views

EUVD-2026-35348

A remote, unauthenticated attacker can trigger memory corruption in Zephyr's HTTP server WebSocket upgrade path by sending a crafted Sec-WebSocket-Key header. The HTTP/1 header parser copies the header into a fixed-size buffer using a bounded copy that does not guarantee NUL termination when the...

9.8CVSS5.9AI score0.00498EPSS
Exploits1References1
NVD
NVD
added 2026/06/09 3:16 a.m.18 views

CVE-2026-11621

A weakness has been identified in Dcat-Admin up to 2.2.3-beta. This impacts the function editorMDUpload of the file /admin/dcat-api/editor-md/upload of the component User Setting Page. This manipulation of the argument editormd-image-file causes unrestricted upload. The attack can be initiated...

5.8CVSS0.00218EPSS
Exploits0References5
CVE
CVE
added 2026/06/09 2:45 a.m.41 views

CVE-2026-11620

CVE-2026-11620 affects TOTOLINK EX200 firmware 4.0.3c.7646, via the vsftpd component and manipulation of /etc/vsftpd.conf, causing a least-privilege violation that can be exploited remotely. The exploit is public. The exact root cause, affected subcomponents, and remediation details are not fully...

6.9CVSS5.6AI score0.00285EPSS
Exploits0References6
CVE
CVE
added 2026/06/09 2:30 a.m.34 views

CVE-2026-11619

Dolibarr ERP CRM up to 23.0.2 is affected by a vulnerability in the Legacy Filemanager component (file: htdocs/core/filemanagerdol/connectors/php/config.inc.php) that leads to improper authorization. Attack can be initiated remotely; a public exploit is available. Remedy: upgrade to 23.0.3 (patch...

6.5CVSS6.1AI score0.00209EPSS
Exploits0References6
Rows per page
Query Builder