EUVD-2026-34180

Cross Site Scripting vulnerability in MaxSite CMS v.109.2 allows a remote attacker to obtain sensitive information via the Backend page file upload endpoint used by adminpage...

CyberPower < v2.8.3 - SQL Injection

A sql injection vulnerability exists in CyberPower PowerPanel Enterprise prior to . id: CVE-2024-32736 info: name: CyberPower PDNU" tags: cve,cve2024,cyberpower,sqli,vkev,vuln http: - method: GET path: - "BaseURL/api/v1/confup?mode=&uid=1'%20UNION%20select%201,2,3,4,sqliteversion;--"...

Mitel MiCollab - Information Disclosure & Denial of Service

Mitel MiCollab before 9.4 SP1 FP1 and MiVoice Business Express through 8.1 contain a vulnerability in the TP-240 component caused by improper handling, letting remote attackers obtain sensitive information and cause denial of service, exploit requires remote access. id: CVE-2022-26143 info: name:...

PUB-A-476132502

In ImsMediaBitReader::ReadByteBuffer, there is a possible OOB read due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation...

PUB-A-479203197

In RtcpChunk::decodeRtcpChunk, there is a possible out of bounds read due to a heap buffer overflow. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation...

PUB-A-481287452

In RtcpByePacket::decodeByePacket, there is a possible due to a missing bounds check. This could lead to remote information disclosure with no additional execution privileges needed. User interaction is needed for exploitation...

Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : Memcached vulnerabilities (USN-8320-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-8320-1 advisory. It was discovered that Memcached's SASL password database authentication had a timing side channel when handling username...

CVE-2026-9912

Inappropriate implementation in GPU in Google Chrome on Android prior to 148.0.7778.216 allowed a remote attacker to obtain potentially sensitive information from process memory via a crafted HTML page. Chromium security severity: High...

Linux kernel 安全漏洞

The Linux kernel is the kernel used by the Linux operating system developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from the RDMA rxe driver not rejecting non-8-byte AtomicWrite payloads, potentially leading to remote...

IBM Security Directory Integrator 安全漏洞

IBM Security Directory Integrator is an integrated development environment and runtime service provided by the American multinational company International Business Machines IBM. Vulnerabilities exist in versions 7.2.0.0.0 to 7.2.0.14.0.0.0, as well as in versions 10.0.0.0.0 to 10.0.0.2.0.0.0, du...

CVE-2026-9583 SourceCodester CET Automated Grading System with AI Predictive Analytics SQL index.php information exposure

A weakness has been identified in SourceCodester CET Automated Grading System with AI Predictive Analytics 1.0. This impacts an unknown function of the file /index.php of the component SQL Handler. Executing a manipulation can lead to information exposure through error message. The attack may be...

Linux Distros Unpatched Vulnerability : CVE-2026-9122

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Out of bounds read in GPU in Google Chrome on Mac prior to 148.0.7778.179 allowed a remote attacker to obtain potentially sensitive information from process...

Netatalk 缓冲区错误漏洞

Netatalk is an open-source software developed by Netatalk. It provides AFP file server functionality for Classic Mac OS and macOS on Unix-like operating systems. Versions 2.1.0 to 4.4.2 of Netatalk contain a buffer error vulnerability. This vulnerability stems from excessive heap reading during t...

CVE-2026-39079

An issue in prestashop upsshipping all versions through at least 2.4.0 allows a remote attacker to obtain sensitive information via the /modules/upsshipping/logs/, and /modules/upsshipping/lib/UPSBaseApi.php components...

CVE-2026-39079

CVE-2026-39079 affects Prestashop Upsshipping (all versions through at least 2.4.0) and enables an attacker to access sensitive information via the /modules/upsshipping/logs/ and /modules/upsshipping/lib/UPSBaseApi.php components. The provided sources do not specify the exact root cause or exploi...

CVE-2026-7864

SEPPmail Secure Email Gateway before version 15.0.4 exposes server environment variables through an unauthenticated endpoint in the new GINA UI, allowing remote attackers to obtain sensitive system information...

Unity Linux 20.1060e / 20.1070e Security Update: linuxptp (UTSA-2026-017433)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017433 advisory. A flaw was found in the ptp4l program of the linuxptp package. A missing length check when forwarding a PTP message between ports allows a remote attacker to cause a...

PT-2026-38962

Name of the Vulnerable Software and Affected Versions SEPPmail Secure Email Gateway versions prior to 15.0.4 Description An unauthenticated endpoint in the new GINA UI exposes server environment variables, which allows remote attackers to obtain sensitive system information. Recommendations Updat...

CVE-2026-8028

A vulnerability was detected in FlowiseAI Flowise up to 3.0.12. This affects the function verify of the file packages/server/src/enterprise/services/account.service.ts of the component Endpoint. Performing a manipulation results in information disclosure. Remote exploitation of the attack is...

PT-2026-37641

A vulnerability was detected in FlowiseAI Flowise up to 3.0.12. This affects the function verify of the file packages/server/src/enterprise/services/account.service.ts of the component Endpoint. Performing a manipulation results in information disclosure. Remote exploitation of the attack is...