PT-2026-47291

Name of the Vulnerable Software and Affected Versions UTT HiPER 2610G versions prior to 3.0.0-171107 Description A remote buffer overflow can occur due to the use of the strcpy function within the /goform/formConfigDnsFilterGlobal file. This issue is triggered by manipulating the GroupName...

PT-2026-47280

A vulnerability was detected in itsourcecode Hospital Management System 1.0. Impacted is an unknown function of the file /adminaccount.php. The manipulation of the argument Date results in sql injection. The attack can be launched remotely. The exploit is now public and may be used...

Keycloak 安全漏洞

Keycloak is an open-source identity and access management solution developed by Keycloak. There is a security vulnerability in Keycloak. This vulnerability stems from improper access control in the POST /admin/realms/realm/partialImport endpoint, which may allow limited administrators to bypass...

itsourcecode Hospital Management System 注入漏洞

itsourcecode Hospital Management System is an open-source hospital management system developed by itsourcecode. Version 1.0 of itsourcecode Hospital Management System has a vulnerability related to parameter handling in the file/adminaccount.php, which may lead to SQL injection attacks. Attackers...

D-Link DGS-1100-08PD 安全漏洞

The D-Link DGS-1100-08PD is an 8-port Gigabit intelligent management switch from D-Link Corporation. Version 1.00.006 of the D-Link DGS-1100-08PD contains a security vulnerability. This vulnerability stems from improper handling of the /etc/boa.conf file within the Web Interface component, which...

Tenda CX12L 缓冲区错误漏洞

The Tenda CX12L is a home-use wireless router device from the Chinese company Tenda. The version 16.03.53.12 of the Tenda CX12L contains a buffer error vulnerability. This vulnerability stems from the setSchedWifi function in the Wi-Fi Schedule Configuration Endpoint component...

OpenBullet2 安全漏洞

OpenBullet2 is a cross-platform automated testing and data scraping tool developed by the OpenBullet team. Versions of OpenBullet2 prior to 0.3.2 have security vulnerabilities on Windows. These vulnerabilities stem from credential exposure, and it is possible for remote attackers to exploit them ...

student_management_system 注入漏洞

studentmanagementsystem is a student information management tool personally developed by Vivek Singh. There is an injection vulnerability in studentmanagementsystem. This vulnerability stems from improper handling of parameters ausr/apwd by an unknown function in the Administrator Login Endpoint...

Tenda多款产品 缓冲区错误漏洞

Tenda HG10, etc., are products of the Chinese company Tenda. The Tenda HG10 is a fiber-optic router. The Tenda HG9 is a WiFi router. The Tenda HG7 is a dual-band Wi-Fi fiber network terminal device. Several Tenda products have a buffer error vulnerability. This vulnerability stems from improper...

Tenda W20E 缓冲区错误漏洞

The Tenda W20E is a router produced by the Chinese company Tenda. The version 15.11.0.6 of the Tenda W20E contains a buffer overflow vulnerability. This vulnerability stems from the operation of the formSetPortMirror function in the goform/setPortMirror file, specifically regarding the parameter...

student_management_system 安全漏洞

studentmanagementsystem is a student information management tool personally developed by Vivek Singh. There is a security vulnerability in studentmanagementsystem, which stems from an unknown function in the Student Deletion Endpoint component’s /see.php file. Improper handling of the 'del'...

CodeAstro Payroll System 注入漏洞

The CodeAstro Payroll System is a payroll system developed by CodeAstro Corporation. Version 1.0 of the CodeAstro Payroll System has a SQL injection vulnerability. This vulnerability arises from improper handling of the parameter ID in the/viewaccount.php file, which may lead to SQL injection...

UTT HiPER 2610G 缓冲区错误漏洞

UTT HiPER 2610G is a high-end router designed for small and medium-sized enterprise networks by UTT Corporation. Versions of UTT HiPER 2610G 3.0.0-171107 and earlier contain a buffer overflow vulnerability. This vulnerability stems from the strcpy function in the file/goform/formNatStaticMap, whi...

CodeAstro Leave Management System 注入漏洞

The CodeAstro Leave Management System is a leave management system developed by CodeAstro Inc. Version 1.0 of the CodeAstro Leave Management System has a SQL injection vulnerability, which stems from the handling of the typeofleave parameter in the file/admin/addleave.php. Attackers can launch...

PT-2026-47203

A vulnerability was found in SourceCodester Class and Exam Timetabling System 1.0. The impacted element is an unknown function of the file /index2.php. The manipulation of the argument Password results in sql injection. It is possible to launch the attack remotely. The exploit has been made publi...

ROS-20260608-73-0005

The vulnerability of the .NET software platform lies in the execution of a loop with an exit condition that is not met. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

ROS-20260608-73-0021

The vulnerability of the .NET software platform is related to the lack of measures taken to neutralize special elements. Exploiting this vulnerability allows a remote attacker to perform spear-phishing attacks...

PT-2026-47456

Name of the Vulnerable Software and Affected Versions Google Chrome versions prior to 149.0.7827.103 Description A use after free issue exists in the File Input component. This allows a remote attacker to potentially exploit heap corruption, which occurs when a program continues to use a pointer...

PT-2026-47485

Name of the Vulnerable Software and Affected Versions Google Chrome on Linux versions prior to 149.0.7827.103 Description An integer overflow in the UI allows a remote attacker to potentially perform a sandbox escape by using a crafted HTML page. A sandbox escape is a technique used to break out ...

CVE-2026-11469

A flaw has been found in jishenghua jshERP up to 3.6. Impacted is the function insertPlatformConfig of the file jshERP-boot/src/main/java/com/jsh/erp/service/PlatformConfigService.java of the component platformConfig Add Endpoint. Executing a manipulation of the argument platformValue can lead to...