EUVD-2026-13565

A security flaw has been discovered in itsourcecode Online Frozen Foods Ordering System 1.0. Affected by this issue is some unknown functionality of the file /admin/admineditmenu.php. Performing a manipulation of the argument productname results in sql injection. It is possible to initiate the...

CVE-2026-4474

The CVE-2026-4474 entry concerns itsourcecode University Management System 1.0. The vulnerability lies in the admin_single_student_update.php function, where manipulation of the st_name argument enables cross-site scripting (XSS). The attack can be initiated remotely and exploit code has been pub...

CVE-2026-4471 itsourcecode Online Frozen Foods Ordering System admin_edit_employee.php sql injection

A weakness has been identified in itsourcecode Online Frozen Foods Ordering System 1.0. This affects an unknown part of the file /admin/admineditemployee.php. Executing a manipulation of the argument FirstName can lead to sql injection. It is possible to launch the attack remotely. The exploit ha...

CVE-2026-4469

A vulnerability was identified in itsourcecode Online Frozen Foods Ordering System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/admineditmenuaction.php. Such manipulation of the argument productname leads to sql injection. The attack may be performed from...

CVE-2026-4457

Type Confusion in V8 in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2026-4465 D-Link DIR-513 formSysCmd os command injection

A flaw has been found in D-Link DIR-513 1.10. The impacted element is an unknown function of the file /goform/formSysCmd. Executing a manipulation of the argument sysCmd can lead to os command injection. The attack may be launched remotely. The exploit has been published and may be used. This...

CVE-2026-4459

Out of bounds read and write in WebAudio in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2026-4457

Type Confusion in V8 in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

CVE-2026-4444

Stack buffer overflow in WebRTC in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit stack corruption via a crafted HTML page. Chromium security severity: High...

EUVD-2026-13449

Use after free in Base in Google Chrome prior to 146.0.7680.153 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Critical...

SUSE CVE-2026-4424

A flaw was found in libarchive. This heap out-of-bounds read vulnerability exists in the RAR archive processing logic due to improper validation of the LZSS sliding window size after transitions between compression methods. A remote attacker can exploit this by providing a specially crafted RAR...

PT-2026-26563

A weakness has been identified in itsourcecode Online Frozen Foods Ordering System 1.0. This affects an unknown part of the file /admin/admin edit employee.php. Executing a manipulation of the argument First Name can lead to sql injection. It is possible to launch the attack remotely. The exploit...

Google Chrome 安全漏洞

Google Chrome is a web browser developed by Google Inc. Versions of Google Chrome prior to 146.0.7680.153 contained a security vulnerability. This vulnerability stemmed from the Digital Credentials API allowing for reusing of resources after release, which could enable remote attackers to execute...

CVE-2026-33040

libp2p-rust is the official rust language Implementation of the libp2p networking stack. In versions prior to 0.49.3, the Gossipsub implementation accepts attacker-controlled PRUNE backoff values and may perform unchecked time arithmetic when storing backoff state. A specially crafted PRUNE contr...

ROS-20260319-73-0020

A vulnerability in the yuv2ya16Xctemplate function of the libswscale/output.c component of the FFmpeg multimedia library is related to integer overflow. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service...

Microsoft .NET 安全漏洞

Microsoft .NET is a software framework developed by Microsoft Corporation in the United States, dedicated to agile software development, rapid application development, platform independence, and network transparency. Versions of Microsoft .NET prior to 8.0 8.0.22 and .9.0 9.0.11 contained securit...

ROS-20260319-73-0009

A vulnerability in the outfile plugin of the Fluent Bit logging tool is related to an incorrect directory path name restriction. Exploitation of the vulnerability could allow an attacker acting remotely to write an arbitrary file outside the target directory...

CVE-2026-30694

CVE-2026-30694 affects DedeCMS up to v5.7.118 (and earlier). The issue is a vulnerability in the array_filter component that could allow a remote attacker to execute arbitrary code. The CVE’s metrics indicate a high-impact, remote, no-auth Exploit with a 9.8 AV/AC/PR/UI/S/C/I/A profile. Connected...

libarchive 缓冲区错误漏洞

Libarchive is an open-source multi-format archiving and compression library developed by Libarchive. Libarchive has a buffer error vulnerability, which stems from heap out-of-bounds reads in the RAR archiving processing logic. Improper validation of the LZSS sliding window size after the...

free5GC AUSF UE Authentication Panic on Nil SuciSupiMap Interface Conversion

Impact This is an Improper Null Check vulnerability leading to Denial of Service. - Security Impact: A remote attacker can cause the AUSF service to panic and crash by sending a crafted UE authentication request that triggers a nil interface conversion in the GetSupiFromSuciSupiMap function. This...