Lucene search
K

1124 matches found

CVE
CVE
added 2026/04/05 1:45 a.m.18 views

CVE-2026-5534

CVE-2026-5534 affects the itsourcecode Online Enrollment System 1.0. The vulnerability is in an unknown function of the component Parameter Handler, specifically the file /sms/user/index.php?view=edit&id=10, where manipulation of the USERID parameter leads to SQL injection. It can be exploited re...

7.5CVSS6.9AI score0.00259EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/04/05 12:0 a.m.9 views

PT-2026-30409

A vulnerability was detected in QingdaoU OnlineJudge up to 1.6.1. Affected by this issue is the function service url of the file JudgeServer.service url of the component judge server heartbeat Endpoint. The manipulation results in server-side request forgery. It is possible to launch the attack...

6.5CVSS5.6AI score0.00206EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/03/26 3:18 p.m.3 views

CVE-2026-3229

An integer overflow vulnerability existed in the static function wolfssladdtochain, that caused heap corruption when certificate data was written out of bounds of an insufficiently sized certificate buffer. wolfssladdtochain is called by these API: wolfSSLCTXaddextrachaincert,...

5.5CVSS5.9AI score0.00064EPSS
Exploits0References1
NVD
NVD
added 2026/03/26 8:16 a.m.7 views

CVE-2026-4849

A vulnerability was identified in code-projects Simple Laundry System 1.0. This impacts an unknown function of the file /modify.php of the component Parameter Handler. The manipulation of the argument firstName leads to cross site scripting. The attack may be initiated remotely. The exploit is...

6.1CVSS0.0027EPSS
Exploits1References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/26 12:52 a.m.8 views

Malicious code in @solana-ipfs/sdk (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 767b9130ad69548a70a52f86dfe12ae295731bb407cba85504eb9e02c56d64a3 The package @solana-ipfs/sdk was found to contain malicious code. Source: ghsa-malware 980d6b7d6391f5f58861078fac68f9222d3365190f1482debece7ae55b0170...

5.8AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/26 12:0 a.m.8 views

PT-2026-28663

Name of the Vulnerable Software and Affected Versions code-projects Online Food Ordering System version 1.0 Description A security issue exists in code-projects Online Food Ordering System 1.0, specifically within an unknown functionality of the /dbfood/food.php file. Manipulation of the cuisines...

4.8CVSS4.4AI score0.00293EPSS
Exploits0References7
OSV
OSV
added 2026/03/20 4:47 a.m.4 views

MAL-2026-1945 Malicious code in cryptopapi (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8115fdc278d0fa50691d9381670d65784c4e58c7350c6f039f4cc48900003832 The package cryptopapi was found to contain malicious code. Source: ghsa-malware 36add754a3a299e4d93abe760b631b4a294d017297d11825b1fc1e2363030172 Any...

5.7AI score
Exploits0References1
CVE
CVE
added 2026/03/20 2:43 a.m.25 views

CVE-2026-32937

This CVE affects free5GC CHF prior to v1.2.2, where an out-of-bounds slice access in nchf-convergedcharging RechargePut(...) can be triggered by an authenticated PUT to /nchf-convergedcharging/v3/recharging/:ueId?ratingGroup=.... The result is a server-side panic converted to HTTP 500 by Gin, ena...

7.1CVSS5.8AI score0.00404EPSS
Exploits0References4Affected Software1
EUVD
EUVD
added 2026/03/19 9:30 p.m.9 views

EUVD-2026-13208

An integer overflow vulnerability existed in the static function wolfssladdtochain, that caused heap corruption when certificate data was written out of bounds of an insufficiently sized certificate buffer. wolfssladdtochain is called by these API: wolfSSLCTXaddextrachaincert,...

2.1CVSS5.9AI score0.00064EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/19 9:7 p.m.4 views

CVE-2026-3229 Integer Overflow in Certificate Chain Allocation

An integer overflow vulnerability existed in the static function wolfssladdtochain, that caused heap corruption when certificate data was written out of bounds of an insufficiently sized certificate buffer. wolfssladdtochain is called by these API: wolfSSLCTXaddextrachaincert,...

2.1CVSS5.9AI score0.00064EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/19 9:7 p.m.25 views

CVE-2026-3229 Integer Overflow in Certificate Chain Allocation

An integer overflow vulnerability existed in the static function wolfssladdtochain, that caused heap corruption when certificate data was written out of bounds of an insufficiently sized certificate buffer. wolfssladdtochain is called by these API: wolfSSLCTXaddextrachaincert,...

2.1CVSS0.00064EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2026/03/19 9:7 p.m.3 views

CVE-2026-3229

An integer overflow vulnerability existed in the static function wolfssladdtochain, that caused heap corruption when certificate data was written out of bounds of an insufficiently sized certificate buffer. wolfssladdtochain is called by these API: wolfSSLCTXaddextrachaincert,...

5.5CVSS5.6AI score0.00064EPSS
Exploits0
EUVD
EUVD
added 2026/03/16 3:30 p.m.4 views

EUVD-2026-12376

A vulnerability was found in vanna-ai vanna up to 2.0.2. Affected by this vulnerability is the function updatesql/runsql of the file src/vanna/legacy/flask/init.py of the component Endpoint. Performing a manipulation results in server-side request forgery. The attack may be initiated remotely. Th...

7.5CVSS5.3AI score0.00278EPSS
Exploits0References5
EUVD
EUVD
added 2026/03/16 3:30 p.m.7 views

EUVD-2026-12427

A vulnerability has been found in itsourcecode College Management System 1.0. This issue affects some unknown processing of the file /admin/courses.php. The manipulation of the argument coursecode leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclos...

5.8CVSS5.7AI score0.00202EPSS
Exploits0References6
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/16 12:0 a.m.5 views

Malicious code in syntax-do-expressions (npm)

The package 'syntax-do-expressions' is part of the PhantomRaven supply chain attack campaign Wave 3. It uses a Remote Dynamic Dependency RDD technique: the published package appears benign but includes a URL-based dependency in package.json pointing to an attacker-controlled C2 server...

5.5AI score
Exploits0References3
OSV
OSV
added 2026/03/13 9:39 p.m.5 views

CVE-2026-32724 PX4 autopilot has a heap Use-After-Free in MavlinkShell::available() via SERIAL_CONTROL Race Condition

PX4 autopilot is a flight control solution for drones. Prior to 1.17.0-rc1, a heap-use-after-free is detected in the MavlinkShell::available function. The issue is caused by a race condition between the MAVLink receiver thread which handles shell creation/destruction and the telemetry sender thre...

5.3CVSS5.8AI score0.00251EPSS
Exploits1References3
EUVD
EUVD
added 2026/03/08 9:30 p.m.5 views

EUVD-2026-10269

A security flaw has been discovered in SourceCodester Web-based Pharmacy Product Management System 1.0. This impacts an unknown function of the file edit-profile.php. Performing a manipulation of the argument fullname results in cross site scripting. The attack may be initiated remotely. The...

5.1CVSS4.3AI score0.0021EPSS
Exploits1References6
Cvelist
Cvelist
added 2026/03/08 1:2 p.m.36 views

CVE-2026-3735 code-projects Simple Flight Ticket Booking System SearchResultOneway.php sql injection

A vulnerability has been found in code-projects Simple Flight Ticket Booking System 1.0. Affected by this vulnerability is an unknown functionality of the file SearchResultOneway.php. Such manipulation of the argument from leads to sql injection. The attack can be launched remotely. The exploit h...

7.5CVSS0.00345EPSS
Exploits1References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/06 2:26 p.m.12 views

Malicious code in test-mal-npm-pkg-local (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e75a0b0eec22915db4ca63da2987beda61280504b532ef780e81b26d53e11d8e The package test-mal-npm-pkg-local was found to contain malicious code. Source: ghsa-malware...

5.7AI score
Exploits0References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/03 6:39 a.m.9 views

Malicious code in selfbot-lofy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector ef24f8180f463b198ff4fea466684c4439a31102aead233f8faa51b587ac0bb9 The package selfbot-lofy was found to contain malicious code. Source: ghsa-malware 1af8492fa4885fa5b969d5ef3947595dffa2f959bb4e1de73b9ca504dec215a8 A...

5.7AI score
Exploits0References1
Rows per page
Query Builder