PT-2026-42805

Buffer Overflow vulnerability in Easy Chat Server 3.1 allows a remote attacker to obtain sensitive information and execute arbitrary code via the chat message functionality...

PT-2026-42742

A SQL injection vulnerability has been identified in STER. Improper neutralization of input provided by user into multiple Search Filters allows for SQL Injection attacks. It allows an authenticated attacker to view sensitive data such as data belonging to other users, or any other data that the...

CVE-2026-36228

CVE-2026-36228 affects Easy Chat Server 3.1 in the chat message handling (mtowho field). The description states a buffer overflow that can allow a remote attacker to obtain sensitive information and execute arbitrary code; a linked exploit PoC and mirrors indicate a remote DoS condition via overs...

EUVD-2026-31474

Cross Site Scripting vulnerability in Advantech WebAccess/SCADA 8.0-2015.08.16 allows a remote attacker to obtain sensitive information via the decryption field in the Create New Project User component...

PT-2026-42758

Name of the Vulnerable Software and Affected Versions Dell PowerFlex Manager versions prior to 4.6.3 Description An insecure storage of sensitive information allows an unauthenticated attacker with local access to potentially gain unauthorized access to sensitive data. Recommendations Update to a...

PT-2026-42762

Name of the Vulnerable Software and Affected Versions Avantra versions prior to 25.3.0 Description An issue in syslink software AG Avantra on Linux and Windows allows the insertion of sensitive information into log files, leading to Resource Leak Exposure, which occurs when a system fails to...

EUVD-2026-31472

Buffer Overflow vulnerability in Easy Chat Server 3.1 allows a remote attacker to obtain sensitive information and execute arbitrary code via the chat message functionality...

CVE-2026-36228

Buffer Overflow vulnerability in Easy Chat Server 3.1 allows a remote attacker to obtain sensitive information and execute arbitrary code via the chat message functionality...

CVE-2026-36228

Buffer Overflow vulnerability in Easy Chat Server 3.1 allows a remote attacker to obtain sensitive information and execute arbitrary code via the chat message functionality...

EUVD-2026-31473

Directory Traversal vulnerability in Easy Chat Server 3.1 allows a remote attacker to obtain sensitive information and execute arbitrary code via the UserName parameter...

CVE-2026-21836

The HCL DominoIQ RAG feature is affected by a Broken Access Control vulnerability. Under certain circumstances, document level access restrictions will be ignored when determining what data to return from an AI query. This could enable an authenticated attacker to view sensitive data...

EUVD-2026-31324

Open ISES Tickets before 3.44.2 contains hardcoded MySQL database connection credentials host, username, password, database name in importmdb.php. The credentials are embedded in source code committed to the public repository, allowing any reader of the source to obtain valid configuration values...

kernel: Read root-owned files as an unprivileged user

A vulnerability was found in the Linux kernel that allows an unprivileged local user to read sensitive files normally restricted to the root user. The flaw occurs during process exit, where a brief window allows an attacker to intercept file access from a privileged process before it fully...

kernel: Read root-owned files as an unprivileged user

A vulnerability was found in the Linux kernel that allows an unprivileged local user to read sensitive files normally restricted to the root user. The flaw occurs during process exit, where a brief window allows an attacker to intercept file access from a privileged process before it fully...

CVE-2026-27349

Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in WPFunnels Team Mail Mint allows Retrieve Embedded Sensitive Data. This issue affects Mail Mint: from n/a through 1.19.5...

CVE-2026-5434

...

CVE-2026-5434

Affected product : Honeywell Control Network Module (CNM). Vulnerability : Insertion of sensitive information into an unintended directory, potentially allowing an attacker to access protected data by probing system files. Impact : Unintended data exposure due to directory traversal-like weakness...

CVE-2026-5434

...

EUVD-2026-31251

Honeywell Control Network Module CNM contains insertion of sensitive information into an unintended directory. An attacker could exploit this vulnerability through probing system files, potentially resulting in unintended access to protected data...

CVE-2026-5434

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...