276243 matches found
CVE-2026-0538 GIF File Parsing Out-of-Bounds Write
A maliciously crafted GIF file, when parsed through Autodesk 3ds Max, can force an Out-of-Bounds Write vulnerability. A malicious actor can leverage this vulnerability to execute arbitrary code in the context of the current process...
CVE-2026-20119
A vulnerability in the text rendering subsystem of Cisco TelePresence Collaboration Endpoint CE Software and Cisco RoomOS Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to insufficient validation...
CVE-2026-20119 Cisco TelePresence Collaboration Endpoint Software and RoomOS Software Denial of Service Vulnerability
A vulnerability in the text rendering subsystem of Cisco TelePresence Collaboration Endpoint CE Software and Cisco RoomOS Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to insufficient validation...
CVE-2026-20119
CVE-2026-20119 affects Cisco TelePresence Collaboration Endpoint Software and Cisco RoomOS Software. A vulnerability in the text rendering subsystem due to insufficient input validation lets unauthenticated remote attackers cause a DoS by rendering crafted text (e.g., a meeting invitation), poten...
CVE-2026-20119 Cisco TelePresence Collaboration Endpoint Software and RoomOS Software Denial of Service Vulnerability
A vulnerability in the text rendering subsystem of Cisco TelePresence Collaboration Endpoint CE Software and Cisco RoomOS Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to insufficient validation...
EUVD-2026-5422
A vulnerability in the text rendering subsystem of Cisco TelePresence Collaboration Endpoint CE Software and Cisco RoomOS Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to insufficient validation...
Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure Open Redirect Vulnerability
A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager EPNM and Cisco Prime Infrastructure could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerability is due to improper input validation of the...
Cisco Prime Infrastructure Stored Cross-Site Scripting Vulnerability
A vulnerability in the web-based management interface of Cisco Prime Infrastructure could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against users of the interface of an affected system. This vulnerability exists because the web-based management...
Cisco TelePresence Collaboration Endpoint Software and RoomOS Software Denial of Service Vulnerability
A vulnerability in the text rendering subsystem of Cisco TelePresence Collaboration Endpoint CE Software and Cisco RoomOS Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on an affected device. This vulnerability is due to insufficient validation...
CVE-2025-5329
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Martcode Software Inc. Delta Course Automation allows SQL Injection. This issue affects Delta Course Automation: through 04022026. NOTE: The vendor was contacted early about this disclosure but did...
CVE-2025-5329 SQLi in Martcode Software's Delta Course Automation
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Martcode Software Inc. Delta Course Automation allows SQL Injection. This issue affects Delta Course Automation: through 04022026. NOTE: The vendor was contacted early about this disclosure but did...
CVE-2025-5329 SQLi in Martcode Software's Delta Course Automation
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Martcode Software Inc. Delta Course Automation allows SQL Injection. This issue affects Delta Course Automation: through 04022026. NOTE: The vendor was contacted early about this disclosure but did...
CVE-2025-5329
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Martcode Software Inc. Delta Course Automation allows SQL Injection. This issue affects Delta Course Automation: through 04022026. NOTE: The vendor was contacted early about this disclosure but did...
CVE-2025-41065
Stored Cross-Site Scripting XSS vulnerability type in LUNA software v7.5.5.6. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by inyecting a malicious payload through the 'Edit Batch Name' function. THe payload is stored by the application and subsequently...
CVE-2025-11598
In mObywatel iOS application an unauthorized user can use the App Switcher to view the account owner's personal information in the minimized app window, even after the login session has ended reopening the app would require the user to log in. The data exposed depends on the last application view...
CVE-2025-6397
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Ankara Hosting Website Design Website Software allows Reflected XSS.This issue affects Website Software: through 03022026. NOTE: The vendor was contacted early about this disclosure but did...
CVE-2025-8590
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in AKCE Software Technology R Industry and Trade Inc. SKSPro allows Directory Indexing.This issue affects SKSPro: through 07012026...
CVE-2025-8461
Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Seres Software syWEB allows Reflected XSS.This issue affects syWEB: through 03022026. NOTE: The vendor was contacted early about this disclosure but did not respond in any way...
BELL-CVE-2026-23027
Bulletin has no description...
BELL-CVE-2026-23034
Bulletin has no description...