Lucene search
K

13307 matches found

Nuclei
Nuclei
added yesterday24 views

Code-Projects School Fees Payment System 1.0 - SQL Injection

A vulnerability was found in code-projects School Fees Payment System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /student.php. The manipulation of the argument ID leads to sql injection. The attack may be initiated remotely. The exploit has been...

9.8CVSS6.8AI score0.017EPSS
Exploits1References5
Cvelist
Cvelist
added 2 days ago34 views

CVE-2026-13551 itsourcecode Baptism Information Management System editBaptism.php sql injection

A security vulnerability has been detected in itsourcecode Baptism Information Management System 1.0. This affects an unknown function of the file /editBaptism.php. Such manipulation of the argument ID leads to sql injection. The attack may be performed from remote. The exploit has been disclosed...

7.5CVSS0.00263EPSS
Exploits0References6
EUVD
EUVD
added 2 days ago6 views

EUVD-2026-40055

A weakness has been identified in itsourcecode Baptism Information Management System 1.0. The impacted element is an unknown function of the file /delbaptism.php. This manipulation of the argument ID causes sql injection. The attack is possible to be carried out remotely. The exploit has been mad...

7.5CVSS7AI score0.00263EPSS
Exploits0References6
NVD
NVD
added 2 days ago7 views

CVE-2026-13537

A vulnerability was found in CodeAstro Human Resource Management System 1.0. Impacted is an unknown function. The manipulation results in cross-site request forgery. The attack may be launched remotely. The exploit has been made public and could be used...

5.3CVSS0.00162EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2 days ago10 views

CVE-2026-13537

A vulnerability was found in CodeAstro Human Resource Management System 1.0. Impacted is an unknown function. The manipulation results in cross-site request forgery. The attack may be launched remotely. The exploit has been made public and could be used...

5.3CVSS5.4AI score0.00162EPSS
Exploits0References6Affected Software1
RedhatCVE
RedhatCVE
added 2 days ago7 views

CVE-2026-54270

A flaw was found in protobufjs. This library compiles protobuf definitions into JavaScript JS functions. A remote attacker could send a specially crafted protobuf payload containing numerous unknown fields. This could cause the decoded message to retain substantially more memory than expected,...

5.3CVSS5.8AI score0.00293EPSS
Exploits0References4
EUVD
EUVD
added 3 days ago7 views

EUVD-2026-39996

A vulnerability was identified in yashpokharna2555 restaurent-management-system. This affects an unknown function of the file /forgotpassword.php of the component POST Parameter Handler. Such manipulation of the argument email leads to sql injection. The attack can be launched remotely. The explo...

7.5CVSS6.9AI score0.00269EPSS
Exploits0References6
CVE
CVE
added 3 days ago14 views

CVE-2026-13498

The CVE concerns yashpokharna2555 restaurant-management-system. It identifies a vulnerability in an unknown function within /forgotpassword.php (POST Parameter Handler) where manipulating the email parameter leads to SQL injection. The issue can be exploited remotely and publicly available exploi...

7.5CVSS6.9AI score0.00269EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 4 days ago8 views

CVE-2025-59868

HCL Traveler for Microsoft Outlook HTMO is susceptible to a sensitive data exposure vulnerability which could allow an attacker to exploit application information to then attempt additional attacks and cause unknown behavior in the application...

5.5CVSS5.8AI score0.00108EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 4 days ago10 views

EUVD-2025-210365

HCL Traveler for Microsoft Outlook HTMO is susceptible to a sensitive data exposure vulnerability which could allow an attacker to exploit application information to then attempt additional attacks and cause unknown behavior in the application...

5.5CVSS5.8AI score0.00108EPSS
Exploits0References1
OSV
OSV
added 5 days ago4 views

UBUNTU-CVE-2026-48928

A inconsistency in Node.js hostname matching can cause a trust-policy bypass in multi-context mTLS setups. This vulnerability affects all supported release lines: Node.js 22, Node.js 24, and Node.js 26...

5.4CVSS6.1AI score0.00247EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 5 days ago7 views

SUSE SLED15 / SLES15 Security Update : python-PyJWT (SUSE-SU-2026:2626-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2626-1 advisory. This update for python-PyJWT fixes the following issues - CVE-2026-48522: PyJWKClient passes URI arguments...

7.4CVSS5.8AI score0.00379EPSS
Exploits4References16
EUVD
EUVD
added 6 days ago6 views

EUVD-2026-38383

MessagePack-CSharp: DynamicUnionResolver-generated deserializers miss depth enforcement...

7.5CVSS5.8AI score0.00231EPSS
Exploits0References2
NVD
NVD
added 6 days ago8 views

CVE-2026-56788

RTKLIB through 2.4.3 contains an out-of-bounds read vulnerability in getcodepri function when processing unrecognized RINEX observation codes, allowing attackers to trigger denial of service. Crafted RINEX files with unknown observation types cause negative array indexing into the codepris table,...

7.1CVSS0.00119EPSS
Exploits1References2
OSV
OSV
added 6 days ago3 views

UBUNTU-CVE-2026-49839

jq is a command-line JSON processor. Prior to 1.8.2, jq --rawfile can turn a handled oversized-string error into invalid-state reuse and a real heap out-of-bounds write in assertion-disabled builds. When jvloadfileraw=1 reads an attacker-controlled file, it repeatedly appends file chunks to the...

7.1CVSS5.8AI score0.00165EPSS
Exploits1References3
EUVD
EUVD
added 6 days ago4 views

EUVD-2026-39530

RTKLIB through 2.4.3 contains an out-of-bounds read vulnerability in getcodepri function when processing unrecognized RINEX observation codes, allowing attackers to trigger denial of service. Crafted RINEX files with unknown observation types cause negative array indexing into the codepris table,...

4.8CVSS5.9AI score0.00119EPSS
Exploits1References2
CVE
CVE
added 6 days ago11 views

CVE-2026-56788

RTKLIB 2.4.3 is affected by an out-of-bounds read in getcodepri when processing unrecognized RINEX observation codes. Crafted RINEX files with unknown observation types trigger negative indexing into the codepris table, causing reliable crashes and potential memory disclosure of adjacent global d...

7.1CVSS5.9AI score0.00119EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 6 days ago31 views

CVE-2026-56788 RTKLIB 2.4.3 - Out-of-bounds Read via Negative Array Index in getcodepri

RTKLIB through 2.4.3 contains an out-of-bounds read vulnerability in getcodepri function when processing unrecognized RINEX observation codes, allowing attackers to trigger denial of service. Crafted RINEX files with unknown observation types cause negative array indexing into the codepris table,...

4.8CVSS0.00119EPSS
Exploits1References2
Cvelist
Cvelist
added 6 days ago28 views

CVE-2026-54089 File Browser: Authentication Bypass via Proxy Auth Header Forgery

File Browser is a file managing interface for uploading, deleting, previewing, renaming, and editing files within a specified directory. Starting with 2.0.0-rc.1, when FileBrowser is configured with proxy authentication auth.method=proxy, any unauthenticated attacker who can reach the server...

9.1CVSS0.00337EPSS
Exploits0References3
NVD
NVD
added 6 days ago7 views

CVE-2026-53262

In the Linux kernel, the following vulnerability has been resolved: l2tp: pppol2tp: hold reference to session in pppol2tpioctl pppol2tpioctl read sock-sk-skuserdata directly without any locks or reference counting. If a controllable sleep was induced during copyfromuser e.g. via a userfaultfd pag...

7.8CVSS0.00125EPSS
Exploits0References4
Rows per page
Query Builder