CVE-2026-10815

The CVE-2026-10815 entry concerns LakshayD02’s Hostel-Management-System-PHP (up to commit f87e67c283bab6f718faf2fec6ae39a13bd7036b). The vulnerability affects the Admin Dashboard Page, specifically the hostel/index.php component, where manipulating the argument ID results in missing authorization...

EUVD-2026-34094

ProjectsAndPrograms school-management-system uses predictable credentials by generating student's and teacher's passwords solely from the user’s date of birth e.g., 12072000 for 12 July 2000. The application does not require or prompt users to change the password upon first login. This behavior...

CVE-2026-6489

A security flaw has been discovered in QueryMine sms up to 7ab5a9ea196209611134525ffc18de25c57d9593. This issue affects some unknown processing of the file admin/addteacher.php of the component Background Management Page. The manipulation of the argument image results in unrestricted upload. The...

CVE-2026-2943

A vulnerability was identified in SapneshNaik Student Management System up to f4b4f0928f0b5551a28ee81ae7e7fe47d9345318. This impacts an unknown function of the file index.php. Such manipulation of the argument Error leads to cross site scripting. The attack can be launched remotely. The exploit i...

PT-2026-6009

Name of the Vulnerable Software and Affected Versions Autodesk 3ds Max affected versions not specified Description A specially designed RGB file, when processed by Autodesk 3ds Max, can lead to a memory corruption issue. An attacker could potentially use this to run code without authorization...

PT-2026-5945

Name of the Vulnerable Software and Affected Versions Lexmark Embedded Solutions Framework affected versions not specified Description A relative path traversal issue exists in the Embedded Solutions Framework used in Lexmark devices. An attacker could potentially use this to execute arbitrary co...

PT-2025-47180

Name of the Vulnerable Software and Affected Versions affected versions not specified Description The software is susceptible to a cross-site scripting issue due to improper input neutralization during web page generation. This allows for the injection of malicious scripts into web pages...

PT-2025-46541

Name of the Vulnerable Software and Affected Versions LOGO! 12/24RCE 6ED1052-1MD08-0BA2 affected versions not specified LOGO! 12/24RCEo 6ED1052-2MD08-0BA2 affected versions not specified LOGO! 230RCE 6ED1052-1FB08-0BA2 affected versions not specified LOGO! 230RCEo 6ED1052-2FB08-0BA2 affected...

PT-2025-38283

Name of the Vulnerable Software and Affected Versions: NVIDIA Triton Inference Server affected versions not specified Description: The NVIDIA Triton Inference Server is susceptible to a denial-of-service condition triggered by loading a misconfigured model. Exploitation of this issue could lead t...

PT-2025-54576

Name of the Vulnerable Software and Affected Versions Google Chrome affected versions not specified Description A flaw exists in the Split View component of the Google Chrome browser related to errors in how information is presented in the user interface. Remote exploitation of this issue could...

PT-2025-33702 · Unknown · Sante Pacs Server

Name of the Vulnerable Software and Affected Versions: Sante PACS Server affected versions not specified Description: Sante PACS Server is susceptible to stored cross-site scripting. An attacker can inject malicious HTML code, potentially redirecting a user to a malicious webpage and stealing the...

PT-2025-16488

Name of the Vulnerable Software and Affected Versions The product name cannot be determined. Description Unauthenticated attackers can query an API endpoint and get device details. Recommendations At the moment, there is no information about a newer version that contains a fix for this...

PT-2025-15155 · Huawei · Harmonyos

Name of the Vulnerable Software and Affected Versions: The product name cannot be determined. Description: A buffer overflow vulnerability exists in the codec module. Successful exploitation of this issue may affect availability. Recommendations: At the moment, there is no information about a new...

PT-2025-7273 · Lexmark · Lexmark Devices

Name of the Vulnerable Software and Affected Versions: Lexmark devices affected versions not specified Description: The issue allows an attacker to modify the configuration of the device due to a CSRF vulnerability. This enables the attacker to change device settings, potentially leading to...

PT-2025-7246 · Unknown · Simplehelp

Name of the Vulnerable Software and Affected Versions: SimpleHelp affected versions not specified Description: A vulnerability has been identified in SimpleHelp. CISA has added this issue to the KEV Catalog. Recommendations: At the moment, there is no information about a newer version that contai...

PT-2025-4219 · Microsoft · Windows Telephony Service +1

Name of the Vulnerable Software and Affected Versions: Windows Telephony Service affected versions not specified Description: The issue allows remote attackers to execute arbitrary code, affecting the system. This can lead to unauthorized access and control. No information is provided about the...

PT-2025-3281 · Unknown · Widget Framework Module

Name of the Vulnerable Software and Affected Versions: Widget framework module affected versions not specified Description: The issue concerns a vulnerability of input parameters not being verified in the widget framework module. Successful exploitation of this vulnerability may affect...

PT-2025-2705 · Unknown · Mcdm Driver

Name of the Vulnerable Software and Affected Versions: MCDM driver affected versions not specified Description: Memory corruption occurs when invoking any application that calls IOCTL and executes all MCDM driver IOCTL calls. This issue arises due to the invocation of any IOCTL-calling applicatio...

PT-2025-2411 · Unknown · Sound Model Driver

Name of the Vulnerable Software and Affected Versions: Sound model driver affected versions not specified Description: There is an information disclosure issue that occurs when calling a callback function of the sound model driver from ADSP for every valid opcode received from the sound model...

PT-2025-2336 · Undefined · Undefined

Name of the Vulnerable Software and Affected Versions: No information is available about the vulnerable software and its affected versions. Description: The issue is related to a rejected CVE record due to non-compliance with CNA rules, as it has not been used. No further details are provided abo...