27 matches found
CVE-2026-9420 KLiK SocialMediaWebsite HTTP GET Request Parameter injection
A vulnerability was found in KLiK SocialMediaWebsite 1.0. This affects an unknown part of the component HTTP GET Request Parameter Handler. The manipulation results in injection. It is possible to launch the attack remotely. The exploit has been made public and could be used...
SUSE CVE-2026-44052
Netatalk 2.1.0 through 4.4.2 inserts LDAP simple-bind passwords into log output in cleartext, which allows an attacker with access to the log files to obtain LDAP credentials...
SUSE CVE-2026-34002
A flaw was found in the X.Org X server. This vulnerability, an out-of-bounds read, affects the XKB X Keyboard Extension modifier map handling. An attacker with access to the X11 server can exploit this by sending a malformed request, which causes the server to read beyond its intended memory...
CVE-2026-5597
The CVE-2026-5597 entry concerns griptape-ai griptape v0.19.4. Affects the ComputerTool component (griptape\tools\computer\tool.py) where manipulation of the argument filename can cause a path traversal. It is possible to exploit remotely; the exploit has been published. Exploit maturity is repor...
CVE-2026-5210
A vulnerability was detected in SourceCodester Leave Application System 1.0. This affects an unknown part. Performing a manipulation of the argument page results in file inclusion. Remote exploitation of the attack is possible. The exploit is now public and may be used...
SUSE CVE-2026-26081
unknown...
CVE-2025-15164
A security flaw has been discovered in Tenda WH450 1.0.0.18. This affects an unknown part of the file /goform/SafeMacFilter. The manipulation of the argument page results in stack-based buffer overflow. The attack may be performed from remote. The exploit has been released to the public and may b...
EUVD-2025-205023
A security vulnerability has been detected in code-projects Student File Management System 1.0. This affects an unknown part of the file /savefile.php. Such manipulation of the argument File leads to unrestricted upload. The attack can be executed remotely. The exploit has been disclosed publicly...
CVE-2025-14699
A security vulnerability has been detected in Municorn FAX App 3.27.0 on Android. This vulnerability affects unknown code of the component biz.faxapp.app. Such manipulation leads to path traversal. The attack needs to be performed locally. The exploit has been disclosed publicly and may be used...
CVE-2025-13119 Fabian Ros/SourceCodester Simple E-Banking System cross-site request forgery
A flaw has been found in Fabian Ros/SourceCodester Simple E-Banking System 1.0. This affects an unknown part. This manipulation causes cross-site request forgery. The attack may be initiated remotely. The exploit has been published and may be used...
PT-2025-41752
Name of the Vulnerable Software and Affected Versions ProjectsAndPrograms School Management System versions prior to commit hash 6b6fae5426044f89c08d0dd101c7fa71f9042a59 Description A flaw exists in ProjectsAndPrograms School Management System that allows attackers to bypass authentication. This ...
SUSE CVE-2025-50088
unknown...
CVE-2025-10252 SEAT Queue Ticket Kiosk Java RMI Registry deserialization
A flaw has been found in SEAT Queue Ticket Kiosk up to 20250827. This affects an unknown part of the component Java RMI Registry Handler. This manipulation causes deserialization. The attack can only be done within the local network. The attack is considered to have high complexity. It is indicat...
CVE-2025-9760
A weakness has been identified in Portabilis i-Educar up to 2.10. This affects an unknown part of the file /module/Api/matricula of the component Matricula API. Executing manipulation can lead to improper authorization. It is possible to launch the attack remotely. The exploit has been made...
CVE-2025-7095
A vulnerability classified as critical has been found in Comodo Internet Security Premium 12.3.4.8162. This affects an unknown part of the component Update Handler. The manipulation leads to improper certificate validation. It is possible to initiate the attack remotely. The complexity of an atta...
SUSE CVE-2020-145773
unknown...
CVE-2024-8571
A vulnerability was found in erjemin rollcms up to 1484fe2c4e0805946a7bcf46218509fcb34883a9. It has been classified as problematic. This affects an unknown part of the file rollcms/rollcms/views.py. The manipulation leads to information exposure through error message. This product takes the...
CVE-2025-5013
A vulnerability, which was classified as problematic, was found in HkCms up to 2.3.2.240702. This affects an unknown part of the file /index.php/search/index.html of the component Search. The manipulation of the argument keyword leads to cross site scripting. It is possible to initiate the attack...
CVE-2025-4021
A vulnerability was found in code-projects Patient Record Management System 1.0. It has been classified as critical. This affects an unknown part of the file /editspatient.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit...
SUSE CVE-2025-24049
unknown...