3461 matches found
EUVD-2026-42917
A vulnerability was detected in Eleveo Call Recording Software 9.7.0. The impacted element is an unknown function of the file /callrec/userAddAction.do. Performing a manipulation of the argument role results in improper authorization. It is possible to initiate the attack remotely. The exploit is...
CVE-2026-14800
A weakness has been identified in imhamzaazam ecommerceFlask up to cb7d9e24c30a99379651b7493b32048126ef402b. The affected element is an unknown function. This manipulation causes cross-site request forgery. The attack may be initiated remotely. The exploit has been made available to the public an...
EUVD-2026-41813
A weakness has been identified in imhamzaazam ecommerceFlask up to cb7d9e24c30a99379651b7493b32048126ef402b. The affected element is an unknown function. This manipulation causes cross-site request forgery. The attack may be initiated remotely. The exploit has been made available to the public an...
CVE-2026-14750
A security flaw has been discovered in mjperpinosa stumasy up to 327d1b0f2915ba79d7ef8ebb74553e987609d9be. The affected element is the function Notescontroller::accessingdictionaryauthorization of the file application/PHP/objects/notes/accessingdictionaryauthorization.php. The manipulation of the...
CVE-2026-14751
A weakness has been identified in mjperpinosa stumasy up to 327d1b0f2915ba79d7ef8ebb74553e987609d9be. The impacted element is the function Notescontroller::searchscratchdata of the file application/PHP/objects/notes/searchscratchdata.php. This manipulation of the argument fieldname causes sql...
EUVD-2026-41758
A security vulnerability has been detected in mjperpinosa stumasy up to 327d1b0f2915ba79d7ef8ebb74553e987609d9be. This affects the function adddefinition of the file application/PHP/objects/notes/addintodictionary.php. Such manipulation of the argument reference leads to cross site scripting. It ...
PT-2026-55744
Name of the Vulnerable Software and Affected Versions HdrHistogram versions prior to 2.2.3 Description A range check issue exists in the recordValue function within the org.HdrHistogram.DoubleHistogram class. A manipulation of this function leads to an incorrect comparison. This issue requires...
PT-2026-55798
Name of the Vulnerable Software and Affected Versions mjperpinosa stumasy versions up to 327d1b0f2915ba79d7ef8ebb74553e987609d9be Description A remote cross-site scripting issue exists due to improper manipulation of the argument reference within the add definition function located in the...
CVE-2026-14685 HdrHistogram AbstractHistogram AbstractHistogram.java recordValueWithCount state issue
A vulnerability has been found in HdrHistogram up to 2.2.2. This vulnerability affects the function recordValueWithCount of the file src/main/java/org/HdrHistogram/AbstractHistogram.java of the component AbstractHistogram. Such manipulation of the argument Count leads to state issue. The attack c...
CVE-2026-14685
HdrHistogram (up to 2.2.2) contains a vulnerability in AbstractHistogram.recordValueWithCount. The flaw involves manipulation of the Count argument in AbstractHistogram.java, causing a state issue. A local-execution vulnerability with publicly disclosed exploit exists; the issue is being tracked ...
CVE-2026-14628
A vulnerability was detected in NousResearch hermes-agent up to 2026.5.16. This impacts the function extractmedia of the file gateway/platforms/base.py of the component Live Webhook Endpoint. Performing a manipulation results in path traversal. The attack may be initiated remotely. The exploit is...
EUVD-2026-41673
A vulnerability was detected in NousResearch hermes-agent up to 2026.5.16. This impacts the function extractmedia of the file gateway/platforms/base.py of the component Live Webhook Endpoint. Performing a manipulation results in path traversal. The attack may be initiated remotely. The exploit is...
EUVD-2026-41563
A security flaw has been discovered in RT-Thread up to 5.0.2. Affected by this issue is the function CANReceive in the library bsp/synwit/libraries/SWM341CSL/CMSIS/DeviceSupport/SWM341.h of the component SWM341 CAN Handler. Performing a manipulation results in stack-based buffer overflow. The...
PT-2026-55579
Name of the Vulnerable Software and Affected Versions RT-Thread versions prior to 5.0.3 Description A stack-based buffer overflow exists in the recvmsg function within the bsp/loongson/ls1cdev/libraries/ls1c can.h library of the ls1c CAN Handler component. This issue requires local access to be...
CVE-2026-49090
CVE-2026-49090 affects Elasticsearch and is caused by Uncontrolled Resource Consumption (CWE-400) via the bulk API, where an authenticated user can submit specially crafted bulk requests that trigger sustained high CPU and can render a node unresponsive. The issue is publicly discussed in Elastic...
CVE-2026-35505 OFFIS DCMTK Toolkit Missing Release of Memory after Effective Lifetime
An unauthenticated remote attacker can repeatedly send crafted connection requests to leak memory. In single-process deployments the memory grows until the service is killed and the port stops responding until restart...
PT-2026-53991
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description An unauthenticated remote attacker can repeatedly send crafted connection requests to cause a memory leak. In single-process deployments, the memory consumption...
CVE-2026-13582
The CVE concerns the Edimax EW-7478APC (firmware 1.04) where the POST request handler’s /goform/formUSBAccount function manipulates the UserName/Password arguments, causing a buffer overflow. This vulnerability enables remote execution with network access and was reported as exploitable in the wi...
EUVD-2026-40125
A vulnerability was detected in Edimax EW-7478APC 1.04. This vulnerability affects the function formStaDrvSetup of the file /goform/formStaDrvSetup of the component POST Request Handler. The manipulation of the argument rootAPmac results in os command injection. The attack can be executed remotel...
CVE-2026-13561
A vulnerability was detected in Edimax EW-7478APC 1.04. The impacted element is the function formiNICbasic of the file /goform/formiNICbasic of the component POST Request Handler. The manipulation of the argument rootAPmac results in os command injection. The attack may be performed from remote...