Lucene search
K

3447 matches found

Cvelist
Cvelist
added 2026/06/15 3:15 a.m.40 views

CVE-2026-12213 hcengineering Huly Platform User Information operations.ts getAccountInfo improper authorization

A vulnerability was found in hcengineering Huly Platform up to 0.7.0. Affected by this vulnerability is the function getAccountInfo of the file server/account/src/operations.ts of the component User Information Handler. The manipulation results in improper authorization. The attack may be launche...

5.3CVSS0.00203EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/15 12:31 a.m.12 views

EUVD-2026-36671

A vulnerability was determined in GALAYOU Y4 1.0.0. Impacted is an unknown function of the component Web Server. This manipulation causes buffer overflow. The attack is only possible within the local network. The exploit has been publicly disclosed and may be utilized. The vendor was contacted...

8.8CVSS8.3AI score0.00316EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/15 12:31 a.m.13 views

EUVD-2026-36667

A vulnerability was detected in Grit42 Grit up to 0.11.0. Affected by this issue is some unknown functionality of the file modules/core/backend/app/controllers/concerns/grit/core/gritentitycontroller.rb of the component GritEntityController. Performing a manipulation results in sql injection. The...

6.5CVSS6.4AI score0.00196EPSS
Exploits0References6
CVE
CVE
added 2026/06/15 12:30 a.m.25 views

CVE-2026-12201

CVE-2026-12201 affects IObit Malware Fighter (up to 13.2.0) via an unknown functionality in the DLL Handler component, where manipulation leads to permission issues. The flaw enables a local attacker with access to the system to trigger the vulnerability; an exploit has been published. The docume...

5.3CVSS5.4AI score0.00103EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/15 12:30 a.m.12 views

EUVD-2026-36676

A flaw has been found in IObit Malware Fighter up to 13.2.0. Affected by this vulnerability is an unknown functionality of the component DLL Handler. This manipulation causes permission issues. The attack requires local access. The exploit has been published and may be used. The vendor was...

5.3CVSS5.4AI score0.00103EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/06/15 12:30 a.m.10 views

CVE-2026-12201 IObit Malware Fighter DLL permission

A flaw has been found in IObit Malware Fighter up to 13.2.0. Affected by this vulnerability is an unknown functionality of the component DLL Handler. This manipulation causes permission issues. The attack requires local access. The exploit has been published and may be used. The vendor was...

5.3CVSS5.3AI score0.00103EPSS
Exploits0References6
NVD
NVD
added 2026/06/15 12:16 a.m.15 views

CVE-2026-12198

A weakness has been identified in Microweber up to 2.0.20. This affects the function userfilespath of the file /apinosession/thumbnailimg of the component API Endpoint. Executing a manipulation of the argument cachepathrelative can lead to path traversal. It is possible to launch the attack...

7.5CVSS0.00525EPSS
Exploits0References7
NVD
NVD
added 2026/06/15 12:16 a.m.15 views

CVE-2026-12192

A vulnerability was determined in GALAYOU Y4 1.0.0. Impacted is an unknown function of the component Web Server. This manipulation causes buffer overflow. The attack is only possible within the local network. The exploit has been publicly disclosed and may be utilized. The vendor was contacted...

8.8CVSS0.00316EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/15 12:15 a.m.11 views

EUVD-2026-36675

A security vulnerability has been detected in Ritlabs TinyWeb Server up to 1.94 on Win32. This impacts an unknown function in the library libeay32.dll.html of the component Header Handler. The manipulation of the argument Authorization leads to stack-based buffer overflow. The attack can be...

7.5CVSS8AI score0.00324EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.14 views

PT-2026-49181

Name of the Vulnerable Software and Affected Versions Yealink SIP-T46U version 108.86.0.118 Description A stack-based buffer overflow exists in the Firmware Chunk Upload handler. This occurs when the uid argument is manipulated within the mod upgrade.SparePartsUpload function of the...

8.6CVSS7.6AI score0.00371EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.10 views

PT-2026-49150

A security vulnerability has been detected in Ritlabs TinyWeb Server up to 1.94 on Win32. This impacts an unknown function in the library libeay32.dll.html of the component Header Handler. The manipulation of the argument Authorization leads to stack-based buffer overflow. The attack can be...

7.5CVSS6AI score0.00324EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.17 views

PT-2026-49178

Name of the Vulnerable Software and Affected Versions DVDFab Virtual Drive version 2.0.0.5 Description Improper privilege management exists within the Signed Kernel Driver component, specifically affecting a function in the dvdfabio.sys library. This issue allows a local attacker to manipulate th...

8.5CVSS7.1AI score0.00111EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.22 views

PT-2026-49179

Name of the Vulnerable Software and Affected Versions Yealink SIP-T46U affected versions not specified Description A stack-based buffer overflow exists in the Web FastCGI Service. The issue occurs within the StartReportInformation function located in the '/api/inner/beforewifitest' endpoint. An...

8.6CVSS7.9AI score0.00371EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.13 views

PT-2026-49171

A security vulnerability has been detected in RubyLouvre avalon up to 2.2.10. The impacted element is an unknown function of the file src/filters/index.js of the component Template Filter Handler. Such manipulation leads to improperly controlled modification of object prototype attributes. It is...

6.9CVSS5.1AI score0.00314EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/06/14 11:15 p.m.9 views

CVE-2026-12192 GALAYOU Y4 Web Server buffer overflow

A vulnerability was determined in GALAYOU Y4 1.0.0. Impacted is an unknown function of the component Web Server. This manipulation causes buffer overflow. The attack is only possible within the local network. The exploit has been publicly disclosed and may be utilized. The vendor was contacted...

8.8CVSS8.3AI score0.00316EPSS
Exploits0References4
CVE
CVE
added 2026/06/14 11:15 p.m.26 views

CVE-2026-12192

GALAYOU Y4 Web Server 1.0.0 is affected by a buffer overflow in an unspecified Web Server function. The flaw enables local-network exploitation with no authentication required and affects confidentiality, integrity, and availability. Public exploit details are indicated in the CVE context, and th...

8.8CVSS8.3AI score0.00316EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/14 12:0 a.m.16 views

PT-2026-49148

A security flaw has been discovered in Ruijie EG105G-P 2.340. The impacted element is the function nslookup of the file /cgi-bin/luci/api/diagnose of the component JSON-RPC Diagnose Endpoint. Performing a manipulation of the argument params.target results in command injection. It is possible to...

8.6CVSS5.3AI score0.02385EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/06/12 8:34 p.m.14 views

CVE-2026-10142

A flaw was found in kafka-python. A malicious broker or a machine-in-the-middle attacker can exploit a denial-of-service vulnerability in the protocol parser. By sending a specially crafted 4-byte frame length value without proper bounds validation, an attacker can trigger excessive memory...

8.7CVSS5.2AI score0.00348EPSS
Exploits0References7
NVD
NVD
added 2026/06/08 3:16 p.m.14 views

CVE-2026-11521

A security vulnerability has been detected in Mohammed-eid35 bank-management-system-springboot up to 7b9bcc65ad7df3db29af71aed9bb500e5f24d948. This affects an unknown part of the file src/main/java/com/alien/bank/management/system/controller/TransactionController.java of the component Transaction...

6.5CVSS0.00272EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/06/08 8:58 a.m.11 views

CVE-2026-11458

A weakness has been identified in erzhongxmu JeeWMS up to 141740afb2ba14d441c82a833d0a418d07ca2d69. This issue affects some unknown processing of the file /base-boot/actuator of the component Boot Actuator Endpoint. Executing a manipulation can lead to information disclosure. The attack can be...

6.9CVSS5.5AI score0.00292EPSS
Exploits0References1
Rows per page
Query Builder