Lucene search
K

101 matches found

Positive Technologies
Positive Technologies
added 2026/06/01 12:0 a.m.19 views

PT-2026-45421

A security vulnerability has been detected in H3C Magic B0 up to 100R002. The affected element is the function SetMobileAPInfoById of the file /goform/aspForm. Such manipulation of the argument param leads to stack-based buffer overflow. The attack may be performed from remote. The exploit has be...

9CVSS6.2AI score0.00484EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.20 views

PT-2026-44921

A vulnerability was found in macrozheng mall up to 1.0.3. This affects an unknown function of the file /admin/update/ of the component Super Admin Password Handler. Performing a manipulation results in improper authorization. Remote exploitation of the attack is possible. The vendor deleted the...

5.8CVSS5.5AI score0.00218EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/05/26 8:14 p.m.14 views

CVE-2026-9469

A weakness has been identified in yashpokharna2555 StudentManagementSystem cb2f558ddf8d19396de0f92abf2d224d46a0a203. The impacted element is an unknown function of the file /success.php. This manipulation of the argument User causes sql injection. It is possible to initiate the attack remotely. T...

7.5CVSS6.9AI score0.00319EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/23 12:0 a.m.13 views

PT-2026-42875

A security vulnerability has been detected in Edimax BR-6428NS 1.10. Affected is the function formWlbasic of the file /goform/formWlbasic of the component POST Request Handler. The manipulation of the argument repeaterSSID leads to command injection. The attack may be initiated remotely. The...

6.5CVSS5.6AI score0.01398EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/04/20 7:22 p.m.6 views

CVE-2026-6563

A vulnerability has been found in H3C Magic B1 up to 100R004. The affected element is the function SetAPWifiorLedInfoById of the file /goform/aspForm. The manipulation of the argument param leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to...

9CVSS7.7AI score0.00481EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/20 3:31 p.m.5 views

EUVD-2026-23864

A vulnerability was determined in Qibo CMS 1.0. Affected by this issue is some unknown functionality of the file /index/image/headers. Executing a manipulation of the argument starts can lead to server-side request forgery. The attack can be launched remotely. The exploit has been publicly...

6.5CVSS5.4AI score0.00206EPSS
Exploits0References5
EUVD
EUVD
added 2026/04/20 12:30 a.m.5 views

EUVD-2026-23727

A security flaw has been discovered in vibrantlabsai RAGAS up to 0.4.3. The affected element is the function tryprocesslocalfile/tryprocessurl of the file src/ragas/metrics/collections/multimodalfaithfulness/util.py of the component Collections Module. Performing a manipulation of the argument...

7.5CVSS5.4AI score0.00534EPSS
Exploits1References5
EUVD
EUVD
added 2026/04/19 12:31 p.m.4 views

EUVD-2026-23694

A vulnerability was determined in kodcloud KodExplorer up to 4.52. This affects the function share.class.php::initShareOld of the file /app/controller/share.class.php of the component Public Share Handler. This manipulation of the argument path causes path traversal. The attack can be initiated...

7.5CVSS5.4AI score0.00513EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/04/06 10:59 p.m.5 views

CVE-2026-5596

A vulnerability was detected in griptape-ai griptape 0.19.4. Affected by this issue is some unknown functionality of the file griptape/tools/sql/tool.py of the component SqlTool. Performing a manipulation results in sql injection. It is possible to initiate the attack remotely. The exploit is now...

6.5CVSS6.4AI score0.00196EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/31 6:45 a.m.1 views

CVE-2026-5185

A security flaw has been discovered in Nothings stbimage up to 2.30. This affects the function stbigifloadnext of the file stbimage.h of the component Multi-frame GIF File Handler. The manipulation results in heap-based buffer overflow. The attack requires a local approach. The exploit has been...

5.3CVSS6.1AI score0.00154EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/03/27 2:52 p.m.8 views

CVE-2026-4957

A flaw has been found in OpenBMB XAgent 1.0.0. The impacted element is the function FunctionHandler.handletoolcall of the file XAgent/functionhandler.py of the component API Key Handler. This manipulation of the argument apikey causes sensitive information in log files. The attack may be initiate...

5.1CVSS5.5AI score0.0028EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/27 12:0 a.m.5 views

PT-2026-28708

Name of the Vulnerable Software and Affected Versions chatwoot versions prior to 4.11.1 Description A security issue exists in chatwoot that allows for improper authorization. This occurs through manipulation of the signupEnabled argument with the input true within an unknown function of the...

7.5CVSS5.7AI score0.0035EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/03/26 2:58 p.m.4 views

CVE-2026-4227

A security vulnerability has been detected in LB-LINK BL-WR9000 2.4.9. The impacted element is the function sub44D844 of the file /goform/gethidessidcfg. The manipulation leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed publicly and may be...

9CVSS7.6AI score0.00664EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/03/26 12:0 a.m.9 views

PT-2026-28223

A vulnerability was determined in dameng100 muucmf 1.9.5.20260309. This affects an unknown function of the file /admin/extend/list.html. Executing a manipulation of the argument Name can lead to cross site scripting. The attack can be launched remotely. The exploit has been publicly disclosed and...

5.3CVSS4AI score0.00269EPSS
Exploits0References5
OSV
OSV
added 2026/03/08 3:15 p.m.4 views

CVE-2026-3743

A flaw has been found in YiFang CMS 2.0.5. This affects the function update of the file app/db/admin/DsinglePageGroup.php. Executing a manipulation of the argument Name can lead to cross site scripting. It is possible to launch the attack remotely. The exploit has been published and may be used...

5.4CVSS4.1AI score0.00196EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/03/04 12:0 a.m.6 views

PT-2026-25637

Name of the Vulnerable Software and Affected Versions LB-LINK BL-WR9000 version 2.4.9 Description A security issue has been identified in LB-LINK BL-WR9000 version 2.4.9. The issue resides in the sub 44D844 function within the /goform/get hidessid cfg file. Manipulation of this function leads to ...

9CVSS7.3AI score0.00664EPSS
Exploits1References12
ATTACKERKB
ATTACKERKB
added 2026/02/27 4:32 a.m.2 views

CVE-2026-3289

A weakness has been identified in Sanluan PublicCMS 6.202506.d. This impacts the function saveMetadata of the file TemplateCacheComponent.java of the component Template Cache Generation. Executing a manipulation can lead to path traversal. The attack can be executed remotely. The exploit has been...

9.8CVSS6.2AI score0.00684EPSS
Exploits1References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/02/23 3:32 a.m.4 views

CVE-2026-2969

A flaw has been found in datapizza-labs datapizza-ai 0.0.2. Affected is the function ChatPromptTemplate of the file datapizza-ai-core/datapizza/modules/prompt/prompt.py of the component Jinja2 Template Handler. This manipulation of the argument Prompt causes improper neutralization of special...

5.8CVSS4.8AI score0.00686EPSS
Exploits2References5Affected Software1
OSV
OSV
added 2026/02/22 10:15 p.m.3 views

CVE-2026-2956

A security flaw has been discovered in qinming99 dst-admin up to 1.5.0. This affects the function revertBackup of the file /home/restore. The manipulation of the argument Name results in command injection. The attack can be launched remotely. The exploit has been released to the public and may be...

8.8CVSS6.3AI score
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/02/17 2:44 a.m.7 views

CVE-2026-2527

A vulnerability was determined in Wavlink WL-WN579A3 up to 20210219. Affected is an unknown function of the file /cgi-bin/login.cgi. Executing a manipulation of the argument key can lead to command injection. The attack may be launched remotely. The exploit has been publicly disclosed and may be...

9.8CVSS5.4AI score0.0674EPSS
Exploits1References1
Rows per page
Query Builder