6 matches found
CVE-2026-34053
OpenEMR prior to version 8.0.0.3 has a missing authorization issue in the AJAX deletion endpoint at interface/forms/procedure_order/handle_deletions.php. This allows any authenticated user, regardless of role, to irreversibly delete procedure orders, answers, and specimens for any patient. Versio...
CVE-2026-33917
OpenEMR is a free and open source electronic health records and medical practice management application. Versions prior to 8.0.0.3 contais a SQL injection vulnerability in the ajaxsave CAMOS form that can be exploited by authenticated attackers. The vulnerability exists due to insufficient input...
CVE-2026-3608
CVE-2026-3608 affects Kea daemons (kea-ctrl-agent, kea-dhcp-ddns, kea-dhcp4, kea-dhcp6). A maliciously crafted message over any configured API socket or HA listener can cause the receiving daemon to exit with a stack overflow. Affected versions: 2.6.0–2.6.4 and 3.0.0–3.0.2. Exploitation details a...
WordPress ColorWay Theme <= 4.2.3 is vulnerable to Sensitive Data Exposure
Software ColorWay Type Theme Vulnerable versions = 4.2.3 Fixed in N/A OWASP Top 10 A2: Cryptographic Failures Classification Sensitive Data Exposure CVE CVE-2025-59003 Patch priority Low CVSS severity Low 5.8 Developer Claim ownership PSID f2f3f07e918e Credits Legion Hunter Required privilege...
PHPOK 安全漏洞
PHPOK is an enterprise website builder system that supports extensions. A security vulnerability exists in PHPOK version 6.4.003, which stems from vulnerability to SQL injection attacks...
2021-05 Cumulative Update Preview for .NET Framework 3.5 and 4.8 for Windows Server, version 20H2 for x64 (KB5003254)
2021-05 Cumulative Update Preview for .NET Framework 3.5 and 4.8 for Windows Server, version 20H2 for x64 KB5003254...