364191 matches found
CVE-2026-27053
Unauthenticated PHP Object Injection in Broadcast Live Video 7.1.3 versions...
CVE-2026-27333
Unauthenticated Deserialization of untrusted data in Paid Videochat Turnkey Site = 7.3.23 versions...
CVE-2025-68872
Unauthenticated Cross Site Scripting XSS in Elis WordCents adSense Widget with Analytics = 1.3.03.27 versions...
CVE-2025-69332
Subscriber Broken Access Control in Bookify = 1.1.1 versions...
CVE-2025-60175
Administrator Server Side Request Forgery SSRF in PopAd = 1.0.4 versions...
CVE-2025-68840
Unauthenticated Cross Site Scripting XSS in iRobots.txt SEO = 1.1.2 versions...
CVE-2025-68049
Subscriber Broken Access Control in bunny.net = 2.3.6 versions...
CVE-2025-68851
Unauthenticated Cross Site Scripting XSS in Okay Toolkit = 2.3 versions...
CVE-2025-59133
Custom role Insecure Direct Object References IDOR in Projectopia = 5.1.25.2 versions...
CVE-2026-54444
Rejected reason: REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2026-49489. Reason: This candidate is a duplicate of CVE-2026-49489. Notes: All CVE users should reference CVE-2026-49489 instead of this candidate...
CVE-2026-54294
Rejected reason: REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2026-12072. Reason: This candidate is a duplicate of CVE-2026-12072. Notes: All CVE users should reference CVE-2026-12072 instead of this candidate...
CVE-2026-54295
Rejected reason: REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2026-12061. Reason: This candidate is a duplicate of CVE-2026-12061. Notes: All CVE users should reference CVE-2026-12061 instead of this candidate...
CVE-2026-54292
Rejected reason: REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2026-12074. Reason: This candidate is a duplicate of CVE-2026-12074. Notes: All CVE users should reference CVE-2026-12074 instead of this candidate...
CVE-2026-54296
Rejected reason: REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2026-12075. Reason: This candidate is a duplicate of CVE-2026-12075. Notes: All CVE users should reference CVE-2026-12075 instead of this candidate...
CVE-2026-53703
A vulnerability was found in the GStreamer RealMedia demuxer gst-plugins-ugly. When processing a RealMedia .rm file, the demuxer parses MDPR media properties chunks to configure audio streams. For audio stream header versions 4 and 5, the parser reads fields such as codec type, packet size, sampl...
CVE-2026-53705
A flaw was found in GStreamer's WavPack audio decoder in gst-plugins-good. When processing a specially crafted WavPack file, an integer overflow in the buffer size calculation 4 blocksamples channels in gstwavpackdechandleframe causes a very small heap allocation. The WavPack library then writes...
CVE-2026-53704
A flaw was found in GStreamer's RealMedia demuxer in the gst-plugins-ugly package. When processing a RealMedia file containing a specially crafted FILEINFO metadata section, the demuxer parses variable-name and variable-value pairs using reskippascalstring without validating that offsets remain...
CVE-2026-52721
Multiple out-of-bounds read vulnerabilities were found in GStreamer's pcapparse element. Malformed PCAP records can trigger reads beyond buffer boundaries during IPv4/TCP header parsing. This element is primarily used in debugging pipelines, limiting real-world exposure. A local attacker could...
CVE-2026-50891
Incorrect access control in the /admin/api/config component of Filestash v0.4.0 allows attackers to escalate privileges via sending a crafted request...
CVE-2026-50890
Bernd Bestel grocy v4.6.0 was discovered to contain a SQL injection vulnerability in the product-group parameter at /stockreports/spendings. This vulnerability allows attackers to access sensitive database information via a crafted SQL statement...
CVE-2026-50892
Incorrect access control in the "Let's Encrypt" certificate download endpoint of Nginx Proxy Manager v2.14.0 allows authenticated attackers to obtain the TLS private key material via a crafted GET request...
CVE-2026-52720
A heap buffer overflow vulnerability was found in GStreamer's librfb RFB/VNC client. The rectangle bounds check incorrectly validates area rather than individual dimensions, allowing a malicious VNC server to send a rectangle that extends beyond the framebuffer. A remote attacker could set up a...
CVE-2026-52719
An out-of-bounds read vulnerability was found in the VA JPEG decoder in GStreamer's gst-plugins-bad. The JPEG parser reads a segment length value from the bitstream without validating it against available data. A remote attacker could trick a user into opening a specially crafted JPEG file, causi...
CVE-2026-52718
A denial of service vulnerability was found in GStreamer's AV1 codec parser in gst-plugins-bad. The gstav1parserparsetilelistobu function passes a byte count to a bit-reader API that expects a bit count, causing parser desynchronization. A remote attacker could trick a user into opening a special...
CVE-2026-52722
A signed integer overflow vulnerability was found in GStreamer's VMnc decoder. A crafted VMnc stream with large cursor dimensions can overflow signed integer payload-size arithmetic, bypassing a length check and leading to out-of-bounds reads. A remote attacker could trick a user into opening a...
CVE-2026-50883
An HTML injection vulnerability in the /src/highlight.rs component of matze wastebin v3.4.1 allows attackers to execute arbitrary scripts via a crafted payload...
CVE-2026-50886
Incorrect access control in the webhook management component of Project Firefly III v6.5.9 allows attackers to scan internal resources via a crafted POST request...
CVE-2026-50881
Incorrect access control in the impworks Bonsai v6.0 allows authenticated attackers with Editor privileges to escalate privileges to Administrator and execute unauthorized account, password, and configuration changes...
CVE-2026-50887
A Server-Side Request Forgery SSRF in the automatic short URL title resolution component of shlink v5.0.1 allows attackers to scan internal resources via supplying a crafted longUrl...
CVE-2026-50884
Incorrect access control in statping-ng v0.93.0 allows attackers to escalate privileges to Administrator and access sensitive components...
CVE-2026-50889
An input handling flaw in the HTTP refresh token process of LLDAP v0.6.2 allows attackers to cause a Denial of Service DoS via sending a crafted refresh-token header...
CVE-2026-50885
Incorrect access control in the share-based read endpoints of Sismics Docs Teedy v1.11 allow unauthorized attackers to access sensitive endpoints via a crafted request...
CVE-2026-50882
An issue in the /api/v0/pastes endpoint of anna-is-cute paste v0.1.1 allows attackers to cause a Denial of Service DoS via a crafted POST request...
CVE-2026-50888
An authenticated Server-Side Request Forgery SSRF in the custom scraper subsystem component of Benjamin Jonard Koillection v1.8.0 allows attackers to scan internal resources via supplying a crafted URL...
CVE-2026-50876
A cross-site scripting XSS vulnerability in Deck9 Input v2.0.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...
CVE-2026-50874
An OS command injection vulnerability in the /manage/features/media component of kanishka-linux Reminiscence v0.3.0 allows attackers to execute arbitrary commands via supplying a crafted input...
CVE-2026-50878
An issue in the attachment handling component of Feuerhamster MailForm v1.1.0 allows attackers to cause a Denial of Service DoS via a crafted request...
CVE-2026-50877
An issue in Zhoros SuperBin v1.0.0 allows attackers to execute a directory traversal via supplying files with names containing traversal characters...
CVE-2026-50873
An arbitrary file upload vulnerability in the attachment handling component of flatnotes v5.5.4 allows attackers to execute arbitrary code via uploading a crafted HTML or SVG file...
CVE-2026-50879
An issue in the uploadPostHandler component of Andrei Marcu linx-server v2.3.8 allows attackers to cause a Denial of Service DoS via a crafted POST request...
CVE-2026-50875
Incorrect access control in the /form/webhooks/webhook endpoint of Deck9 Input v2.0.1 allows authenticated attackers to arbitrarily modify or delete another tenant's webhook via a crafted request...
CVE-2026-50880
An issue in the sendmail transport integration component of YouTransfer v1.0.6 allows attackers to execute arbitrary code via supplying a crafted request...
CVE-2026-50871
An OS command injection vulnerability in the media archiving and export pipeline component of kanishka-linux Reminiscence v0.3.0 allows attackers to execute arbitrary commands via supplying a crafted input...
CVE-2026-50870
An information disclosure vulnerability in the configuration endpoint of Ben Busby whoogle-search v1.2.3 allows attackers to obtain sensitive information via a crafted GET request...
CVE-2026-49954
Discuz! X5.0 releases 20260320 through 20260610 contain a local file inclusion vulnerability that allows authenticated administrators to execute arbitrary code by importing a specially crafted plugin configuration containing path traversal sequences in the directory attribute. Attackers can trigg...
CVE-2026-50869
An issue in the api/plugin.php component of Bludit v3.19.0 allows attackers to execute a directory traversal via supplying a crafted request...
CVE-2026-50872
An issue in the loopback request handling component of fossar selfoss v2.20-SNAPSHOT allows attackers to execute arbitrary commands and obtain sensitive information via supplying a crafted HTTP request...
CVE-2026-49953
Discuz! X5.0 releases 20260320 through 20260610 contains a CAPTCHA bypass vulnerability that allows unauthenticated remote attackers to defeat challenge controls by exploiting limited complexity and predictable character sets in generated CAPTCHA images. Attackers can train a custom optical...
CVE-2026-49952
Discuz! X5.0 releases 20260320 through 20260501 contains an authentication bypass vulnerability that allows unauthenticated remote attackers to gain unauthorized access to database backup and restore functionality by exploiting a shared cryptographic key between UCenter integration and the databa...
CVE-2026-45390
In OCaml-tar before 3.4.0, a crafted archive with ../ path segments in its name allows escaping the current working directory. This is not desired behavior, and tar1 rejects such extractions, but ocaml-tar decompresses it anyway. The impact is that it allows arbitrary file writes outside of the...