Lucene search
K

363650 matches found

NVD
NVD
added 2026/06/29 7:16 a.m.8 views

CVE-2025-2902

Improper Authorization Vulnerability of Maintenance Utility in Hitachi Virtual Storage Platform. This issue affects Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H: before DKCMAIN Ver. 93-07-26-xx/00, GUM Ver. 93-07-26/00; Hitachi Virtual Storage Platfo...

8.3CVSS0.00195EPSS
Exploits0References1
NVD
NVD
added 2026/06/29 7:16 a.m.9 views

CVE-2025-7386

Information exposure vulnerability in Hitachi Storage Navigator. This issue affects Hitachi Virtual Storage Platform 5100, 5200, 5500, 5600, 5100H, 5200H, 5500H, 5600H, VX8: before DKCMAIN Ver. 90-09-24-00/00, SVP Ver. 90-09-24/00, before DKCMAIN Ver. 90-08-86-00/00, SVP Ver. 90-08-86/00; Hitachi...

6.8CVSS0.00227EPSS
Exploits0References1
NVD
NVD
added 2026/06/29 6:16 a.m.22 views

CVE-2026-53325

In the Linux kernel, the following vulnerability has been resolved: agp/amd64: Fix broken error propagation in agpamd64probe A NULL pointer dereference was observed in the AMD64 AGP driver when running in a virtualized environment e.g. qemu/kvm without a physical AMD northbridge. The crash occurs...

5.5CVSS0.00203EPSS
Exploits0References9
NVD
NVD
added 2026/06/29 6:16 a.m.9 views

CVE-2026-13538

A vulnerability was determined in Wavlink WL-NU516U1-A M16U1V240425. The affected element is the function sub401D68 of the file /cgi-bin/wireless.cgi of the component POST Parameter Handler. This manipulation of the argument SSID2G2/SSID5G2/AuthMethod2/WPAPSK12 causes command injection. Remote...

6.5CVSS0.01306EPSS
Exploits0References10
NVD
NVD
added 2026/06/29 6:16 a.m.7 views

CVE-2026-13536

A vulnerability has been found in GotoHTTP up to 10.2. This issue affects some unknown processing of the file /reg.12x. The manipulation of the argument sn leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor...

5.3CVSS0.00284EPSS
Exploits0References5
NVD
NVD
added 2026/06/29 6:16 a.m.10 views

CVE-2026-13535

A flaw has been found in CodeAstro Human Resource Management System 1.0. This vulnerability affects the function GetFileInfo of the file hrsystem/application/models/Employeemodel.php of the component View Endpoint. Executing a manipulation of the argument ID can lead to sql injection. The attack...

6.5CVSS0.00204EPSS
Exploits0References6
NVD
NVD
added 2026/06/29 6:16 a.m.8 views

CVE-2026-13537

A vulnerability was found in CodeAstro Human Resource Management System 1.0. Impacted is an unknown function. The manipulation results in cross-site request forgery. The attack may be launched remotely. The exploit has been made public and could be used...

5.3CVSS0.00162EPSS
Exploits0References6
NVD
NVD
added 2026/06/29 6:16 a.m.8 views

CVE-2026-13533

A security vulnerability has been detected in agentejo Cockpit CMS up to 0.12.2. Affected by this issue is the function Spyc::YAMLLoad of the file /config/config.yaml of the component htaccess Handler. Such manipulation leads to files or directories accessible. It is possible to launch the attack...

6.9CVSS0.00286EPSS
Exploits0References5
NVD
NVD
added 2026/06/29 6:16 a.m.8 views

CVE-2026-13534

A vulnerability was detected in CherryHQ cherry-studio up to 1.9.7. This affects the function sha256 of the file src/main/services/memory/MemoryService.ts of the component CherryIN Preload API. Performing a manipulation of the argument state results in authorization bypass. The attack can be...

5CVSS0.00199EPSS
Exploits0References7
NVD
NVD
added 2026/06/29 6:16 a.m.6 views

CVE-2026-13532

A weakness has been identified in itsourcecode Hospital Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /departmentDoctor.php. This manipulation of the argument deptid causes sql injection. It is possible to initiate the attack remotely. The exploit h...

6.5CVSS0.00204EPSS
Exploits0References6
NVD
NVD
added 2026/06/29 4:16 a.m.7 views

CVE-2026-13531

A security flaw has been discovered in itsourcecode Hospital Management System 1.0. Affected is an unknown function of the file /department.php. The manipulation of the argument editid results in sql injection. The attack may be performed from remote. The exploit has been released to the public a...

6.5CVSS0.002EPSS
Exploits0References6
NVD
NVD
added 2026/06/29 4:16 a.m.9 views

CVE-2026-13529

A vulnerability was determined in YzmCMS up to 7.5. This affects an unknown function of the file /application/install/index.php. Executing a manipulation of the argument siteurl can lead to sql injection. The attack can be executed remotely. A high complexity level is associated with this attack...

6.3CVSS0.00239EPSS
Exploits0References5
NVD
NVD
added 2026/06/29 4:16 a.m.8 views

CVE-2026-13528

A vulnerability was found in YunaiV/zhijiantianya ruoyi-vue-pro up to 2026.04-jdk8-SNAPSHOT. The impacted element is the function generateUploadPath of the file yudao-module-infra/src/main/java/cn/iocoder/yudao/module/infra/service/file/FileServiceImpl.java of the component AppFileController File...

7.5CVSS0.00447EPSS
Exploits0References8
NVD
NVD
added 2026/06/29 4:16 a.m.8 views

CVE-2026-13530

A vulnerability was identified in itsourcecode Hospital Management System 1.0. This impacts an unknown function of the file /appointmentdetail.php of the component Appointment Handler. The manipulation of the argument editid leads to sql injection. The attack is possible to be carried out remotel...

6.5CVSS0.002EPSS
Exploits0References6
NVD
NVD
added 2026/06/29 4:16 a.m.8 views

CVE-2026-13527

A vulnerability has been found in SourceCodester Class and Exam Timetabling System 1.0. The affected element is an unknown function of the file /preview4.php. Such manipulation of the argument courseyearsection leads to sql injection. The attack may be launched remotely. The exploit has been...

7.5CVSS0.00263EPSS
Exploits0References6
NVD
NVD
added 2026/06/29 3:16 a.m.11 views

CVE-2026-13525

A vulnerability was detected in CodeAstro Human Resource Management System 1.0. This issue affects the function emselectByCode of the file application/models/Employeemodel.php of the component UpdateEarnLeave Endpoint. The manipulation of the argument emid results in sql injection. The attack can...

6.5CVSS0.002EPSS
Exploits0References6
NVD
NVD
added 2026/06/29 3:16 a.m.9 views

CVE-2026-13526

A flaw has been found in SourceCodester Class and Exam Timetabling System 1.0. Impacted is an unknown function of the file /editclass.php. This manipulation of the argument ID causes sql injection. The attack may be initiated remotely. The exploit has been published and may be used...

7.5CVSS0.00263EPSS
Exploits0References6
NVD
NVD
added 2026/06/29 3:16 a.m.9 views

CVE-2026-13524

A security vulnerability has been detected in CherryHQ cherry-studio up to 1.9.6. This vulnerability affects unknown code of the file src/main/services/mcp/oauth/callback.ts of the component MCP OAuth Local Callback Server. The manipulation of the argument code leads to improper authorization. Th...

6.3CVSS0.00264EPSS
Exploits0References7
NVD
NVD
added 2026/06/29 3:16 a.m.7 views

CVE-2026-13523

A weakness has been identified in GPAC up to 26.02.0. This affects an unknown part of the file src/utils/baseencoding.c of the component ISOBMFF Parser. Executing a manipulation can lead to highly compressed data. The attack needs to be launched locally. The exploit has been made available to the...

4.8CVSS0.00112EPSS
Exploits0References8
NVD
NVD
added 2026/06/29 2:16 a.m.7 views

CVE-2026-13520

A vulnerability was determined in itsourcecode Hospital Management System 1.0. Affected is an unknown function of the file /appointmentapproval.php of the component Appointment Handler. This manipulation of the argument editid causes sql injection. The attack is possible to be carried out remotel...

6.5CVSS0.002EPSS
Exploits0References6
NVD
NVD
added 2026/06/29 2:16 a.m.10 views

CVE-2026-13522

A security flaw has been discovered in Investintech SlimPDFReader up to 2.0.14. Affected by this issue is the function SlimPDFReader!Investintech::PCV::TeighaDo+0x25cde0 of the file SlimPDFReader.exe of the component PDF File Handler. Performing a manipulation results in out-of-bounds read. It is...

5.3CVSS0.00293EPSS
Exploits0References4
NVD
NVD
added 2026/06/29 2:16 a.m.8 views

CVE-2026-13521

A vulnerability was identified in SourceCodester Class and Exam Timetabling System 1.0/5.php. Affected by this vulnerability is an unknown functionality of the file /preview5.php. Such manipulation of the argument courseyearsection leads to sql injection. The attack may be performed from remote...

7.5CVSS0.00269EPSS
Exploits0References6
NVD
NVD
added 2026/06/29 2:16 a.m.8 views

CVE-2026-13519

A vulnerability was found in Tenda JD12L 16.03.53.23. This impacts the function fromNatStaticSetting of the file /goform/NatStaticSetting. The manipulation of the argument page results in stack-based buffer overflow. The attack can be executed remotely. The exploit has been made public and could ...

9CVSS0.00466EPSS
Exploits0References6
NVD
NVD
added 2026/06/29 1:16 a.m.10 views

CVE-2026-13517

A flaw has been found in Tenda JD12L 16.03.53.23. The impacted element is the function formWifiBasicSet of the file /goform/WifiBasicSet. Executing a manipulation of the argument security5g can lead to stack-based buffer overflow. The attack may be launched remotely. The exploit has been publishe...

9CVSS0.00466EPSS
Exploits0References6
NVD
NVD
added 2026/06/29 1:16 a.m.9 views

CVE-2026-13518

A vulnerability has been found in Tenda JD12L 16.03.53.23. This affects the function fromAddressNat of the file /goform/addressNat. The manipulation of the argument page leads to stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been disclosed to the publ...

9CVSS0.00466EPSS
Exploits0References6
NVD
NVD
added 2026/06/29 12:16 a.m.9 views

CVE-2026-13513

A security flaw has been discovered in MyScale MyScaleDB up to 1.8.0. This vulnerability affects the function SegmentId::getCacheKey in the library src/VectorIndex/Common/SegmentId.h. The manipulation results in insufficient verification of data authenticity. It is possible to launch the attack...

5CVSS0.00133EPSS
Exploits0References7
NVD
NVD
added 2026/06/29 12:16 a.m.10 views

CVE-2026-13515

A security vulnerability has been detected in Tenda JD12L 16.03.53.23. Impacted is the function formSetPPTPServer of the file /goform/SetPptpServerCfg. Such manipulation of the argument startIp leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclos...

9CVSS0.00476EPSS
Exploits0References6
NVD
NVD
added 2026/06/29 12:16 a.m.10 views

CVE-2026-13514

A weakness has been identified in Chess Play and Learn App up to 4.9.42 on Android. This issue affects some unknown processing of the file AndroidManifest.xml of the component com.chess. This manipulation causes exposure of backup file to an unauthorized control sphere. It is feasible to perform...

2.4CVSS0.00133EPSS
Exploits0References6
NVD
NVD
added 2026/06/29 12:16 a.m.10 views

CVE-2026-13516

A vulnerability was detected in Tenda JD12L 16.03.53.23. The affected element is the function fromSetWifiGusetBasic of the file /goform/WifiGuestSet. Performing a manipulation of the argument shareSpeed results in stack-based buffer overflow. The attack may be initiated remotely. The exploit is n...

9CVSS0.00466EPSS
Exploits0References6
NVD
NVD
added 2026/06/28 11:16 p.m.10 views

CVE-2026-13512

A vulnerability was identified in Databend up to 1.2.881 on HTTP. This affects the function ClientSessionManager::statekey of the file src/query/service/src/servers/http/v1/session/clientsessionmanager.rs of the component Tenant Handler. The manipulation leads to authorization bypass. It is...

6.5CVSS0.0022EPSS
Exploits0References6
NVD
NVD
added 2026/06/28 11:16 p.m.11 views

CVE-2026-13511

A vulnerability was determined in VoltAgent up to 2.1.17. Affected by this issue is the function handleGetMemoryConversation of the file packages/server-core/src/handlers/memory.handlers.ts of the component Memory REST API. Executing a manipulation of the argument conversationId can lead to...

3.1CVSS0.0022EPSS
Exploits0References7
NVD
NVD
added 2026/06/28 11:16 p.m.11 views

CVE-2026-13510

A vulnerability was found in SimStudioAI sim up to 0.6.92. Affected by this vulnerability is an unknown functionality in the library apps/sim/lib/core/security/deployment.ts of the component Password Protection Handler. Performing a manipulation results in use of weak hash. The attack is possible...

6.3CVSS0.00216EPSS
Exploits0References7
NVD
NVD
added 2026/06/28 10:16 p.m.10 views

CVE-2026-13508

A flaw has been found in khoj-ai khoj up to 2.0.0-beta.28. This impacts an unknown function of the file src/khoj/routers/apichat.py of the component Conversation Sharing Handler. This manipulation of the argument conversation.agent causes incorrect authorization. Remote exploitation of the attack...

6.5CVSS0.00165EPSS
Exploits0References7
NVD
NVD
added 2026/06/28 10:16 p.m.7 views

CVE-2026-13509

A vulnerability has been found in RAGapp up to 0.1.5. Affected is the function FileHandler.uploadfile/FileHandler.removefile of the file src/ragapp/backend/controllers/files.py of the component Knowledge File Handler. Such manipulation leads to path traversal. The attack can be executed remotely...

6.5CVSS0.00294EPSS
Exploits0References7
NVD
NVD
added 2026/06/28 10:16 p.m.7 views

CVE-2026-13507

A vulnerability was detected in volcengine OpenViking up to 0.3.21. This affects the function strtouint64 of the file openviking/storage/vectordb/utils/strtouint64.py of the component Local VectorDB Primary-key Label Handler. The manipulation of the argument ID results in insufficient verificatio...

5CVSS0.00138EPSS
Exploits0References7
NVD
NVD
added 2026/06/28 7:16 p.m.13 views

CVE-2026-49048

The Joomla extension JoomCCK exposes a front-end controller task, that builds two SQL statements by directly concatenating a user-supplied request parameter into the query string without escaping or parameterisation...

9.8CVSS0.00505EPSS
Exploits1References1
NVD
NVD
added 2026/06/28 4:16 p.m.11 views

CVE-2026-13504

A vulnerability has been found in code-projects Project Management System 1.0. This vulnerability affects unknown code of the file /mail.php of the component Mail Compose Page. Such manipulation leads to cross site scripting. The attack may be performed from remote. The exploit has been disclosed...

5.1CVSS0.00203EPSS
Exploits0References6
NVD
NVD
added 2026/06/28 4:16 p.m.10 views

CVE-2026-13503

A vulnerability was detected in antlr ANTLR4 up to 4.13.2. Affected by this issue is the function getImportedVocabFile of the file tool/src/org/antlr/v4/parse/TokenVocabParser.java of the component tokenVocab Grammar Option Handler. The manipulation results in path traversal. The attack can be...

6.9CVSS0.0055EPSS
Exploits0References5
NVD
NVD
added 2026/06/28 3:16 p.m.11 views

CVE-2026-13502

A flaw has been found in antlr ANTLR4 up to 4.13.2. This affects the function ObjectInputStream.readObject of the file antlr4-maven-plugin/src/main/java/org/antlr/mojo/antlr4/GrammarDependencies.java of the component Maven Plugin. This manipulation causes time-of-check time-of-use. The attack is...

4.5CVSS0.00091EPSS
Exploits0References5
NVD
NVD
added 2026/06/28 3:16 p.m.11 views

CVE-2026-13501

A security vulnerability has been detected in antlr ANTLR4 up to 4.13.2. Affected by this vulnerability is the function GoTarget of the file tool/src/org/antlr/v4/codegen/target/GoTarget.java of the component gofmt. The manipulation leads to command injection. The attack can only be performed fro...

5.3CVSS0.00678EPSS
Exploits0References5
NVD
NVD
added 2026/06/28 3:16 p.m.13 views

CVE-2026-13500

A weakness has been identified in antlr ANTLR4 up to 4.13.2. Affected is an unknown function of the file tool/src/org/antlr/v4/codegen/model/OutputFile.java of the component Grammar Action Block Handler. Executing a manipulation can lead to code injection. The attack may be launched remotely. The...

7.5CVSS0.00311EPSS
Exploits0References5
NVD
NVD
added 2026/06/28 2:16 p.m.10 views

CVE-2026-13499

A security flaw has been discovered in yashpokharna2555 restaurent-management-system. This impacts an unknown function of the file loginregister.php of the component Registration Handler. Performing a manipulation of the argument Username results in cross site scripting. The attack may be initiat...

5.3CVSS0.00278EPSS
Exploits0References6
NVD
NVD
added 2026/06/28 1:16 p.m.7 views

CVE-2026-13498

A vulnerability was identified in yashpokharna2555 restaurent-management-system. This affects an unknown function of the file /forgotpassword.php of the component POST Parameter Handler. Such manipulation of the argument email leads to sql injection. The attack can be launched remotely. The explo...

7.5CVSS0.00269EPSS
Exploits0References6
NVD
NVD
added 2026/06/28 1:16 p.m.10 views

CVE-2026-13496

A vulnerability was found in itsourcecode Hospital Management System 1.0. The affected element is an unknown function of the file /ajaxmedicine.php. The manipulation of the argument medicineid results in sql injection. It is possible to launch the attack remotely. The exploit has been made public...

6.5CVSS0.00204EPSS
Exploits0References6
NVD
NVD
added 2026/06/28 1:16 p.m.8 views

CVE-2026-13497

A vulnerability was determined in itsourcecode Hospital Management System 1.0. The impacted element is an unknown function of the file /appointment.php. This manipulation of the argument editid causes sql injection. The attack can be initiated remotely. The exploit has been publicly disclosed and...

6.5CVSS0.00204EPSS
Exploits0References6
NVD
NVD
added 2026/06/28 1:16 p.m.9 views

CVE-2026-13495

A vulnerability has been found in itsourcecode Hospital Management System 1.0. Impacted is an unknown function of the file /adminprofile.php. The manipulation of the argument loginid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the publ...

5.8CVSS0.00214EPSS
Exploits0References6
NVD
NVD
added 2026/06/28 1:16 p.m.9 views

CVE-2026-13493

A flaw has been found in AIDC-AI ComfyUI-Copilot up to 2.0.28. This issue affects some unknown processing of the file backend/controller/conversationapi.py of the component Workflow Checkpoint Restore Handler. Executing a manipulation can lead to improper control of resource identifiers. The atta...

3.1CVSS0.00232EPSS
Exploits0References7
NVD
NVD
added 2026/06/28 12:17 p.m.9 views

CVE-2026-13490

A security vulnerability has been detected in glpi-project glpi 11.0.5/11.0.6/11.0.7. This affects the function Document::canViewFile of the file front/document.send.php of the component Document Handler. Such manipulation of the argument docid leads to authorization bypass. The attack can be...

6.3CVSS0.00309EPSS
Exploits0References4
NVD
NVD
added 2026/06/28 12:17 p.m.8 views

CVE-2026-13489

A weakness has been identified in 78 xiaozhi-esp32 up to 2.2.6. Affected by this issue is the function ParseMessage of the file main/mcpserver.cc of the component MCP Response Handler. This manipulation causes improper synchronization. Remote exploitation of the attack is possible. The attack's...

3.1CVSS0.00228EPSS
Exploits0References7
NVD
NVD
added 2026/06/28 12:17 p.m.10 views

CVE-2026-13491

A vulnerability was detected in 78 xiaozhi-esp32 up to 2.2.6. This vulnerability affects the function Application::GetInstance of the file main/protocols/mqttprotocol.cc of the component MQTT Goodbye Handler. Performing a manipulation of the argument sessionid results in denial of service. The...

6.3CVSS0.00411EPSS
Exploits0References8
Total number of security vulnerabilities363650