Search
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-25732 | high | 8.2 | 8.2 | 2d ago | PHP EI-Tube Script 3 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the search parameter. Attackers… | |||
| CVE-2019-25731 | high | 7.2 | 7.2 | 2d ago | Zuz Music 2.1 contains a persistent cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious JavaScript by submitting crafted contact form data. Attackers can inje… | |||
| CVE-2019-25730 | high | 8.2 | 8.2 | 2d ago | Listing Hub CMS 1.0 contains a SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the id parameter. Attackers can s… | |||
| CVE-2019-25729 | critical | 9.8 | 9.8 | 2d ago | PDF Signer 3.0 contains a server-side template injection vulnerability that allows unauthenticated attackers to execute arbitrary code by injecting PHP commands through the CSRF-TOKEN cookie paramete… | |||
| CVE-2019-25728 | high | 8.2 | 8.2 | 2d ago | Care2x 2.7 contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to execute arbitrary SQL commands by manipulating the ck_config cookie parameter. Attackers can inject … | |||
| CVE-2019-25727 | critical | 9.8 | 9.8 | 2d ago | WordPress Plugin ad manager wd 1.0.11 contains an arbitrary file download vulnerability that allows unauthenticated attackers to download sensitive files by manipulating the path parameter. Attackers… | |||
| CVE-2019-25726 | high | 8.2 | 8.2 | 2d ago | All in One Video Downloader 1.2 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the id parameter. At… | |||
| CVE-2026-44486 | unknown | — | — | 2d ago | Axios: Proxy-Authorization header leaks to redirect target when proxy is re-evaluated to direct connection | |||
| CVE-2026-4104 | critical | 9.8 | 9.8 | 2d ago | Authorization bypass through User-Controlled SQL primary key vulnerability in Akmer Informatics Automation Industry and Trade Ltd. Co. TeknoPass allows SQL Injection. This issue affects TeknoPass: f… | |||
| CVE-2026-45432 | unknown | — | — | 2d ago | This vulnerability exists in GX Earth ONT models due to the transmission of user credentials in plaintext over HTTP in its web management interface. A remote attacker could exploit this vulnerability… | |||
| CVE-2026-45431 | unknown | — | — | 2d ago | This vulnerability exists in GX Earth ONT models due to improper handling of user-supplied input in multiple diagnostic functions in its web management interface. An authenticated remote attacker cou… | |||
| CVE-2026-10843 | high | 7.2 | 7.2 | 2d ago | A flaw was found in the OpenShift Cloud Credential Operator Mint-mode IAM policies for AWS. Operator credentials are provisioned with account-wide scope for destructive actions rather than being rest… | |||
| CVE-2026-10840 | critical | 9.6 | 9.6 | 2d ago | A flaw was found in the OpenShift Pipelines operator. The tekton-scheduler-rolebinding ClusterRoleBinding grants the system:authenticated group write access to Kueue and cert-manager custom resources… | |||
| CVE-2026-10804 | low | 3.6 | 3.6 | 2d ago | A vulnerability has been found in Streamlit up to 1.53.0. Impacted is an unknown function in the library lib/streamlit/runtime/caching/hashing.py of the component Palette Handler. Such manipulation l… | |||
| CVE-2026-10803 | low | 3.6 | 3.6 | lfprojects | 2d ago | A flaw has been found in MLflow up to 3.10.0. This issue affects the function mlflow.data.digest_utils of the file mlflow/data/digest_utils.py of the component Dataset Digest Computation. This manipu… | ||
| CVE-2025-52612 | high | 8.8 | 8.8 | hcltech | 2d ago | HCL iControl was affected by Export CSV - CSV Injection vulnerability. It is vulnerable to a reflected cross-site scripting vulnerability. This was caused by an insufficient sanitation of input param… | ||
| CVE-2025-12694 | unknown | — | — | 2d ago | A local privilege escalation vulnerability exists in Forcepoint VPN Client that allows a local non-administrative user to escalate privileges to SYSTEM. This issue affects VPN Client for Windows: ver… | |||
| CVE-2026-10801 | low | 3.6 | 3.6 | 2d ago | A security vulnerability has been detected in modelscope ms-swift up to 4.2.0. This affects the function Template._save_pil_image of the file swift/template/base.py of the component PIL Image Cache K… | |||
| CVE-2026-50226 | unknown | — | — | 2d ago | Fixed AES-128-CBC keys inside the AcerConnect OTA application let attackers forge authorization credentials for arbitrary IMEI numbers. This allows unauthorized actors to list catalog items and extra… | |||
| CVE-2026-50225 | unknown | — | — | 2d ago | The registration path /v1/account/register provides no bot mitigation mechanisms, allowing malicious automated systems to flood the database. | |||
| CVE-2026-50224 | unknown | — | — | 2d ago | The web administration panel binds broadly to the public IPv6 address space on port [::]:8080 without default firewall limits, making internal API endpoints reachable over the WAN. | |||
| CVE-2026-50214 | unknown | — | — | 2d ago | The /v1/Plan service relies entirely on a shared global API token for full administrative management, allowing arbitrary creation of zero-cost network access plans. | |||
| CVE-2026-4881 | unknown | — | — | 2d ago | In affected versions of Octopus Server, permissions were not checked correctly resulting in any authenticated user being able to make server level changes using a certain API endpoint despite receivi… | |||
| CVE-2026-49771 | high | 7.6 | 7.6 | 2d ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in 10Web Photo Gallery by 10Web allows Blind SQL Injection. This issue affects Photo Gallery by 10W… | |||
| CVE-2026-10800 | low | 3.6 | 3.6 | 2d ago | A weakness has been identified in PaddlePaddle FastDeploy up to 2.4.1. Affected by this issue is the function hash_features of the file fastdeploy/multimodal/hasher.py of the component MultimodalHash… | |||
| CVE-2026-50213 | high | 7.5 | 7.5 | acer | 2d ago | The account validation endpoint /v1/User/validate returns comprehensive user profile data sheets, which can be crawled by iterating predictable identification strings. | ||
| CVE-2026-50211 | critical | 9.8 | 9.8 | acer | 2d ago | Leftover engineering diagnostics and factory-level diagnostic software remain exposed on retail builds, giving malicious apps write privileges to internal NVRAM registers. | ||
| CVE-2026-50210 | high | 7.5 | 7.5 | acer | 2d ago | The device encrypts data using AES-CBC with static zero-filled Initialization Vectors (IVs), making it susceptible to replay attacks and known-plaintext decryption. | ||
| CVE-2026-50209 | high | 7.8 | 7.8 | acer | 2d ago | Broadcast events allow malicious software to rewrite the device's default Mobile Device Management (MDM) endpoint address, shifting administrative ownership to an external attacker. | ||
| CVE-2026-50208 | critical | 9.4 | 9.4 | acer | 2d ago | High-risk TrustAllCerts routines disable standard TLS certificate validation. Combined with hard-coded DES symmetric encryption keys, a Man-in-the-Middle (MITM) actor could decrypt network traffic. | ||
| CVE-2026-50207 | high | 7.8 | 7.8 | acer | 2d ago | The system Binder boundary accepts unverified pass-through AT commands, giving local applications the power to read baseband files or disable cellular connectivity. | ||
| CVE-2026-3820 | high | 7.2 | 7.2 | 2d ago | There is a vulnerability in the Supermicro BMC SMTP service at Supermicro AS-2115HS-TNR. An attacker may obtain administrator privileges and inject specially crafted characters into the SMTP servic… | |||
| CVE-2026-50205 | high | 8.2 | 8.2 | acer | 2d ago | System log files output unencrypted SMTP server authentication passwords alongside sensitive employee corporate identification data. | ||
| CVE-2026-49203 | high | 8.3 | 8.3 | acer | 2d ago | Crucial management API endpoints for cellular eSIM allocation do not validate caller authorization, allowing remote profiles to be rewritten or deleted. | ||
| CVE-2026-49202 | high | 8.6 | 8.6 | acer | 2d ago | Internal multimedia session archives are accessible without authentication, exacerbated by loose Cross-Origin Resource Sharing (CORS) rules that allow cross-site theft. | ||
| CVE-2026-49194 | high | 8.8 | 8.8 | acer | 2d ago | The debugging routine SCREEN_CLICK(5053) enables a connection to skip the standard device login prompt entirely and directly enter an interactive shell interface. | ||
| CVE-2026-49193 | high | 7.5 | 7.5 | acer | 2d ago | Overly permissive configuration settings on cloud storage containers expose active telemetry information publicly to the internet. | ||
| CVE-2026-49191 | critical | 9.8 | 9.8 | acer | 2d ago | The production build of the M3WebServer hard-codes its backend API keys, which can be easily intercepted through verbose error handling pages. | ||
| CVE-2026-49190 | high | 8.8 | 8.8 | acer | 2d ago | The system fails to evaluate instructional permissions over multiple internal operation codes (opcodes), permitting unauthorized application installations or command executions. | ||
| CVE-2026-49189 | high | 7.8 | 7.8 | acer | 2d ago | Unchecked public access permissions on a core Broadcast Receiver allow unauthorized local software components to invoke administrative operations. | ||
| CVE-2026-49186 | critical | 9.8 | 9.8 | acer | 2d ago | The local MQTT broker does not enforce topic-level Access Control Lists (ACLs). This allows any client to subscribe using wildcard characters (# or +) to enumerate hidden network devices or publish r… | ||
| CVE-2026-49185 | critical | 9.8 | 9.8 | acer | 2d ago | The FieldX MDM adb messaging topic passes unverified payloads directly into Runtime.exec(), allowing command/instruction injection. | ||
| CVE-2026-48681 | high | 8.1 | 8.1 | debian | openstack | 2d ago | OpenStack Ironic through before 35.0.2 allows file overwrite via directory traversal during deployment with a crafted ISO image. | |
| CVE-2026-41283 | critical | 9.9 | 9.9 | debian | 2d ago | OpenStack Mistral through 22.0.0 allows Arbitrary Remote Code Execution when the API is exposed. There are endpoints that allow code execution, which can lead to exfiltration of service credentials. | ||
| CVE-2026-41010 | high | 8.2 | 8.2 | 2d ago | ReleaseJob#unpack builds job_dir = File.join(@release_dir, 'jobs', name) and job_tgz = File.join(@release_dir, 'jobs', "#{name}.tgz") where name returns @job_meta['name'], a value taken verbatim from… | |||
| CVE-2026-49188 | critical | 9.8 | 9.8 | acer | 2d ago | The ai_cmd utility executes with full root permissions. It pipes socket inputs directly to popen(), paving the way for unauthenticated users to execute arbitrary root commands. | ||
| CVE-2026-49187 | high | 7.5 | 7.5 | acer | 2d ago | The hard-coded APK resource files never expire, and the shared scepter leads to information leaks and potential misuse. | ||
| CVE-2026-8829 | high | 7.5 | 7.5 | FIX | sles debian | 2d ago | HTML::Entities versions before 3.84 for Perl read freed heap memory in _decode_entities. The XS routine backing HTML::Entities::_decode_entities cached a pointer (repl) into the entity-value SV retu… | |
| CVE-2026-41860 | high | 8.8 | 8.8 | 2d ago | CWE-326 in BOSH allows a local attacker to steal Basic-auth credentials or redirect UAA token requests via MITM. HttpRequestHelper#create_async_endpoint and #send_http_get_request_synchronous hard-co… | |||
| CVE-2026-41859 | high | 7.8 | 7.8 | 2d ago | A network man-in-the-middle between nats-sync and the BOSH director can steal the director credentials (Basic auth header or UAA client secret) and can tamper with the VM list that is written into th… | |||
| CVE-2026-41011 | high | 8.2 | 8.2 | 2d ago | PackagePersister.validate_tgz builds "tar -tf #{tgz} 2>&1" where tgz = File.join(release_dir, 'packages', "#{name}.tgz") and name = package_meta['name'] comes directly from release.MF inside the uplo… | |||
| CVE-2026-10737 | high | 7.5 | 7.5 | 2d ago | The SP Project & Document Manager plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the view_file function in all versions up to, and including, 4.71. Thi… | |||
| CVE-2026-10783 | low | 2.5 | 2.5 | 3d ago | A security flaw has been discovered in gradio-app gradio 6.14.0. This affects the function save_audio_to_cache of the component Audio Cache Key Handler. Performing a manipulation results in use of we… | |||
| CVE-2026-2596 | unknown | — | — | 3d ago | Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | |||
| CVE-2026-10777 | high | 7.3 | 7.3 | 3d ago | A vulnerability was identified in ealpha072 Student-Management-System up to 01451bd7a2f58cdda07bd0b86e3967582e3ecd08. Affected by this issue is some unknown functionality of the file admin/config.php… | |||
| CVE-2026-10775 | low | 3.6 | 3.6 | 3d ago | A vulnerability was determined in sgl-project SGLang up to 0.5.11. Affected by this vulnerability is the function data_hash of the component Cache Handler. This manipulation causes denial of service.… | |||
| CVE-2026-46447 | high | 7.7 | 7.7 | debian | openstack | 3d ago | OpenStack Ironic before 35.0.2 allows Boot Script Injection of an iPXE script if the attacker can set node.driver_info or node.instance_info. | |
| CVE-2026-22055 | unknown | — | — | 3d ago | Active IQ OneCollect version 2.7.3 contains hard-coded credentials that could allow an authenticated attacker with low privileges to perform unauthorized AutoSupport operations. | |||
| CVE-2026-22054 | unknown | — | — | 3d ago | Active IQ Config Advisor version 6.7.3 contains hard-coded credentials that could allow an authenticated attacker with low privileges to perform unauthorized AutoSupport operations. | |||
| CVE-2026-10771 | high | 7.3 | 7.3 | 3d ago | A vulnerability was found in crmeb crmeb_java 1.4. Affected is the function RestTemplate.getForEntity of the file crmeb-common/src/main/java/com/zbkj/common/utils/RestTemplateUtil.java of the compone… | |||
| CVE-2026-44182 | unknown | — | — | 3d ago | Jupyter Enterprise Gateway: Kubernetes Manifest Injection in Jinja2 Template Rendering | |||
| CVE-2026-44181 | unknown | — | — | 3d ago | Jupyter Enterprise Gateway: Jinja2 Template Server Side Template Injection resulting in Remote Code Execution | |||
| CVE-2026-44180 | unknown | — | — | 3d ago | Jupyter Enterprise Gateway: ContainerProcessProxy._enforce_prohibited_ids Bypass | |||
| CVE-2026-44023 | unknown | — | — | 3d ago | Docling Core: Unsafe remote filename resolution | |||
| CVE-2026-44019 | unknown | — | — | 3d ago | Docling Core: Insufficient validation of image reference URIs | |||
| CVE-2026-47214 | unknown | — | — | 3d ago | Docling: Unsafe URI and Path Handling in HTML Backend | |||
| CVE-2026-44022 | unknown | — | — | 3d ago | Docling: Potential Path Traversal via LaTeX \includegraphics and \input Commands | |||
| CVE-2026-44020 | unknown | — | — | 3d ago | Docling: Unsafe XML Entity Expansion in USPTO Patent Backend | |||
| CVE-2026-44018 | unknown | — | — | 3d ago | Docling: Unsafe Archive Extraction and XML Parsing in METS-GBS Backend | |||
| CVE-2026-44016 | unknown | — | — | 3d ago | Docling: Unsafe Playwright-based HTML Rendering | |||
| CVE-2026-43980 | unknown | — | — | 3d ago | malla: Stored XSS via Meshtastic node names in multiple frontend pages | |||
| CVE-2026-41234 | high | 7.6 | 7.6 | 3d ago | Froxlor is open source server administration software. Prior to version 2.3.7, the `DomainZones.add` API endpoint does not sanitize newline characters in TXT record content. An authenticated customer… | |||
| CVE-2026-40898 | high | 7.5 | 7.5 | debian | quic-go_project | 3d ago | quic-go is an implementation of the QUIC protocol in Go. Prior to version 0.59.1, an attacker can cause excessive memory allocation in quic-go's HTTP/3 client and server implementations by sending a … | |
| CVE-2026-50033 | high | 7.3 | 7.3 | 3d ago | Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis DeviceLock DLP (Windows) before build 9.0.15051.93227. | |||
| CVE-2026-44682 | high | 7.3 | 7.3 | 3d ago | Local privilege escalation due to DLL hijacking vulnerability. The following products are affected: Acronis DeviceLock DLP (Windows) before build 9.0.15051.93227. | |||
| CVE-2026-44609 | high | 7.3 | 7.3 | 3d ago | Local privilege escalation due to EXE hijacking vulnerability. The following products are affected: Acronis DeviceLock DLP (Windows) before build 9.0.15051.93227. | |||
| CVE-2026-43924 | unknown | — | — | 3d ago | FOSSBilling is a free, open-source billing and client management system. Prior to version 0.8.0, the Redirect module does not validate the URL scheme of administrator-configured destination URLs befo… | |||
| CVE-2026-42061 | high | 7.3 | 7.3 | 3d ago | Local privilege escalation due to excessive permissions assigned to child processes. The following products are affected: Acronis DeviceLock DLP (Windows) before build 9.0.15051.93227. | |||
| CVE-2026-40495 | unknown | — | — | 3d ago | FOSSBilling is a free, open-source billing and client management system. Versions prior to 0.8.0 leak the exact system version through asset cache buster parameters in HTML output, bypassing the `hid… | |||
| CVE-2026-10766 | low | 3.6 | 3.6 | 3d ago | A vulnerability has been found in mlrun up to 1.12.0-rc3. This impacts the function mlrun.utils.helpers.calculate_dataframe_hash of the file mlrun/utils/helpers.py of the component DataFrame Hash Han… | |||
| CVE-2026-44017 | unknown | — | — | 3d ago | Docling: Unsafe Zip Extraction in EasyOCR Model Download | |||
| CVE-2026-8889 | high | 7.5 | 7.5 | securly | 3d ago | Version 3.0.7 of the Securly Chrome Extension uses deprecated SHA-1 hashing for IWF CSAM URL matching (25,020 hashes) and CIPA blocklist matching (12,352 hashes). | ||
| CVE-2026-8888 | high | 7.5 | 7.5 | securly | 3d ago | Version 3.0.7 of the Securly Chrome Extension downloads config.json over HTTP and compiles server-provided patterns as JavaScript regular expressions via new RegExp() without complexity validation. A… | ||
| CVE-2026-8881 | high | 7.5 | 7.5 | securly | 3d ago | Version 3.0.7 of the Securly Chrome Extension uses EVP_BytesToKey key derivation with MD5 and a single iteration for AES encryption. MD5 has been broken since 2004 and a single iteration provides no … | ||
| CVE-2026-8879 | high | 7.5 | 7.5 | securly | 3d ago | Version 3.0.7 of the Securly Chrome Extension dynamically registers content13.min.js as a content script via chrome.scripting.registerContentScripts() at runtime. This script is NOT declared in manif… | ||
| CVE-2026-8878 | high | 7.5 | 7.5 | securly | 3d ago | Version 3.0.7 of the Securly Chrome Extension exposes multiple publicly accessible endpoints that allow unauthenticated access to sensitive data. The exposed information consists of SHA-1 hashes that… | ||
| CVE-2026-8876 | high | 7.3 | 7.3 | securly | 3d ago | Version 3.0.7 of the Securly Chrome Extension contains hardcoded, plaintext AES passphrases in securly.min.js. These keys decrypt crisis alert keyword data and intervention site data. | ||
| CVE-2026-8874 | high | 7.1 | 7.1 | securly | 3d ago | Version 3.0.7 of the Securly Chrome Extension downloads JSON files containing crisis alert keywords and filtering rules over unencrypted HTTP via the Fetch API. Other endpoints in the same extension … | ||
| CVE-2026-7888 | unknown | — | — | 3d ago | Concrete CMS below 9.5.2 is vulnerable to PHP Object Injection via unserialize() calls in the Workflow, Form block, and File/Set components that lack the allowed_classes restriction. An unauthenticat… | |||
| CVE-2026-42840 | unknown | — | — | 3d ago | An authenticated user can persist arbitrary HTML/JavaScript in the email_id or mobile_no fields of a Customer record and trigger unescaped rendering in the Point of Sale (POS) interface for every ope… | |||
| CVE-2026-42839 | unknown | — | — | 3d ago | An authenticated ERPNext user with Item record edit permissions can persist arbitrary HTML/JavaScript in the item_name, description, or image fields of an Item and trigger unescaped rendering in the … | |||
| CVE-2026-40290 | high | 7.8 | 7.8 | debian | 3d ago | OP-TEE is a Trusted Execution Environment (TEE) designed as companion to a non-secure Linux kernel running on Arm; Cortex-A cores using the TrustZone technology. Starting in version 3.16.0 and prior … | ||
| CVE-2026-46273 | high | 8.6 | 8.6 | FIX | debian sles windows | 3d ago | In the Linux kernel, the following vulnerability has been resolved: ibmveth: Disable GSO for packets with small MSS Some physical adapters on Power systems do not support segmentation offload when … | |
| CVE-2026-44281 | unknown | — | — | 3d ago | GLPI is a free asset and IT management software package. Starting in version 0.78 and prior to versions 10.0.25 and 11.0.7, an authenticated user with config READ permission can read a specific asset… | |||
| CVE-2026-42321 | unknown | — | — | 3d ago | GLPI is a free asset and IT management software package. Starting in version 10.0.4 and prior to version 10.0.25, a technician can store an XSS payload in the asset locked tab. Upgrade to 10.0.25 or … | |||
| CVE-2026-42320 | unknown | — | — | 3d ago | GLPI is a free asset and IT management software package. Starting in version 0.50 and prior to versions 10.0.25 and 11.0.7, a technician can read arbitrary files inside the GLPI_DOC_DIR. Upgrade to 1… | |||
| CVE-2026-42318 | unknown | — | — | 3d ago | GLPI is a free asset and IT management software package. Starting in version 9.5.0 and prior to versions 10.0.25 and 11.0.7, low privilege users with access to planning can delete any object in GLPI.… | |||
| CVE-2026-42317 | unknown | — | — | 3d ago | GLPI is a free asset and IT management software package. Starting in version 0.78 and prior to versions 10.0.25 and 11.0.7, a technician can delete arbitrary files from the filesystem as long as the … | |||
| CVE-2026-3276 | unknown | — | — | sles debian | 3d ago | unicodedata.normalize() can take excessive CPU time when processing specially crafted Unicode input containing long runs of combining characters with alternating Canonical Combining Class values. Thi… | ||
| CVE-2026-37462 | high | 7.5 | 7.5 | FIX | debian | 3d ago | An integer underflow in the BGPUpdate.DecodeFromBytes function (/bgp/bgp.go) of gobgp v4.3.0 allows attackers to cause a Denial of Service (DoS) via supplying a crafted BGP UPDATE message. |