VIR Vulnerability Intelligence Relay

Search

Found 745 results in 82ms · Match type: Filtered list

Severitycriticalhighmediumlowunknown
0
KEVHas exploit
Reset
CVE Severity CVSS Risk Flags OS Vendor Published Description
CVE-2026-10112 low 2.4 2.4 6d ago A vulnerability has been found in sambitraj STUDENT-MANAGEMENT-SYSTEM 1.0. Affected is an unknown function of the component Dashboard Page. The manipulation of the argument Name leads to cross site s…
CVE-2026-10111 high 7.3 7.3 6d ago A flaw has been found in sambitraj STUDENT-MANAGEMENT-SYSTEM 1.0. This impacts an unknown function of the component Login Page. Executing a manipulation of the argument email can lead to sql injectio…
CVE-2026-10110 high 7.3 7.3 6d ago A vulnerability was detected in code-projects Student Details Management System 1.0. This affects an unknown function of the file /index.php. Performing a manipulation of the argument roll results in…
CVE-2026-47201 high 8.5 8.5 goauthentik 7d ago authentik's XML Signature Wrapping in SAML Source ACS allows authentication as arbitrary federated user
CVE-2026-48557 high 8.8 8.8 7d ago Spatie Laravel Media Library before version 11.23.0 contains a file upload restriction bypass in FileAdder::defaultSanitizer(). The sanitizer checks only the final filename suffix, allowing double-ex…
CVE-2026-47123 high 7.5 7.5 7d ago FreeScout is a free help desk and shared inbox built with PHP's Laravel framework. Prior to 1.8.220, the email processing pipeline in FreeScout's FetchEmails command has two code paths for identifyin…
CVE-2026-46599 high 7.5 7.5 debian debian 7d ago The TIFF decoder does not place a limit on the size of PackBits-compressed data. A maliciously-crafted image can exploit this to cause a small image (both in terms of pixel width/height and encoded s…
CVE-2026-46527 high 7.5 7.5 debian debian sles yhirose 7d ago cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.44.0, When the server has called Server::set_trusted_proxies() with a non-empty trusted-proxy list, an att…
CVE-2026-45700 critical 9.8 9.8 FIX debian debian sles freerdp 7d ago FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, FreeRDP's planar bitmap decoder has an out-of-bounds heap write when decoding RLE planar data. In libfreerdp/codec/pl…
CVE-2026-45372 critical 9.9 9.9 debian debian sles yhirose 7d ago cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.44.0, when cpp-httplib's server parses an incoming request, it applies percent-decoding to every header va…
CVE-2026-44422 high 7.5 7.5 FIX debian debian sles freerdp 7d ago FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, FreeRDP's RDPEAR NDR parser accepts one non-null NDR pointer ref-id for multiple logical pointer fields without track…
CVE-2026-44421 high 8.8 8.8 FIX debian debian sles freerdp 7d ago FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, a malicious RDP server can trigger a heap-buffer-overflow write in the FreeRDP client by sending crafted RDPGFX PDUs.…
CVE-2026-44420 high 8.8 8.8 FIX debian debian sles freerdp 7d ago FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.26.0, a malicious RDP client can trigger a heap-buffer-overflow write in FreeRDP's server-side clipboard (cliprdr) channel …
CVE-2026-44285 high 7.7 7.7 7d ago FastGPT is an AI Agent building platform. Prior to 4.15.0-beta1, a Server-Side Request Forgery (SSRF) vulnerability allows an authenticated attacker to bypass the global isInternalAddress network pro…
CVE-2026-9051 critical 9.1 9.1 7d ago There is an authentication bypass vulnerability in the NI SystemLink Enterprise Dashboard application that may allow an unauthenticated remote attacker to bypass authentication controls leading to pr…
CVE-2026-49383 low 3.3 3.3 jetbrains 7d ago In JetBrains IntelliJ IDEA before 2026.1 xXE in the UI Designer form parser was possible
CVE-2026-49382 high 7.8 7.8 jetbrains 7d ago In JetBrains IntelliJ IDEA before 2026.1 code execution was possible via template injection in the Copyright plugin
CVE-2026-49374 high 7.6 7.6 jetbrains 7d ago In JetBrains TeamCity before 2026.1 improper permission checks exposed build configuration parameters
CVE-2026-49373 high 8.8 8.8 jetbrains 7d ago In JetBrains TeamCity before 2026.1 remote code execution was possible via Perforce connection settings
CVE-2026-49372 high 7.5 7.5 jetbrains 7d ago In JetBrains TeamCity before 2026.1, 2025.11.5 unauthenticated SSRF via build status was possible
CVE-2026-49371 high 8.2 8.2 jetbrains 7d ago In JetBrains TeamCity before 2026.1.1 reflected XSS in the keyword filter was possible
CVE-2026-49370 high 7.5 7.5 jetbrains 7d ago In JetBrains YouTrack before 2026.1.13162 information disclosure was possible on fetchApp requests
CVE-2026-49367 high 8.8 8.8 jetbrains 7d ago In JetBrains IntelliJ IDEA before 2026.1.1 command execution was possible via the guest user account
CVE-2026-49366 high 7.8 7.8 jetbrains 7d ago In JetBrains IntelliJ IDEA before 2026.1.1 command injection was possible via filename completion
CVE-2026-47744 critical 9.9 9.9 7d ago Shopper is a Headless e-commerce Admin Panel. Prior to 2.8.0, two distinct authorization defects in the team settings allowed any authenticated panel user to take over the RBAC system. Settings/Team/…
CVE-2026-47740 high 8.1 8.1 7d ago Shopper is a Headless e-commerce Admin Panel. Prior to 2.8.0, Multiple Filament actions on the admin Order detail and Order shipments table were callable by an authenticated low-privilege user withou…
CVE-2026-42941 high 8.3 8.3 macgregor 7d ago The Danelec MacGregor Voyage Data Recorder device includes a default username and password, with no enforced password change.
CVE-2026-42929 high 8.3 8.3 macgregor 7d ago Danelec MacGregor Voyage Data Recorder includes default accounts with hard-coded credentials.
CVE-2026-45324 low 3.3 3.3 7d ago Rizin is a UNIX-like reverse engineering framework and command-line toolset. There is a double free in librz/core/cmd/cmd_search.c:byte_pattern_search() due wrong pointer ownership declared. This vul…
CVE-2026-45613 low 3.3 3.3 7d ago Rizin is a UNIX-like reverse engineering framework and command-line toolset. There is a heap-buffer-overflow in librz/bin/format/omf/omf.c. This vulnerability is fixed by commit e6d0937c8a083e23ed76c…
CVE-2026-48555 high 7.4 7.4 7d ago Spatie Laravel Media Library before version 11.23.0 contains a server-side request forgery vulnerability that allows remote attackers to cause the server to issue arbitrary outbound HTTP requests by …
CVE-2026-7786 critical 9.8 9.8 7d ago Jinan USR IOT Technology Limited (PUSR) USR-W610 RS232/485 to Wi-Fi/Ethernet Converter device firmware contains plaintext administrative credentials embedded in the firmware image. These credentials …
CVE-2026-6824 high 8.4 8.4 7d ago A stored cross-site scripting (XSS) vulnerability exists in certain 1xxx series NVR devices due to insufficient sanitization of user-supplied input in specific functional modules. Attackers can injec…
CVE-2026-5768 high 8.8 8.8 7d ago The Frontier X2 device allows unauthenticated BLE read/write access to critical GATT characteristics without enforcing pairing authentication or authorization. This allows attackers within BLE range …
CVE-2026-5386 critical 9.1 9.1 7d ago The affected KMW CCTV Security Cameras are vulnerable to a critical unauthenticated password reset. This flaw allows an attacker to remotely reset the administrator password to a known value without …
CVE-2026-45661 critical 9.9 9.9 7d ago Dokploy is a free, self-hostable Platform as a Service (PaaS). In 0.26.5 and earlier, a critical path traversal vulnerability exists in Dokploy v0.26.5 that allows authenticated users to write arbitr…
CVE-2026-45633 critical 9.9 9.9 7d ago Dokploy is a free, self-hostable Platform as a Service (PaaS). In 0.26.6 and earlier, Dokploy contains a command injection vulnerability in the /docker-container-logs WebSocket endpoint. The tail and…
CVE-2026-45632 critical 9.9 9.9 7d ago Dokploy is a free, self-hostable Platform as a Service (PaaS). In 0.26.7 and earlier, the schedule router does not enforce organization/role checks. As a result, any authenticated user can create, up…
CVE-2026-45631 critical 10.0 10.0 7d ago Dokploy is a free, self-hostable Platform as a Service (PaaS). From 0.27.0 to before 0.29.3, a hardcoded BETTER_AUTH_SECRET fallback ("better-auth-secret-123456789") lets an unauthenticated attacker …
CVE-2026-45630 critical 9.0 9.0 7d ago Dokploy is a free, self-hostable Platform as a Service (PaaS). In 0.28.8 and earlier, authenticated OS command injection in the application.updateTraefikConfig tRPC endpoint allows admin/owner users …
CVE-2026-45629 critical 9.9 9.9 7d ago Dokploy is a free, self-hostable Platform as a Service (PaaS). In 0.28.8 and earlier, authenticated OS command injection in the /listen-deployment WebSocket endpoint allows any organization member to…
CVE-2026-45628 critical 9.6 9.6 7d ago Dokploy is a free, self-hostable Platform as a Service (PaaS). In 0.29.2 and earlier, Dokploy constructs shell commands using JavaScript template literals and executes them via child_process.exec() (…
CVE-2026-10108 high 7.5 7.5 7d ago xiaomusic v0.5.7 contains an unauthenticated path traversal vulnerability in the GET /music/{file_path:path} endpoint that allows unauthenticated attackers to read arbitrary files outside the intende…
CVE-2026-10107 high 7.7 7.7 7d ago MoviePilot v2 contains a server-side request forgery vulnerability in the image proxy endpoint that allows authenticated attackers to request arbitrary URLs by supplying a resource_token cookie and a…
CVE-2026-10105 high 8.3 8.3 7d ago agno 2.6.5 contains a SQL injection vulnerability in the ClickHouse vector database backend that allows attackers to inject arbitrary SQL expressions by supplying malicious metadata keys and values t…