CVE Schwachstellen
CVE-Datenbank angereichert mit CISA KEV und NVD Daten
| CVE ID | CVSS | Schweregrad | KEV | Sichtungen |
|---|---|---|---|---|
| CVE-2026-5562 A vulnerability was identified in provectus kafka-ui up to 0.7.2. This impacts the function validateAccess of the file /api/smartfilters/testexecutions of the component Endpoint. The manipulation lead... | 7.3 | HIGH | — | 0 |
| CVE-2026-5567 A flaw has been found in Tenda M3 1.0.0.10. This vulnerability affects the function setAdvPolicyData of the file /goform/setAdvPolicyData of the component Destination Handler. Executing a manipulation... | 8.8 | HIGH | — | 0 |
| CVE-2026-5599 A user with API access and "manage users" permission in any venueless world is able to trigger deletion of user accounts in other worlds. | N/A | NONE | — | 0 |
| CVE-2026-5569 A vulnerability was found in Technostrobe HI-LED-WR120-G2 5.5.0.1R6.03.30. Impacted is an unknown function of the file /Technostrobe/ of the component Endpoint. The manipulation results in improper ac... | 7.3 | HIGH | — | 0 |
| CVE-2026-5570 A vulnerability was determined in Technostrobe HI-LED-WR120-G2 5.5.0.1R6.03.30. The affected element is the function index_config of the file /LoginCB. This manipulation causes improper authentication... | 7.3 | HIGH | — | 0 |
| CVE-2026-5571 A vulnerability was identified in Technostrobe HI-LED-WR120-G2 5.5.0.1R6.03.30. The impacted element is an unknown function of the file /fs of the component Configuration Data Handler. Such manipulati... | 5.3 | MEDIUM | — | 0 |
| CVE-2026-5572 A security flaw has been discovered in Technostrobe HI-LED-WR120-G2 5.5.0.1R6.03.30. This affects an unknown function. Performing a manipulation results in cross-site request forgery. The attack can b... | 4.3 | MEDIUM | — | 0 |
| CVE-2026-5573 A weakness has been identified in Technostrobe HI-LED-WR120-G2 5.5.0.1R6.03.30. This impacts an unknown function of the file /fs. Executing a manipulation of the argument cwd can lead to unrestricted ... | 7.3 | HIGH | — | 0 |
| CVE-2026-5574 A security vulnerability has been detected in Technostrobe HI-LED-WR120-G2 5.5.0.1R6.03.30. Affected is the function deletefile of the component FsBrowseClean. The manipulation of the argument dir/pat... | 6.5 | MEDIUM | — | 0 |
| CVE-2026-5577 A vulnerability has been found in Song-Li cross_browser up to ca690f0fe6954fd9bcda36d071b68ed8682a786a. This affects an unknown part of the file flask/uniquemachine_app.py of the component details End... | 7.3 | HIGH | — | 0 |
| CVE-2026-5578 A vulnerability was found in CodeAstro Online Classroom 1.0. This vulnerability affects unknown code of the file /OnlineClassroom/addassessment.php of the component Parameter Handler. Performing a man... | 6.3 | MEDIUM | — | 0 |
| CVE-2026-5584 A vulnerability has been found in Fosowl agenticSeek 0.1.0. Impacted is the function PyInterpreter.execute of the file sources/tools/PyInterpreter.py of the component query Endpoint. Such manipulation... | 7.3 | HIGH | — | 0 |
| CVE-2026-5585 A vulnerability was found in Tencent AI-Infra-Guard 4.0. The affected element is an unknown function of the file common/websocket/task_manager.go of the component Task Detail Endpoint. Performing a ma... | 5.3 | MEDIUM | — | 0 |
| CVE-2026-5586 A vulnerability was determined in zhongyu09 openchatbi up to 0.2.1. The impacted element is an unknown function of the component Multi-stage Text2SQL Workflow. Executing a manipulation of the argument... | 6.3 | MEDIUM | — | 0 |
| CVE-2018-25256 IP TOOLS 2.50 contains a local buffer overflow vulnerability in the SNMP Scanner component that allows local attackers to crash the application by supplying oversized input. Attackers can paste malici... | 5.5 | MEDIUM | — | 0 |
| CVE-2019-25657 AnyBurn 4.3 x86 contains a denial of service vulnerability that allows local attackers to crash the application by supplying an excessively long string to the image conversion function. Attackers can ... | 5.5 | MEDIUM | — | 0 |
| CVE-2019-25659 ASPRunner Professional 6.0.766 contains a local buffer overflow vulnerability that allows attackers to cause a denial of service by supplying an excessively long project name. Attackers can paste 180 ... | 6.2 | MEDIUM | — | 0 |
| CVE-2019-25660 LanHelper 1.74 contains a local buffer overflow vulnerability that allows attackers to crash the application by sending excessively long input strings. Attackers can exploit the Form Send Message feat... | 6.2 | MEDIUM | — | 0 |
| CVE-2019-25663 SuiteCRM 7.10.7 contains a SQL injection vulnerability that allows authenticated attackers to manipulate database queries by injecting SQL code through the parentTab parameter. Attackers can send GET ... | 7.1 | HIGH | — | 0 |
| CVE-2019-25665 River Past Ringtone Converter 2.7.6.1601 contains a local buffer overflow vulnerability that allows attackers to crash the application by supplying oversized input to activation fields. Attackers can ... | 6.2 | MEDIUM | — | 0 |
| CVE-2019-25667 TaskInfo 8.2.0.280 contains a local buffer overflow vulnerability that allows attackers to crash the application by supplying oversized input to registration fields. Attackers can paste excessively lo... | 6.2 | MEDIUM | — | 0 |
| CVE-2019-25668 News Website Script 2.0.5 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the news ID parameter. Attackers ca... | 8.2 | HIGH | — | 0 |
| CVE-2019-25670 River Past Video Cleaner 7.6.3 contains a structured exception handler buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying a malicious string in the Lame_e... | 8.4 | HIGH | — | 0 |
| CVE-2019-25671 VA MAX 8.3.4 contains a remote code execution vulnerability that allows authenticated attackers to execute arbitrary commands by injecting shell metacharacters into the mtu_eth0 parameter. Attackers c... | 8.8 | HIGH | — | 0 |
| CVE-2019-25673 UniSharp Laravel File Manager v2.0.0-alpha7 and v2.0 contain an arbitrary file upload vulnerability that allows authenticated attackers to upload malicious files by sending multipart form data to the ... | 8.8 | HIGH | — | 0 |
| CVE-2019-25675 eDirectory contains multiple SQL injection vulnerabilities that allow unauthenticated attackers to bypass administrator authentication and disclose sensitive files by injecting SQL code into parameter... | 8.2 | HIGH | — | 0 |
| CVE-2019-25676 Ask Expert Script 3.0.5 contains cross-site scripting and SQL injection vulnerabilities that allow unauthenticated attackers to inject malicious code by manipulating URL parameters. Attackers can inje... | 8.2 | HIGH | — | 0 |
| CVE-2019-25680 Advance Gift Shop Pro Script 2.0.3 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the search paramet... | 8.2 | HIGH | — | 0 |
| CVE-2019-25684 OpenDocMan 1.3.4 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the 'where' parameter. Attackers can send GE... | 8.2 | HIGH | — | 0 |
| CVE-2019-25686 Core FTP 2.0 build 653 contains a denial of service vulnerability in the PBSZ command that allows unauthenticated attackers to crash the service by sending a malformed command with an oversized buffer... | 7.5 | HIGH | — | 0 |
| CVE-2019-25687 Pegasus CMS 1.0 contains a remote code execution vulnerability in the extra_fields.php plugin that allows unauthenticated attackers to execute arbitrary commands by exploiting unsafe eval functionalit... | 9.8 | CRITICAL | — | 0 |
| CVE-2019-25685 Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority. | N/A | NONE | — | 0 |
| CVE-2026-5596 A vulnerability was detected in griptape-ai griptape 0.19.4. Affected by this issue is some unknown functionality of the file griptape/tools/sql/tool.py of the component SqlTool. Performing a manipula... | 6.3 | MEDIUM | — | 0 |
| CVE-2026-35679 Zcash zcashd before 6.12.0 allows invalid transactions to be accepted under certain conditions, which potentially could have resulted in the draining of user funds from the Sprout pool. It was sometim... | 3.5 | LOW | — | 0 |
| CVE-2026-5597 A flaw has been found in griptape-ai griptape 0.19.4. This affects an unknown part of the file griptape\tools\computer\tool.py of the component ComputerTool. Executing a manipulation of the argument f... | 6.3 | MEDIUM | — | 0 |
| CVE-2026-5601 A vulnerability was found in Acrel Electrical Prepaid Cloud Platform 1.0. This issue affects some unknown processing of the file /bin.rar of the component Backup File Handler. The manipulation results... | 5.3 | MEDIUM | — | 0 |
| CVE-2026-5604 A security flaw has been discovered in Tenda CH22 1.0.0.1. The impacted element is the function formCertLocalPrecreate of the file /goform/CertLocalPrecreate of the component Parameter Handler. Perfor... | 8.8 | HIGH | — | 0 |
| CVE-2026-5605 A weakness has been identified in Tenda CH22 1.0.0.1. This affects the function formWrlExtraSet of the file /goform/WrlExtraSet. Executing a manipulation of the argument GO can lead to stack-based buf... | 8.8 | HIGH | — | 0 |
| CVE-2026-5608 A vulnerability was detected in Belkin F9K1122 1.00.33. Affected is the function formWlanSetup of the file /goform/formWlanSetup. The manipulation of the argument webpage results in stack-based buffer... | 8.8 | HIGH | — | 0 |
| CVE-2026-5609 A flaw has been found in Tenda i12 1.0.0.11(3862). Affected by this vulnerability is the function formwrlSSIDset of the file /goform/wifiSSIDset of the component Parameter Handler. This manipulation o... | 8.8 | HIGH | — | 0 |
| CVE-2026-5610 A vulnerability has been found in Belkin F9K1015 1.00.10. Affected by this issue is the function formWISP5G of the file /goform/formWISP5G. Such manipulation of the argument webpage leads to stack-bas... | 8.8 | HIGH | — | 0 |
| CVE-2026-5611 A vulnerability was found in Belkin F9K1015 1.00.10. This affects the function formCrossBandSwitch of the file /goform/formCrossBandSwitch. Performing a manipulation of the argument webpage results in... | 8.8 | HIGH | — | 0 |
| CVE-2026-5612 A vulnerability was determined in Belkin F9K1015 1.00.10. This vulnerability affects the function formWlEncrypt of the file /goform/formWlEncrypt. Executing a manipulation of the argument webpage can ... | 8.8 | HIGH | — | 0 |
| CVE-2026-5613 A vulnerability was identified in Belkin F9K1015 1.00.10. This issue affects the function formReboot of the file /goform/formReboot. The manipulation of the argument webpage leads to stack-based buffe... | 8.8 | HIGH | — | 0 |
| CVE-2026-5614 A security flaw has been discovered in Belkin F9K1015 1.00.10. Impacted is the function formSetPassword of the file /goform/formSetPassword. The manipulation of the argument webpage results in stack-b... | 8.8 | HIGH | — | 0 |
| CVE-2026-5628 A security vulnerability has been detected in Belkin F9K1015 1.00.10. Impacted is the function formSetSystemSettings of the file /goform/formSetSystemSettings of the component Setting Handler. The man... | 8.8 | HIGH | — | 0 |
| CVE-2026-5629 A vulnerability was detected in Belkin F9K1015 1.00.10. The affected element is the function formSetFirewall of the file /goform/formSetFirewall. The manipulation of the argument webpage results in st... | 8.8 | HIGH | — | 0 |
| CVE-2026-31406 In the Linux kernel, the following vulnerability has been resolved: xfrm: Fix work re-schedule after cancel in xfrm_nat_keepalive_net_fini() After cancel_delayed_work_sync() is called from xfrm_nat_... | 7.8 | HIGH | — | 0 |
| CVE-2026-31407 In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: add missing netlink policy validations Hyunwoo Kim reports out-of-bounds access in sctp and ctnetlink. Thes... | 7.1 | HIGH | — | 0 |
| CVE-2026-31410 In the Linux kernel, the following vulnerability has been resolved: ksmbd: use volume UUID in FS_OBJECT_ID_INFORMATION Use sb->s_uuid for a proper volume identifier as the primary choice. For filesy... | N/A | NONE | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.