CVE Schwachstellen
CVE-Datenbank angereichert mit CISA KEV und NVD Daten
| CVE ID | CVSS | Schweregrad | KEV | Sichtungen |
|---|---|---|---|---|
| CVE-2026-20427 In display, there is a possible escalation of privilege due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. ... | 6.7 | MEDIUM | — | 0 |
| CVE-2026-20430 In wlan AP FW, there is a possible out of bounds write due to an incorrect bounds check. This could lead to remote (proximal/adjacent) escalation of privilege with no additional execution privileges n... | 8.8 | HIGH | — | 0 |
| CVE-2026-20434 In Modem, there is a possible out of bounds write due to a missing bounds check. This could lead to remote escalation of privilege, if a UE has connected to a rogue base station controlled by the atta... | 7.5 | HIGH | — | 0 |
| CVE-2026-20435 In preloader, there is a possible read of device unique identifiers due to a logic error. This could lead to local information disclosure, if an attacker has physical access to the device, with no add... | 4.6 | MEDIUM | — | 0 |
| CVE-2026-20436 In wlan STA driver, there is a possible escalation of privilege due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System pri... | 6.7 | MEDIUM | — | 0 |
| CVE-2026-20437 In MAE, there is a possible system crash due to use after free. This could lead to local denial of service if a malicious actor has already obtained the System privilege. User interaction is not neede... | 4.4 | MEDIUM | — | 0 |
| CVE-2026-20438 In MAE, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interacti... | 6.4 | MEDIUM | — | 0 |
| CVE-2026-20439 In imgsys, there is a possible system crash due to use after free. This could lead to local denial of service if a malicious actor has already obtained the System privilege. User interaction is not ne... | 4.4 | MEDIUM | — | 0 |
| CVE-2026-20440 In MAE, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User int... | 6.7 | MEDIUM | — | 0 |
| CVE-2026-20441 In MAE, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User int... | 6.7 | MEDIUM | — | 0 |
| CVE-2026-20442 In display, there is a possible system crash due to use after free. This could lead to local denial of service if a malicious actor has already obtained the System privilege. User interaction is not n... | 4.4 | MEDIUM | — | 0 |
| CVE-2026-20443 In display, there is a possible memory corruption due to use after free. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User interacti... | 6.7 | MEDIUM | — | 0 |
| CVE-2026-20444 In display, there is a possible memory corruption due to a missing bounds check. This could lead to local escalation of privilege if a malicious actor has already obtained the System privilege. User i... | 6.7 | MEDIUM | — | 0 |
| CVE-2026-20445 In MDDP, there is a possible system crash due to a race condition. This could lead to local denial of service if a malicious actor has already obtained the System privilege. User interaction is not ne... | 4.4 | MEDIUM | — | 0 |
| CVE-2026-2584 A critical SQL Injection (SQLi) vulnerability has been identified in the authentication module of the system. An unauthenticated, remote attacker (AV:N/PR:N) can exploit this flaw by sending specially... | N/A | NONE | — | 0 |
| CVE-2025-30042 The CGM CLININET system provides smart card authentication; however, authentication is conducted locally on the client device, and, in reality, only the certificate number is used for access verificat... | 7.8 | HIGH | — | 0 |
| CVE-2025-58405 The CGM CLININET application does not implement any mechanisms that prevent clickjacking attacks, neither HTTP security headers nor HTML-based frame‑busting protections were detected. As a result, an ... | 6.1 | MEDIUM | — | 0 |
| CVE-2025-58406 The CGM CLININET application respond without essential security HTTP headers, exposing users to client‑side attacks such as clickjacking, MIME sniffing, unsafe caching, weak cross‑origin isolation, an... | 4.3 | MEDIUM | — | 0 |
| CVE-2025-14532 DobryCMS's upload file functionality allows an unauthenticated remote attacker to upload files of any type and extension without restriction, which can result in Remote Code Execution. This issue was... | 9.8 | CRITICAL | — | 0 |
| CVE-2026-3431 On SimStudio version below to 0.5.74, the MongoDB tool endpoints accept arbitrary connection parameters from the caller without authentication or host restrictions. An attacker can leverage these endp... | 9.8 | CRITICAL | — | 0 |
| CVE-2026-3432 On SimStudio version below to 0.5.74, the `/api/auth/oauth/token` endpoint contains a code path that bypasses all authorization checks when provided with `credentialAccountUserId` and `providerId` par... | 9.1 | CRITICAL | — | 0 |
| CVE-2026-1628 Mattermost Desktop App versions <=5.13.3 fail to attach listeners restricting navigation to external sites within the Mattermost app which allows a malicious server to expose preload script functional... | 4.6 | MEDIUM | — | 0 |
| CVE-2026-26697 code-projects Simple Student Alumni System v1.0 is vulnerable to SQL Injection in /TracerStudy/recordteacher_view.php?teacherID=. | 4.9 | MEDIUM | — | 0 |
| CVE-2026-26698 code-projects Simple Student Alumni System v1.0 is vulnerable to SQL Injection in /TracerStudy/modal_edit.php. | 4.9 | MEDIUM | — | 0 |
| CVE-2024-47886 Chamilo is a learning management system. Chamillo is affected by a post-authentication phar unserialize which leads to a remote code execution (RCE) within versions 1.11.12 to 1.11.26. By abusing mult... | 7.2 | HIGH | — | 0 |
| CVE-2024-50337 Chamilo is a learning management system. Prior to version 1.11.28, the OpenId function allows anyone to send requests to any URL on server's behalf, which results in unauthenticated blind SSRF. This i... | 5.3 | MEDIUM | — | 0 |
| CVE-2025-50186 Chamilo is a learning management system. Prior to version 1.11.30, a stored cross-site scripting (XSS) vulnerability exists due to insufficient sanitization of CSV filenames. An attacker can upload a ... | 4.8 | MEDIUM | — | 0 |
| CVE-2025-50187 Chamilo is a learning management system. Prior to version 1.11.28, parameter from SOAP request is evaluated without filtering which leads to Remote Code Execution. This issue has been patched in versi... | 9.8 | CRITICAL | — | 0 |
| CVE-2025-50188 Chamilo is a learning management system. Prior to version 1.11.30, the application performs insufficient validation of data coming from the user from the GET value parameter with the following scripts... | 7.2 | HIGH | — | 0 |
| CVE-2025-50189 Chamilo is a learning management system. Prior to version 1.11.30, the application performs insufficient validation of data coming from the user from the POST resource[document][SQL_INJECTION_HERE] an... | 8.8 | HIGH | — | 0 |
| CVE-2025-57622 An issue in Step-Video-T2V allows a remote attacker to execute arbitrary code via the /vae-api , /caption-api , feature = pickle.loads(request.get_data()) component | 9.8 | CRITICAL | — | 0 |
| CVE-2025-50190 Chamilo is a learning management system. Prior to version 1.11.30, there is an error-based SQL Injection via the GET openid.assoc_handle parameter with the /index.php script. This issue has been patch... | 9.8 | CRITICAL | — | 0 |
| CVE-2025-50191 Chamilo is a learning management system. Prior to version 1.11.30, there is an error-based SQL Injection via POST userFile with the /main/exercise/hotpotatoes.php script. This issue has been patched i... | 7.2 | HIGH | — | 0 |
| CVE-2025-50192 Chamilo is a learning management system. Prior to version 1.11.30, there is a time-based SQL Injection in found in /main/webservices/registration.soap.php. This issue has been patched in version 1.11.... | 9.8 | CRITICAL | — | 0 |
| CVE-2025-52482 Chamilo is a learning management system. Prior to version 1.11.30, a Stored XSS vulnerability exists in the glossary function, enabling all users with the Teachers role to inject JavaScript malicious ... | 8.3 | HIGH | — | 0 |
| CVE-2025-58107 In Microsoft Exchange through 2019, Exchange ActiveSync (EAS) configurations on on-premises servers may transmit sensitive data from Samsung mobile devices in cleartext, including the user's name, e-m... | 7.5 | HIGH | — | 0 |
| CVE-2026-23600 A remote authentication bypass vulnerability exists in HPE AutoPass License Server (APLS). | N/A | NONE | — | 0 |
| CVE-2026-26884 Sourcecodester Online Men's Salon Management System v1.0 is vulnerable to SQL Injection in /msms/admin/appointments/view_appointment.php. | 2.7 | LOW | — | 0 |
| CVE-2026-24107 An issue was discovered in Tenda W20E V4.0br_V15.11.0.6. Failure to validate the value of `usbPartitionName`, which is directly used in `doSystemCmd`, may lead to critical command injection vulnerabil... | 9.8 | CRITICAL | — | 0 |
| CVE-2026-24108 An issue was discovered in Tenda W20E V4.0br_V15.11.0.6. Attackers may exploit the vulnerability by controlling the value of `nptr`. When this value is passed into the `getMibPrefix` function and conc... | 9.8 | CRITICAL | — | 0 |
| CVE-2026-24109 An issue was discovered in Tenda W20E V4.0br_V15.11.0.6. Attackers may exploit the vulnerability by controlling the value of `picName`. When this value is used in `sprintf` without validating variable... | 9.8 | CRITICAL | — | 0 |
| CVE-2026-24111 An issue was discovered in Tenda W20E V4.0br_V15.11.0.6. Attackers may exploit the vulnerability by specifying the value of `userInfo`. When `userInfo` is passed into the `addAuthUser` function and pr... | 9.8 | CRITICAL | — | 0 |
| CVE-2026-24113 An issue was discovered in Tenda W20E V4.0br_V15.11.0.6. Attackers may exploit the vulnerability by controlling the value of `nptr`. When this value is passed into the `getMibPrefix` function and conc... | 9.8 | CRITICAL | — | 0 |
| CVE-2026-24114 An issue was discovered in Tenda W20E V4.0br_V15.11.0.6. Failure to validate `pPortMapIndex` may lead to buffer overflows when using `strcpy`. | 9.8 | CRITICAL | — | 0 |
| CVE-2026-24115 An issue was discovered in Tenda W20E V4.0br_V15.11.0.6. Failure to validate the sizes of `gstup` and `gstdwn` before concatenating them into `gstruleQos` may lead to buffer overflow. | 9.8 | CRITICAL | — | 0 |
| CVE-2025-50193 Chamilo is a learning management system. Prior to version 1.11.30, there is an OS command Injection vulnerability in /plugin/vchamilo/views/import.php with the POST to_main_database parameter. This is... | 7.2 | HIGH | — | 0 |
| CVE-2025-50194 Chamilo is a learning management system. Prior to version 1.11.30, there is an OS Command Injection vulnerability in /main/cron/lang/check_parse_lang.php. This issue has been patched in version 1.11.3... | 7.2 | HIGH | — | 0 |
| CVE-2025-50195 Chamilo is a learning management system. Prior to version 1.11.30, there is an OS Command Injection vulnerability in /plugin/vchamilo/views/manage.controller.php. This issue has been patched in versio... | 7.2 | HIGH | — | 0 |
| CVE-2025-50196 Chamilo is a learning management system. Prior to version 1.11.30, there is an OS Command Injection vulnerability in /plugin/vchamilo/views/editinstance.php via the POST main_database parameter. This ... | 7.2 | HIGH | — | 0 |
| CVE-2025-50197 Chamilo is a learning management system. Prior to version 1.11.30, there is an OS Command Injection vulnerability in /main/admin/sub_language_ajax.inc.php via the POST new_language parameter. This iss... | 7.2 | HIGH | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.