Vulnerabilidades CVE
Base de dados CVE enriquecida com CISA KEV e NVD
| CVE ID | CVSS | Severidade | KEV | Avistamentos |
|---|---|---|---|---|
| CVE-2026-5564 A weakness has been identified in code-projects Simple Laundry System 1.0. Affected by this vulnerability is an unknown functionality of the file /searchguest.php of the component Parameter Handler. T... | 7.3 | HIGH | — | 0 |
| CVE-2026-5563 A security flaw has been discovered in AutohomeCorp frostmourne up to 1.0. Affected is the function httpTest of the file /api/monitor-api/alarm/previewData of the component Alarm Preview. The manipula... | 6.3 | MEDIUM | — | 0 |
| CVE-2026-5562 A vulnerability was identified in provectus kafka-ui up to 0.7.2. This impacts the function validateAccess of the file /api/smartfilters/testexecutions of the component Endpoint. The manipulation lead... | 7.3 | HIGH | — | 0 |
| CVE-2026-5561 A vulnerability was determined in Campcodes Complete POS Management and Inventory System up to 4.0.6. This affects an unknown function of the file app/Http/Controllers/SettingsController.php of the co... | 6.3 | MEDIUM | — | 0 |
| CVE-2026-5560 A vulnerability was found in PHPGurukul Online Shopping Portal Project 2.1. The impacted element is an unknown function of the file /payment-method.php of the component Parameter Handler. Performing a... | 6.3 | MEDIUM | — | 0 |
| CVE-2026-5559 A vulnerability has been found in AntaresMugisho PyBlade 0.1.8-alpha/0.1.9-alpha. The affected element is the function _is_safe_ast of the file sandbox.py of the component AST Validation. Such manipul... | 6.3 | MEDIUM | — | 0 |
| CVE-2026-5558 A flaw has been found in PHPGurukul PHPGurukul Online Shopping Portal Project up to 2.1. Impacted is an unknown function of the file /pending-orders.php of the component Parameter Handler. This manipu... | 6.3 | MEDIUM | — | 0 |
| CVE-2026-5557 A vulnerability was detected in badlogic pi-mono up to 0.58.4. This issue affects some unknown processing of the file packages/mom/src/slack.ts of the component pi-mom Slack Bot. The manipulation resu... | 6.3 | MEDIUM | — | 0 |
| CVE-2026-5556 A security vulnerability has been detected in badlogic pi-mono up to 0.58.4. This vulnerability affects the function discoverAndLoadExtensions of the file packages/coding-agent/src/core/extensions/loa... | 6.3 | MEDIUM | — | 0 |
| CVE-2026-5555 A weakness has been identified in code-projects Concert Ticket Reservation System 1.0. This affects an unknown part of the file /ConcertTicketReservationSystem-master/login.php of the component Parame... | 7.3 | HIGH | — | 0 |
| CVE-2026-5554 A security flaw has been discovered in code-projects Concert Ticket Reservation System 1.0. Affected by this issue is some unknown functionality of the file /ConcertTicketReservationSystem-master/proc... | 7.3 | HIGH | — | 0 |
| CVE-2026-5553 A vulnerability was identified in itsourcecode Online Cellphone System 1.0. Affected by this vulnerability is an unknown functionality of the file /cp/available.php of the component Parameter Handler.... | 6.3 | MEDIUM | — | 0 |
| CVE-2026-5552 A weakness has been identified in PHPGurukul Online Shopping Portal Project 2.1. This issue affects some unknown processing of the file /sub-category.php of the component Parameter Handler. This manip... | 6.3 | MEDIUM | — | 0 |
| CVE-2026-5551 A security flaw has been discovered in itsourcecode Free Hotel Reservation System 1.0. This vulnerability affects unknown code of the file /hotel/admin/login.php of the component Parameter Handler. Th... | 7.3 | HIGH | — | 0 |
| CVE-2026-5550 A vulnerability was identified in Tenda AC10 16.03.10.10_multi_TDE01. This affects the function fromSysToolChangePwd of the file /bin/httpd. The manipulation leads to stack-based buffer overflow. The ... | 8.8 | HIGH | — | 0 |
| CVE-2026-5549 A vulnerability was determined in Tenda AC10 16.03.10.10_multi_TDE01. Affected by this issue is some unknown functionality of the file /webroot_ro/pem/privkeySrv.pem of the component RSA 2048-bit Priv... | 5.3 | MEDIUM | — | 0 |
| CVE-2026-5548 A vulnerability was found in Tenda AC10 16.03.10.10_multi_TDE01. Affected by this vulnerability is the function fromSysToolChangePwd of the file /bin/httpd. Performing a manipulation of the argument s... | 8.8 | HIGH | — | 0 |
| CVE-2026-5547 A vulnerability has been found in Tenda AC10 16.03.10.10_multi_TDE01. Affected is the function formAddMacfilterRule of the file /bin/httpd. Such manipulation leads to os command injection. It is possi... | 6.3 | MEDIUM | — | 0 |
| CVE-2026-5546 A flaw has been found in Campcodes Complete Online Learning Management System 1.0. This impacts the function add_lesson of the file /application/models/Crud_model.php. This manipulation causes unrestr... | 6.3 | MEDIUM | — | 0 |
| CVE-2026-5544 A security flaw has been discovered in UTT HiPER 1250GW up to 3.2.7-210907-180535. The impacted element is an unknown function of the file /goform/formRemoteControl. The manipulation of the argument P... | 8.8 | HIGH | — | 0 |
| CVE-2026-5543 A vulnerability was identified in PHPGurukul User Registration & Login and User Management System 3.3. The affected element is an unknown function of the file /admin/yesterday-reg-users.php. The manip... | 6.3 | MEDIUM | — | 0 |
| CVE-2026-5542 A vulnerability was determined in code-projects Simple Laundry System 1.0. Impacted is an unknown function of the file /modstaffinfo.php of the component Parameter Handler. Executing a manipulation of... | 4.3 | MEDIUM | — | 0 |
| CVE-2026-5541 A vulnerability was found in code-projects Simple Laundry System 1.0. This issue affects some unknown processing of the file /modmemberinfo.php of the component Parameter Handler. Performing a manipul... | 4.3 | MEDIUM | — | 0 |
| CVE-2026-5540 A vulnerability has been found in code-projects Simple Laundry System 1.0. This vulnerability affects unknown code of the file /modifymember.php of the component Parameter Handler. Such manipulation o... | 7.3 | HIGH | — | 0 |
| CVE-2026-5590 A race condition during TCP connection teardown can cause tcp_recv() to operate on a connection that has already been released. If tcp_conn_search() returns NULL while processing a SYN packet, a NULL ... | 6.4 | MEDIUM | — | 0 |
| CVE-2026-5539 A flaw has been found in code-projects Simple Laundry System 1.0. This affects an unknown part of the file /modifymember.php of the component Parameter Handler. This manipulation of the argument first... | 4.3 | MEDIUM | — | 0 |
| CVE-2026-5538 A vulnerability was detected in QingdaoU OnlineJudge up to 1.6.1. Affected by this issue is the function service_url of the file JudgeServer.service_url of the component judge_server_heartbeat Endpoin... | 6.3 | MEDIUM | — | 0 |
| CVE-2026-5537 A security vulnerability has been detected in halex CourseSEL up to 1.1.0. Affected by this vulnerability is the function check_sel of the file Apps/Index/Controller/IndexController.class.php of the c... | 6.3 | MEDIUM | — | 0 |
| CVE-2026-5536 A weakness has been identified in FedML-AI FedML up to 0.8.9. Affected is the function sendMessage of the file grpc_server.py of the component gRPC server. Executing a manipulation can lead to deseria... | 7.3 | HIGH | — | 0 |
| CVE-2026-5535 A security flaw has been discovered in FedML-AI FedML up to 0.8.9. This impacts an unknown function of the file FileUtils.java of the component MQTT Message Handler. Performing a manipulation of the a... | 4.3 | MEDIUM | — | 0 |
| CVE-2026-5534 A vulnerability was identified in itsourcecode Online Enrollment System 1.0. This affects an unknown function of the file /sms/user/index.php?view=edit&id=10 of the component Parameter Handler. Such m... | 7.3 | HIGH | — | 0 |
| CVE-2026-5533 A vulnerability was determined in badlogic pi-mono 0.58.4. The impacted element is an unknown function of the file packages/web-ui/src/tools/artifacts/SvgArtifact.ts of the component SVG Artifact Hand... | 4.3 | MEDIUM | — | 0 |
| CVE-2026-5532 A vulnerability was found in ScrapeGraphAI scrapegraph-ai up to 1.74.0. The affected element is the function create_sandbox_and_execute of the file scrapegraphai/nodes/generate_code_node.py of the com... | 6.3 | MEDIUM | — | 0 |
| CVE-2026-5531 A vulnerability has been found in SourceCodester Student Result Management System 1.0. Impacted is an unknown function of the file /login_credentials.txt of the component HTTP GET Request Handler. The... | 5.3 | MEDIUM | — | 0 |
| CVE-2026-5530 A flaw has been found in Ollama up to 18.1. This issue affects some unknown processing of the file server/download.go of the component Model Pull API. Executing a manipulation can lead to server-side ... | 6.3 | MEDIUM | — | 0 |
| CVE-2026-5529 A vulnerability was detected in Dromara lamp-cloud up to 5.8.1. This vulnerability affects the function pageUser of the file /defUser/pageUser of the component DefUserController. Performing a manipula... | 4.3 | MEDIUM | — | 0 |
| CVE-2026-5528 A security vulnerability has been detected in MoussaabBadla code-screenshot-mcp up to 0.1.0. This affects an unknown part of the component HTTP Interface. Such manipulation leads to os command injecti... | 6.3 | MEDIUM | — | 0 |
| CVE-2026-5527 A weakness has been identified in Tenda 4G03 Pro 1.0/1.0re/01.bin/04.03.01.53. Affected by this issue is some unknown functionality of the file /etc/www/pem/server.key of the component ECDSA P-256 Pri... | 5.3 | MEDIUM | — | 0 |
| CVE-2026-5526 A security flaw has been discovered in Tenda 4G03 Pro up to 1.0/1.1/04.03.01.53/192.168.0.1. Affected by this vulnerability is an unknown functionality of the file /bin/httpd. The manipulation results... | 7.3 | HIGH | — | 0 |
| CVE-2018-25246 Wikipedia 12.0 contains a denial of service vulnerability that allows unauthenticated attackers to crash the application by submitting oversized input through the search functionality. Attackers can p... | 7.5 | HIGH | — | 0 |
| CVE-2016-20054 Nodcms contains a cross-site request forgery vulnerability that allows attackers to perform unauthorized administrative actions by crafting malicious forms. Attackers can trick authenticated administr... | 4.3 | MEDIUM | — | 0 |
| CVE-2018-25255 10-Strike LANState 8.8 contains a local buffer overflow vulnerability in structured exception handling that allows local attackers to execute arbitrary code by crafting malicious LSM map files. Attack... | 8.4 | HIGH | — | 0 |
| CVE-2018-25254 NICO-FTP 3.0.1.19 contains a structured exception handler buffer overflow vulnerability that allows remote attackers to execute arbitrary code by sending crafted FTP commands. Attackers can connect to... | 9.8 | CRITICAL | — | 0 |
| CVE-2018-25253 Termite 3.4 contains a buffer overflow vulnerability in the User interface language settings field that allows local attackers to cause a denial of service by supplying an excessively long string. Att... | 6.2 | MEDIUM | — | 0 |
| CVE-2018-25252 FTP Voyager 16.2.0 contains a denial of service vulnerability that allows local attackers to crash the application by injecting oversized buffer data into the site profile IP field. Attackers can crea... | 6.2 | MEDIUM | — | 0 |
| CVE-2018-25251 Snes9K 0.0.9z contains a buffer overflow vulnerability in the Netplay Socket Port Number field that allows local attackers to trigger a structured exception handler (SEH) overwrite. Attackers can craf... | 8.4 | HIGH | — | 0 |
| CVE-2018-25250 MyBB Last User's Threads in Profile Plugin 1.2 contains a persistent cross-site scripting vulnerability that allows attackers to inject malicious scripts by crafting thread subjects with script tags. ... | 7.2 | HIGH | — | 0 |
| CVE-2018-25249 MyBB My Arcade Plugin 1.3 contains a persistent cross-site scripting vulnerability that allows authenticated users to inject malicious scripts through arcade game score comments. Attackers can add cra... | 6.4 | MEDIUM | — | 0 |
| CVE-2018-25248 MyBB Downloads Plugin 2.0.3 contains a persistent cross-site scripting vulnerability that allows regular members to inject malicious scripts through the download title field. Attackers can submit a ne... | 7.2 | HIGH | — | 0 |
| CVE-2018-25247 MyBB Like Plugin 3.0.0 contains a cross-site scripting vulnerability that allows attackers to inject malicious scripts by creating posts or threads with unvalidated subject content. Attackers can craf... | 6.1 | MEDIUM | — | 0 |
This product uses data from the NVD API but is not endorsed or certified by the NVD.