VYPR

CVEs

100,472 total · page 124 of 2,010

  • CVE-2019-25699HigApr 12, 2026
    risk 0.46cvss 7.1epss 0.00

    Newsbull Haber Script 1.0.0 contains multiple SQL injection vulnerabilities in the search parameter that allow authenticated attackers to extract database information through time-based, blind, and boolean-based injection techniques. Attackers can inject malicious SQL code…

  • CVE-2019-25697HigApr 12, 2026
    risk 0.53cvss 8.2epss 0.00

    CMSsite 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the cat_id parameter. Attackers can send GET requests to category.php with malicious cat_id values to extract sensitive database…

  • CVE-2019-25695HigApr 12, 2026
    risk 0.55cvss 8.4epss 0.00

    R 3.4.4 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by injecting malicious input into the GUI Preferences language field. Attackers can craft a payload with a 292-byte offset and JMP ESP instruction to execute commands like…

  • CVE-2019-25693HigApr 12, 2026
    risk 0.46cvss 7.1epss 0.00

    ResourceSpace 8.6 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the keywords parameter in collection_edit.php. Attackers can submit POST requests with crafted SQL payloads in the…

  • CVE-2019-25691HigApr 12, 2026
    risk 0.55cvss 8.4epss 0.00

    Faleemi Desktop Software 1.8 contains a local buffer overflow vulnerability in the System Setup dialog that allows attackers to bypass DEP protections through structured exception handling exploitation. Attackers can inject a crafted payload into the Save Path for Snapshot and…

  • CVE-2019-25689HigApr 12, 2026
    risk 0.55cvss 8.4epss 0.00

    HTML5 Video Player 1.2.5 contains a local buffer overflow vulnerability that allows attackers to execute arbitrary code by supplying an oversized key code string. Attackers can craft a malicious payload exceeding 997 bytes and paste it into the KEY CODE field in the Help…

  • CVE-2018-25258HigApr 12, 2026
    risk 0.55cvss 8.4epss 0.00

    RGui 3.5.0 contains a local buffer overflow vulnerability in the GUI preferences dialog that allows attackers to bypass DEP protections through structured exception handling exploitation. Attackers can craft malicious input in the Language for menus and messages field to trigger…

  • CVE-2018-25257HigApr 12, 2026
    risk 0.46cvss 7.1epss 0.00

    Adianti Framework 5.5.0 and 5.6.0 contains an SQL injection vulnerability that allows authenticated users to manipulate database queries by injecting SQL code through the name field in SystemProfileForm. Attackers can submit crafted SQL statements in the profile edit endpoint to…

  • CVE-2026-6126HigApr 12, 2026
    risk 0.47cvss 7.3epss 0.00

    A weakness has been identified in zhayujie chatgpt-on-wechat CowAgent 2.0.4. The affected element is an unknown function of the component Administrative HTTP Endpoint. This manipulation causes missing authentication. It is possible to initiate the attack remotely. The exploit…

  • CVE-2026-6124HigApr 12, 2026
    risk 0.57cvss 8.8epss 0.01

    A vulnerability was determined in Tenda F451 1.0.0.7. This vulnerability affects the function fromSafeMacFilter of the file /goform/SafeMacFilter of the component httpd. Executing a manipulation of the argument page/menufacturer can lead to stack-based buffer overflow. The…

  • CVE-2026-6123HigApr 12, 2026
    risk 0.57cvss 8.8epss 0.01

    A vulnerability was found in Tenda F451 1.0.0.7. This affects the function fromAddressNat of the file /goform/addressNat of the component httpd. Performing a manipulation of the argument entrys results in stack-based buffer overflow. Remote exploitation of the attack is…

  • CVE-2026-6122HigApr 12, 2026
    risk 0.57cvss 8.8epss 0.01

    A vulnerability has been found in Tenda F451 1.0.0.7. Affected by this issue is the function frmL7ProtForm of the file /goform/L7Prot of the component httpd. Such manipulation of the argument page leads to stack-based buffer overflow. The attack may be launched remotely. The…

  • CVE-2026-6121HigApr 12, 2026
    risk 0.57cvss 8.8epss 0.01

    A flaw has been found in Tenda F451 1.0.0.7. Affected by this vulnerability is the function WrlclientSet of the file /goform/WrlclientSet of the component httpd. This manipulation of the argument GO causes stack-based buffer overflow. The attack may be initiated remotely. The…

  • CVE-2026-6120HigApr 12, 2026
    risk 0.57cvss 8.8epss 0.01

    A vulnerability was detected in Tenda F451 1.0.0.7. Affected is the function fromDhcpListClient of the file /goform/DhcpListClient of the component httpd. The manipulation of the argument page results in stack-based buffer overflow. The attack can be launched remotely. The…

  • CVE-2026-31413HigApr 12, 2026
    risk 0.44cvss 7.8epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: bpf: Fix unsound scalar forking in maybe_fork_scalars() for BPF_OR maybe_fork_scalars() is called for both BPF_AND and BPF_OR when the source operand is a constant. When dst has signed range [-1, 0], it forks…

  • CVE-2026-6110HigApr 12, 2026
    risk 0.40cvss 7.3epss 0.00

    A vulnerability was identified in FoundationAgents MetaGPT up to 0.8.1. This affects the function generate_thoughts of the file metagpt/strategy/tot.py of the component Tree-of-Thought Solver. The manipulation leads to code injection. It is possible to initiate the attack…

  • CVE-2026-6105HigApr 11, 2026
    risk 0.47cvss 7.3epss 0.00

    A security vulnerability has been detected in perfree go-fastdfs-web up to 1.3.7. This affects an unknown part of the file src/main/java/com/perfree/controller/InstallController.java of the component doInstall Interface. The manipulation leads to improper authorization. The…

  • CVE-2026-32146HigApr 11, 2026
    risk 0.44cvss 7.8epss 0.00

    Improper path validation vulnerability in the Gleam compiler's handling of git dependencies allows arbitrary file system modification during dependency download. Dependency names from gleam.toml and manifest.toml are incorporated into filesystem paths without sufficient…

  • CVE-2026-5809HigApr 11, 2026
    risk 0.39cvss 7.1epss 0.01

    The wpForo Forum plugin for WordPress is vulnerable to Arbitrary File Deletion in versions up to and including 3.0.2. This is due to a two-step logic flaw: the topic_add() and topic_edit() action handlers accept arbitrary user-supplied data[*] arrays from $_REQUEST and store…

  • CVE-2026-34621HigKEVApr 11, 2026
    risk 0.69cvss 8.6epss 0.07

    Acrobat Reader versions 24.001.30356, 26.001.21367 and earlier are affected by an Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') vulnerability that could result in arbitrary code execution in the context of the current user.…

  • CVE-2026-5217HigApr 11, 2026
    risk 0.47cvss 7.2epss 0.00

    The Optimole – Optimize Images | Convert WebP & AVIF | CDN & Lazy Load | Image Optimization plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 4.2.2. This is due to insufficient input sanitization and output escaping on the…

  • CVE-2026-5144HigApr 11, 2026
    risk 0.50cvss 8.8epss 0.00

    The BuddyPress Groupblog plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 1.9.3. This is due to the group blog settings handler accepting the `groupblog-blogid`, `default-member`, and `groupblog-silent-add` parameters from user…

  • CVE-2026-5496HigApr 11, 2026
    risk 0.51cvss 7.8epss 0.00

    Labcenter Electronics Proteus PDSPRJ File Parsing Type Confusion Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Labcenter Electronics Proteus. User interaction is required to exploit this…

  • CVE-2026-5495HigApr 11, 2026
    risk 0.51cvss 7.8epss 0.00

    Labcenter Electronics Proteus PDSPRJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Labcenter Electronics Proteus. User interaction is required to exploit…

  • CVE-2026-5494HigApr 11, 2026
    risk 0.51cvss 7.8epss 0.00

    Labcenter Electronics Proteus PDSPRJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Labcenter Electronics Proteus. User interaction is required to exploit…

  • CVE-2026-5493HigApr 11, 2026
    risk 0.51cvss 7.8epss 0.00

    Labcenter Electronics Proteus PDSPRJ File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Labcenter Electronics Proteus. User interaction is required to exploit…

  • CVE-2026-5055HigApr 11, 2026
    risk 0.51cvss 7.8epss 0.00

    NoMachine Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of NoMachine. An attacker must first obtain the ability to execute low-privileged code on the target…

  • CVE-2026-5054HigApr 11, 2026
    risk 0.51cvss 7.8epss 0.00

    NoMachine External Control of File Path Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of NoMachine. An attacker must first obtain the ability to execute low-privileged code on the target…

  • CVE-2026-5053HigApr 11, 2026
    risk 0.46cvss 7.1epss 0.00

    NoMachine External Control of File Path Arbitrary File Deletion Vulnerability. This vulnerability allows local attackers to delete arbitrary files on affected installations of NoMachine. An attacker must first obtain the ability to execute low-privileged code on the target…

  • CVE-2026-4158HigApr 11, 2026
    risk 0.47cvss 7.3epss 0.00

    KeePassXC OpenSSL Configuration Uncontrolled Search Path Element Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of KeePassXC. An attacker must first obtain the ability to execute low-privileged…

  • CVE-2026-4157HigApr 11, 2026
    risk 0.49cvss 7.5epss 0.01

    ChargePoint Home Flex revssh Service Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of ChargePoint Home Flex devices. Authentication is not required to exploit this…

  • CVE-2026-4156HigApr 11, 2026
    risk 0.49cvss 7.5epss 0.00

    ChargePoint Home Flex OCPP getpreq Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of ChargePoint Home Flex EV chargers. Authentication is not required to…

  • CVE-2026-4155HigApr 11, 2026
    risk 0.49cvss 7.5epss 0.01

    ChargePoint Home Flex Inclusion of Sensitive Information in Source Code Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of ChargePoint Home Flex charging stations. Authentication is not…

  • CVE-2026-4154HigApr 11, 2026
    risk 0.51cvss 7.8epss 0.01

    GIMP XPM File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a…

  • CVE-2026-4153HigApr 11, 2026
    risk 0.51cvss 7.8epss 0.01

    GIMP PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit…

  • CVE-2026-4152HigApr 11, 2026
    risk 0.51cvss 7.8epss 0.01

    GIMP JP2 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit…

  • CVE-2026-4151HigApr 11, 2026
    risk 0.51cvss 7.8epss 0.01

    GIMP ANI File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a…

  • CVE-2026-4150HigApr 11, 2026
    risk 0.51cvss 7.8epss 0.01

    GIMP PSD File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is required to exploit this vulnerability in that the target must visit a…

  • CVE-2026-3690HigApr 11, 2026
    risk 0.41cvss 7.4epss 0.01

    OpenClaw Canvas Authentication Bypass Vulnerability. This vulnerability allows remote attackers to bypass authentication on affected installations of OpenClaw. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of…

  • CVE-2026-40198HigApr 10, 2026
    risk 0.42cvss 7.5epss 0.00

    Net::CIDR::Lite versions before 0.23 for Perl does not validate IPv6 group count, which may allow IP ACL bypass. _pack_ipv6() does not check that uncompressed IPv6 addresses (without ::) have exactly 8 hex groups. Inputs like "abcd", "1:2:3", or "1:2:3:4:5:6:7" are accepted and…

  • CVE-2026-40252HigApr 10, 2026
    risk 0.46cvss 8.1epss 0.00

    FastGPT is an AI Agent building platform. Prior to 4.14.10.4, Broken Access Control vulnerability (IDOR/BOLA) allows any authenticated team to access and execute applications belonging to other teams by supplying a foreign appId. While the API correctly validates the team token,…

  • CVE-2026-40242HigApr 10, 2026
    risk 0.40cvss 7.2epss 0.01

    Arcane is an interface for managing Docker containers, images, networks, and volumes. Prior to 1.17.3, the /api/templates/fetch endpoint accepts a caller-supplied url parameter and performs a server-side HTTP GET request to that URL without authentication and without URL scheme…

  • CVE-2026-40188HigApr 10, 2026
    risk 0.43cvss 7.7epss 0.00

    goshs is a SimpleHTTPServer written in Go. From 1.0.7 to before 2.0.0-beta.4, the SFTP command rename sanitizes only the source path and not the destination, so it is possible to write outside of the root directory of the SFTP. This vulnerability is fixed in 2.0.0-beta.4.

  • CVE-2026-40185HigApr 10, 2026
    risk 0.39cvss 7.1epss 0.00

    TREK is a collaborative travel planner. Prior to 2.7.2, TREK was missing authorization checks on the Immich trip photo management routes. This vulnerability is fixed in 2.7.2.

  • CVE-2026-40180HigApr 10, 2026
    risk 0.42cvss 7.5epss 0.00

    Quarkus OpenAPI Generator is Quarkus' extensions for generation of Rest Clients and server stubs generation. Prior to 2.16.0 and 2.15.0-lts, the unzip() method in ApicurioCodegenWrapper.java extracts ZIP entries without validating that the resolved file path stays within the…

  • CVE-2026-40177HigApr 10, 2026
    risk 0.49cvss 7.5epss 0.00

    ajenti.plugin.core defines all necessary core elements to allow Ajenti to run properly. Prior to 0.112, if the 2FA was activated, it was possible to bypass the password authentication This vulnerability is fixed in 0.112.

  • CVE-2026-40168HigApr 10, 2026
    risk 0.46cvss 8.2epss 0.00

    Postiz is an AI social media scheduling tool. Prior to 2.21.5, the /api/public/stream endpoint is vulnerable to SSRF. Although the application validates the initially supplied URL and blocks direct private/internal hosts, it does not re-validate the final destination after HTTP…

  • CVE-2026-32252HigApr 10, 2026
    risk 0.43cvss 7.7epss 0.00

    Chartbrew is an open-source web application that can connect directly to databases and APIs and use the data to create charts. Prior to 4.9.0, a cross-tenant authorization bypass exists in Chartbrew in GET /team/:team_id/template/generate/:project_id. The GET handler calls…

  • CVE-2026-33710HigApr 10, 2026
    risk 0.42cvss 7.5epss 0.00

    Chamilo LMS is a learning management system. Prior to 1.11.38 and 2.0.0-RC.3, REST API keys are generated using md5(time() + (user_id * 5) - rand(10000, 10000)). The rand(10000, 10000) call always returns exactly 10000 (min == max), making the formula effectively md5(timestamp +…

  • CVE-2026-33706HigApr 10, 2026
    risk 0.39cvss 7.1epss 0.00

    Chamilo LMS is a learning management system. Prior to 1.11.38, any authenticated user with a REST API key can modify their own status field via the update_user_from_username endpoint. A student (status=5) can change their status to Teacher/CourseManager (status=1), gaining…