|
231
|
9.8 |
CRITICAL
Network
|
-
|
-
|
SD-330AC and AMC Manager provided by silex technology, Inc. contain a heap-based buffer overflow vulnerability in processing the redirect URLs. Arbitrary code may be executed on the device.
|
CWE-122
Heap-based Buffer Overflow
|
CVE-2026-32956
|
2026-04-20 13:16 |
2026-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
232
|
8.8 |
HIGH
Network
|
-
|
-
|
SD-330AC and AMC Manager provided by silex technology, Inc. contain a stack-based buffer overflow vulnerability in processing the redirect URLs. Arbitrary code may be executed on the device.
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2026-32955
|
2026-04-20 13:16 |
2026-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
233
|
2.7 |
LOW
Network
|
-
|
-
|
A weakness has been identified in langflow-ai langflow up to 1.8.3. Impacted is the function remove_api_keys/has_api_terms of the file src/backend/base/langflow/api/utils/core.py of the component Flo…
|
CWE-255
CWE-256
Credentials Management
Plaintext Storage of a Password
|
CVE-2026-6597
|
2026-04-20 12:16 |
2026-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
234
|
7.3 |
HIGH
Network
|
-
|
-
|
A security flaw has been discovered in langflow-ai langflow up to 1.1.0. This issue affects the function create_upload_file of the file src/backend/base/Langflow/api/v1/endpoints.py of the component …
|
CWE-284
CWE-434
Improper Access Control
Unrestricted Upload of File with Dangerous Type
|
CVE-2026-6596
|
2026-04-20 12:16 |
2026-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
235
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was identified in ProjectsAndPrograms School Management System up to 6b6fae5426044f89c08d0dd101c7fa71f9042a59. This vulnerability affects unknown code of the file buslocation.php of t…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-6595
|
2026-04-20 12:16 |
2026-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
236
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was determined in brikcss merge up to 1.3.0. This affects an unknown part. Executing a manipulation of the argument __proto__/constructor.prototype/prototype can lead to improperly co…
|
CWE-94
CWE-1321
Code Injection
Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution')
|
CVE-2026-6594
|
2026-04-20 11:16 |
2026-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
237
|
3.5 |
LOW
Network
|
-
|
-
|
A vulnerability was found in ComfyUI up to 0.13.0. Affected by this issue is some unknown functionality of the file server.py of the component View Endpoint. Performing a manipulation results in cros…
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2026-6593
|
2026-04-20 11:16 |
2026-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
238
|
3.5 |
LOW
Network
|
-
|
-
|
A vulnerability has been found in ComfyUI up to 0.13.0. Affected by this vulnerability is the function getuserdata of the file app/user_manager.py of the component userdata Endpoint. Such manipulatio…
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2026-6592
|
2026-04-20 11:16 |
2026-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
239
|
4.3 |
MEDIUM
Network
|
-
|
-
|
A flaw has been found in ComfyUI up to 0.13.0. Affected is the function folder_paths.get_annotated_filepath of the file folder_paths.py of the component LoadImage Node. This manipulation of the argum…
|
CWE-22
Path Traversal
|
CVE-2026-6591
|
2026-04-20 10:16 |
2026-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
240
|
4.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was detected in ComfyUI up to 0.13.0. This impacts the function get_model_preview of the file app/model_manager.py of the component Model Preview Endpoint. The manipulation results in…
|
CWE-22
Path Traversal
|
CVE-2026-6590
|
2026-04-20 10:16 |
2026-04-20 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
