|
1441
|
3.7 |
LOW
Network
|
wwbn
|
avideo
|
WWBN AVideo is an open source video platform. In versions 26.0 and prior, the BlockonomicsYPT plugin's check.php endpoint returns payment order data for any Bitcoin address without requiring authenti…
|
CWE-862
Missing Authorization
|
CVE-2026-35448
|
2026-04-15 04:57 |
2026-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1442
|
5.5 |
MEDIUM
Local
|
systemd_project
|
systemd
|
In systemd 260 before 261, a local unprivileged user can trigger an assert via an IPC API call with an array or map that has a null element.
|
CWE-1025
Comparison Using Wrong Factors
|
CVE-2026-40227
|
2026-04-15 04:41 |
2026-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1443
|
6.5 |
MEDIUM
Network
|
microsoft
|
sharepoint_server
|
Improper input validation in Microsoft Office SharePoint allows an unauthorized attacker to perform spoofing over a network.
|
CWE-20
Improper Input Validation
|
CVE-2026-32201
|
2026-04-15 04:37 |
2026-04-15 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1444
|
7.8 |
HIGH
Local
|
gimp
|
gimp
|
GIMP XPM File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2026-4154
|
2026-04-15 04:33 |
2026-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1445
|
7.8 |
HIGH
Local
|
gimp
|
gimp
|
GIMP PSP File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User inte…
|
CWE-122
CWE-787
Heap-based Buffer Overflow
Out-of-bounds Write
|
CVE-2026-4153
|
2026-04-15 04:33 |
2026-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1446
|
7.8 |
HIGH
Local
|
gimp
|
gimp
|
GIMP ANI File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2026-4151
|
2026-04-15 04:32 |
2026-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1447
|
9.8 |
CRITICAL
Network
|
mrcms
|
mrcms
|
MRCMS 3.1.2 contains an access control vulnerability. The save() method in src/main/java/org/marker/mushroom/controller/UserController.java lacks proper authorization validation, enabling direct addi…
|
CWE-284
Improper Access Control
|
CVE-2026-31272
|
2026-04-15 04:32 |
2026-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1448
|
7.8 |
HIGH
Local
|
gimp
|
gimp
|
GIMP JP2 File Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User inte…
|
CWE-122
CWE-787
Heap-based Buffer Overflow
Out-of-bounds Write
|
CVE-2026-4152
|
2026-04-15 04:32 |
2026-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1449
|
7.8 |
HIGH
Local
|
gimp
|
gimp
|
GIMP PSD File Parsing Integer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GIMP. User interaction is…
|
CWE-190
Integer Overflow or Wraparound
|
CVE-2026-4150
|
2026-04-15 04:32 |
2026-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1450
|
9.8 |
CRITICAL
Network
|
statamcp
|
stata-mcp
|
A vulnerability was identified in stata-mcp prior to v1.13.0 where insufficient validation of user-supplied Stata do-file content can lead to command execution.
|
CWE-94
Code Injection
|
CVE-2026-31040
|
2026-04-15 04:31 |
2026-04-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
