|
1461
|
7.5 |
HIGH
Network
|
-
|
-
|
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in themeStek LabtechCO labtechco allows PHP Local File Inclusion.This issue affec…
|
CWE-98
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion')
|
CVE-2026-39544
|
2026-04-15 04:16 |
2026-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1462
|
5.3 |
MEDIUM
Network
|
-
|
-
|
Insertion of Sensitive Information Into Sent Data vulnerability in Doofinder Doofinder for WooCommerce doofinder-for-woocommerce allows Retrieve Embedded Sensitive Data.This issue affects Doofinder f…
|
CWE-201
Insertion of Sensitive Information Into Sent Data
|
CVE-2026-39542
|
2026-04-15 04:16 |
2026-04-8 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1463
|
7.5 |
HIGH
Network
|
-
|
-
|
A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions < V26.10), SICORE Base system (All versions < V26.10.0). The affected application contains an out-of-bound…
|
CWE-787
Out-of-bounds Write
|
CVE-2026-27664
|
2026-04-15 04:16 |
2026-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1464
|
7.5 |
HIGH
Network
|
-
|
-
|
Se ha identificado una vulnerabilidad en CPCI85 Central Processing/Communication (Todas las versiones < V26.10), sistema base SICORE (Todas las versiones < V26.10.0). La aplicación afectada con…
|
CWE-787
Out-of-bounds Write
|
CVE-2026-27664
|
2026-04-15 04:16 |
2026-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1465
|
6.5 |
MEDIUM
Adjacent
|
-
|
-
|
A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions < V26.10), RTUM85 RTU Base (All versions < V26.10). The affected application contains denial-of-service (D…
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2026-27663
|
2026-04-15 04:16 |
2026-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1466
|
6.5 |
MEDIUM
Adjacent
|
-
|
-
|
Se ha identificado una vulnerabilidad en CPCI85 Procesamiento/Comunicación Central (Todas las versiones < V26.10), RTUM85 Base RTU (Todas las versiones < V26.10). La aplicación afectada contien…
|
CWE-770
Allocation of Resources Without Limits or Throttling
|
CVE-2026-27663
|
2026-04-15 04:16 |
2026-03-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1467
|
5.3 |
MEDIUM
Network
|
-
|
-
|
An open redirect vulnerability in Rocket.Chat versions prior to 8.4.0 allows users to be redirected to arbitrary URLs by manipulating parameters within a SAML endpoint.
|
CWE-601
Open Redirect
|
CVE-2026-22560
|
2026-04-15 04:16 |
2026-04-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1468
|
6.1 |
MEDIUM
Network
|
pi-hole
|
web_interface
|
Pi-hole Admin Interface is a web interface for managing Pi-hole, a network-level ad and internet tracker blocking application. From 6.0 to before 6.5, client hostnames and IP addresses from the FTL d…
|
CWE-79
Cross-site Scripting
|
CVE-2026-33404
|
2026-04-15 04:16 |
2026-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1469
|
6.2 |
MEDIUM
Local
|
rizin
|
rizin
|
A double free vulnerability exists in librz/bin/format/le/le.c in the function le_load_fixup_record(). When processing malformed or circular LE fixup chains, relocation entries may be freed multiple …
|
CWE-415
Double Free
|
CVE-2026-31053
|
2026-04-15 04:12 |
2026-04-7 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
1470
|
7.8 |
HIGH
Local
|
iobit
|
advanced_system_care
|
IObit Advanced SystemCare 10.0.2 contains an unquoted service path vulnerability in the AdvancedSystemCareService10 service that allows local attackers to escalate privileges. Attackers can place a m…
|
CWE-428
Unquoted Search Path or Element
|
CVE-2016-20055
|
2026-04-15 04:09 |
2026-04-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
