|
3921
|
6.2 |
MEDIUM
Local
|
-
|
-
|
ObserverIP Scan Tool 1.4.0.1 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string in the IP input field. Attackers …
|
CWE-789
Memory Allocation with Excessive Size Value
|
CVE-2018-25295
|
2026-04-28 03:53 |
2026-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3922
|
5.5 |
MEDIUM
Local
|
-
|
-
|
P10 Central Management Software 1.4.13 contains a buffer overflow vulnerability in the login password field that allows local attackers to crash the application by submitting an oversized input strin…
|
CWE-120
Classic Buffer Overflow
|
CVE-2018-25296
|
2026-04-28 03:53 |
2026-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3923
|
9.8 |
CRITICAL
Network
|
-
|
-
|
A security flaw has been discovered in Totolink A8000RU 7.1cu.643_b20200521. This issue affects the function setVpnPassCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulat…
|
CWE-77
CWE-78
Command Injection
OS Command
|
CVE-2026-7037
|
2026-04-28 03:50 |
2026-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3924
|
3.3 |
LOW
Local
|
-
|
-
|
A weakness has been identified in tufantunc ssh-mcp up to 1.5.0. Impacted is an unknown function of the file src/index.ts of the component Command Line Handler. This manipulation causes insufficientl…
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2026-7038
|
2026-04-28 03:50 |
2026-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3925
|
5.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was found in 666ghj MiroFish up to 0.1.2. This affects the function get_simulation_posts of the file backend/app/api/simulation.py of the component Query Parameter Handler. Performing…
|
CWE-22
Path Traversal
|
CVE-2026-7059
|
2026-04-28 03:50 |
2026-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3926
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was determined in baomidou dynamic-datasource 2.5.0. Affected by this vulnerability is the function DsSpelExpressionProcessor#doDetermineDatasource of the file dynamic-datasource-spri…
|
CWE-74
CWE-707
Injection
Improper Enforcement of Message or Data Structure
|
CVE-2026-7045
|
2026-04-28 03:50 |
2026-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3927
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was determined in KLiK SocialMediaWebsite up to 1.0.1. This vulnerability affects unknown code of the file /includes/get_message_ajax.php of the component Private Message Handler. Exe…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-7002
|
2026-04-28 03:46 |
2026-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3928
|
5.3 |
MEDIUM
Network
|
-
|
-
|
A security flaw has been discovered in go-kratos kratos up to 2.9.2. This impacts the function NewServer of the file transport/http/server.go of the component http.DefaultServeMux Fallback Handler. T…
|
CWE-441
Confused Deputy
|
CVE-2026-6993
|
2026-04-28 03:42 |
2026-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3929
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was determined in star7th ShowDoc up to 2.10.10/3.6.2/3.8.0. Affected by this vulnerability is an unknown functionality of the file server/Application/Api/Controller/PageController.cl…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-6982
|
2026-04-28 03:42 |
2026-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3930
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A weakness has been identified in Envoy up to 1.33.0. Affected is the function params.add of the file source/extensions/filters/http/header_mutation/header_mutation.cc of the component Query Paramete…
|
CWE-74
CWE-707
Injection
Improper Enforcement of Message or Data Structure
|
CVE-2026-6994
|
2026-04-28 03:42 |
2026-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
