|
4091
|
3.3 |
LOW
Local
|
-
|
-
|
Una falla de seguridad ha sido descubierta en pygments hasta la versión 2.19.2. El elemento afectado es la función AdlLexer del archivo pygments/lexers/archetype.py. La manipulación resulta en una co…
|
CWE-400
CWE-1333
Uncontrolled Resource Consumption
Inefficient Regular Expression Complexity
|
CVE-2026-4539
|
2026-04-25 01:32 |
2026-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4092
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was detected in projectworlds Online Notes Sharing System 1.0. This issue affects some unknown processing of the file /login.php of the component Parameters Handler. The manipulation …
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-4540
|
2026-04-25 01:32 |
2026-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4093
|
7.3 |
HIGH
Network
|
-
|
-
|
Una vulnerabilidad fue detectada en projectworlds Online Notes Sharing System 1.0. Este problema afecta a un procesamiento desconocido del archivo /login.php del componente Gestor de Parámetros. La m…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-4540
|
2026-04-25 01:32 |
2026-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4094
|
5.4 |
MEDIUM
Network
|
-
|
-
|
A vulnerability has been found in SSCMS 4.7.0. The affected element is an unknown function of the file LayerImageController.Submit.cs of the component layerImage Endpoint. Such manipulation of the ar…
|
CWE-22
Path Traversal
|
CVE-2026-4542
|
2026-04-25 01:32 |
2026-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4095
|
5.4 |
MEDIUM
Network
|
-
|
-
|
Se ha encontrado una vulnerabilidad en SSCMS 4.7.0. El elemento afectado es una función desconocida del archivo LayerImageController.Submit.cs del componente layerImage Endpoint. Dicha manipulación d…
|
CWE-22
Path Traversal
|
CVE-2026-4542
|
2026-04-25 01:32 |
2026-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4096
|
2.5 |
LOW
Local
|
-
|
-
|
A flaw has been found in janmojzis tinyssh up to 20250501. Impacted is an unknown function of the file tinyssh/crypto_sign_ed25519_tinyssh.c of the component Ed25519 Signature Handler. This manipulat…
|
CWE-345
CWE-347
Insufficient Verification of Data Authenticity
Improper Verification of Cryptographic Signature
|
CVE-2026-4541
|
2026-04-25 01:32 |
2026-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4097
|
2.5 |
LOW
Local
|
-
|
-
|
Se ha encontrado una falla en janmojzis tinyssh hasta 20250501. Afectada es una función desconocida del archivo tinyssh/crypto_sign_ed25519_tinyssh.c del componente Gestor de Firma Ed25519. Esta mani…
|
CWE-345
CWE-347
Insufficient Verification of Data Authenticity
Improper Verification of Cryptographic Signature
|
CVE-2026-4541
|
2026-04-25 01:32 |
2026-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4098
|
4.3 |
MEDIUM
Network
|
-
|
-
|
A security vulnerability has been detected in mickasmt next-saas-stripe-starter 1.0.0. Affected is the function generateUserStripe of the file actions/generate-user-stripe.ts of the component Checkou…
|
CWE-840
Business Logic Errors
|
CVE-2026-4547
|
2026-04-25 01:32 |
2026-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4099
|
4.3 |
MEDIUM
Network
|
-
|
-
|
Una vulnerabilidad de seguridad ha sido detectada en mickasmt next-saas-stripe-starter 1.0.0. Afectada está la función generateUserStripe del archivo actions/generate-user-stripe.ts del componente Ge…
|
CWE-840
Business Logic Errors
|
CVE-2026-4547
|
2026-04-25 01:32 |
2026-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
4100
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was detected in mickasmt next-saas-stripe-starter 1.0.0. Affected by this vulnerability is the function updateUserrole of the file actions/update-user-role.ts. The manipulation of the…
|
CWE-266
CWE-285
Incorrect Privilege Assignment
Improper Authorization
|
CVE-2026-4548
|
2026-04-25 01:32 |
2026-03-22 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
