|
2961
|
6.3 |
MEDIUM
Adjacent
|
-
|
-
|
A security vulnerability has been detected in UGREEN CM933 1.1.59.4319. The impacted element is an unknown function of the component Administrative Interface. Such manipulation leads to missing authe…
|
CWE-287
CWE-306
Improper Authentication
Missing Authentication for Critical Function
|
CVE-2026-8185
|
2026-05-12 00:11 |
2026-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2962
|
5.3 |
MEDIUM
Network
|
-
|
-
|
The Activity Logs, User Activity Tracking, Multisite Activity Log from Logtivity plugin for WordPress is vulnerable to Authentication Bypass to Information Disclosure in versions up to, and including…
|
CWE-200
Information Exposure
|
CVE-2026-8198
|
2026-05-12 00:11 |
2026-05-9 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2963
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A weakness has been identified in Akaunting 3.1.21. This issue affects some unknown processing of the file config/dompdf.php of the component Invoice PDF Rendering. Executing a manipulation can lead …
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-8193
|
2026-05-12 00:11 |
2026-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2964
|
4.3 |
MEDIUM
Network
|
-
|
-
|
A security vulnerability has been detected in osTicket up to 1.18.3. Impacted is an unknown function of the file include/class.dispatcher.php of the component Dispatcher. The manipulation of the argu…
|
CWE-352
CWE-862
Origin Validation Error
Missing Authorization
|
CVE-2026-8194
|
2026-05-12 00:11 |
2026-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2965
|
4.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was detected in JeecgBoot up to 3.9.1. The affected element is an unknown function of the file jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/C…
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2026-8195
|
2026-05-12 00:11 |
2026-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2966
|
3.7 |
LOW
Network
|
-
|
-
|
A flaw has been found in JeecgBoot 3.9.1. The impacted element is an unknown function of the file jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/LoginControlle…
|
CWE-285
CWE-639
Improper Authorization
Authorization Bypass Through User-Controlled Key
|
CVE-2026-8196
|
2026-05-12 00:11 |
2026-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2967
|
7.5 |
HIGH
Network
|
google
|
android
|
In Modem IMS, there is a possible improper input validation. This could lead to remote denial of service with no additional execution privileges needed.
|
NVD-CWE-noinfo
|
CVE-2025-71254
|
2026-05-12 00:10 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2968
|
7.5 |
HIGH
Network
|
google
|
android
|
In Modem IMS, there is a possible improper input validation. This could lead to remote denial of service with no additional execution privileges needed.
|
NVD-CWE-noinfo
|
CVE-2025-71255
|
2026-05-12 00:09 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2969
|
5.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was found in Industrial Application Software IAS Canias ERP 8.03. This affects the function doAction of the component RMI Interface. The manipulation of the argument sessionId results…
|
CWE-287
Improper Authentication
|
CVE-2026-8214
|
2026-05-12 00:08 |
2026-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2970
|
5.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was determined in Industrial Application Software IAS Canias ERP 8.03. This vulnerability affects the function iasRequestFileEvent of the component RMI Interface. This manipulation of…
|
CWE-22
Path Traversal
|
CVE-2026-8215
|
2026-05-12 00:08 |
2026-05-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
