|
2431
|
7.3 |
HIGH
Network
|
-
|
-
|
A security vulnerability has been detected in yashpokharna2555 StudentManagementSystem cb2f558ddf8d19396de0f92abf2d224d46a0a203. This affects the function confirm_logged_in of the file student_trans.…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-9470
|
2026-05-27 04:54 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2432
|
3.5 |
LOW
Network
|
-
|
-
|
A vulnerability was detected in yashpokharna2555 StudentManagementSystem cb2f558ddf8d19396de0f92abf2d224d46a0a203. This impacts an unknown function of the file /student.php. Performing a manipulation…
|
CWE-79
CWE-94
Cross-site Scripting
Code Injection
|
CVE-2026-9471
|
2026-05-27 04:54 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2433
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A flaw has been found in dazeb markdown-downloader up to 3d4394b34b6c99d81af817623af55e3384df5a6a. Affected is the function download_markdown/list_downloaded_files/create_subdirectory of the file src…
|
CWE-22
Path Traversal
|
CVE-2026-9472
|
2026-05-27 04:54 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2434
|
7.3 |
HIGH
Network
|
-
|
-
|
A vulnerability was found in yashpokharna2555 StudentManagementSystem up to cb2f558ddf8d19396de0f92abf2d224d46a0a203. Affected by this issue is the function confirm_logged_in of the file /studentdel.…
|
CWE-74
CWE-89
Injection
SQL Injection
|
CVE-2026-9474
|
2026-05-27 04:54 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2435
|
9.8 |
CRITICAL
Network
|
-
|
-
|
A security flaw has been discovered in Totolink A8000RU 7.1cu.643_b20200521. This issue affects the function setAccessDeviceCfg of the file /cgi-bin/cstecgi.cgi of the component Web Management Interf…
|
CWE-77
CWE-78
Command Injection
OS Command
|
CVE-2026-9477
|
2026-05-27 04:54 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2436
|
9.8 |
CRITICAL
Network
|
-
|
-
|
A weakness has been identified in Totolink A8000RU 7.1cu.643_b20200521. Impacted is the function setParentalRules of the file /cgi-bin/cstecgi.cgi of the component Web Management Interface. Executing…
|
CWE-77
CWE-78
Command Injection
OS Command
|
CVE-2026-9478
|
2026-05-27 04:54 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2437
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A flaw has been found in changmingxie tcc-transaction up to 2.1.0. This issue affects the function Fastjson.parseObject of the component Fastjson AutoType REST API. This manipulation causes deseriali…
|
CWE-20
CWE-502
Improper Input Validation
Deserialization of Untrusted Data
|
CVE-2026-9497
|
2026-05-27 04:54 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2438
|
6.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability has been found in Dromara lamp-cloud up to 5.6.2. Impacted is the function GroovyClassLoader.parseClass of the component Message Template Handler. Such manipulation of the argument De…
|
CWE-791
CWE-1336
Incomplete Filtering of Special Elements
Improper Neutralization of Special Elements Used in a Template Engine
|
CVE-2026-9498
|
2026-05-27 04:54 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2439
|
3.3 |
LOW
Local
|
-
|
-
|
A vulnerability was determined in GNU LibreDWG up to 0.14. The impacted element is the function decompress_R2004_section of the file src/decode.c of the component Dwgread Utility. Executing a manipul…
|
CWE-617
Reachable Assertion
|
CVE-2026-9501
|
2026-05-27 04:54 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
2440
|
5.3 |
MEDIUM
Local
|
-
|
-
|
A vulnerability was identified in GNU LibreDWG up to 0.14. This affects the function decompress_R2004_section of the file src/decode.c of the component Dwgread Utility. The manipulation leads to heap…
|
CWE-119
CWE-122
Incorrect Access of Indexable Resource ('Range Error')
Heap-based Buffer Overflow
|
CVE-2026-9502
|
2026-05-27 04:54 |
2026-05-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
