Export limit exceeded: 344111 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (344111 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-6160 | 2026-04-13 | 5.3 Medium | ||
| A vulnerability was found in code-projects Simple ChatBox 1.0. Affected by this issue is the function SimpleChatbox_PHP of the file chatbox.sql of the component Endpoint. Performing a manipulation results in file and directory information exposure. It is possible to initiate the attack remotely. The exploit has been made public and could be used. | ||||
| CVE-2026-6159 | 2026-04-13 | 4.3 Medium | ||
| A vulnerability has been found in code-projects Simple ChatBox up to 1.0. Affected by this vulnerability is an unknown functionality of the file /chatbox/insert.php of the component Endpoint. Such manipulation of the argument msg leads to cross site scripting. The attack may be performed from remote. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2026-6158 | 1 Totolink | 1 N300rh Firmware | 2026-04-13 | 7.3 High |
| A flaw has been found in Totolink N300RH 6.1c.1353_B20190305. Affected is the function setUpgradeUboot of the file upgrade.so. This manipulation of the argument FileName causes os command injection. The attack is possible to be carried out remotely. The exploit has been published and may be used. | ||||
| CVE-2026-35553 | 2026-04-13 | 6.7 Medium | ||
| Bluetooth ACPI Drivers provided by Dynabook Inc. contain a stack-based buffer overflow vulnerability. An attacker may execute arbitrary code by modifying certain registry values. | ||||
| CVE-2026-34864 | 2026-04-13 | 6.8 Medium | ||
| Boundary-unlimited vulnerability in the application read module. Impact: Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2026-34863 | 2026-04-13 | 6.7 Medium | ||
| Out-of-bounds write vulnerability in the file system. Impact: Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2026-34862 | 2026-04-13 | 6.3 Medium | ||
| Race condition vulnerability in the power consumption statistics module. Impact: Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2026-34861 | 2026-04-13 | 6.3 Medium | ||
| Race condition vulnerability in the thermal management module. Impact: Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2026-34859 | 2026-04-13 | 5.9 Medium | ||
| UAF vulnerability in the kernel module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality. | ||||
| CVE-2026-34858 | 2026-04-13 | 4.1 Medium | ||
| UAF vulnerability in the communication module. Impact: Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2026-34857 | 2026-04-13 | 4.7 Medium | ||
| UAF vulnerability in the communication module. Impact: Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2026-34855 | 2026-04-13 | 5.7 Medium | ||
| Out-of-bounds write vulnerability in the kernel module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality. | ||||
| CVE-2026-34854 | 2026-04-13 | 5.7 Medium | ||
| UAF vulnerability in the kernel module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality. | ||||
| CVE-2026-34849 | 2026-04-13 | 2.5 Low | ||
| UAF vulnerability in the screen management module. Impact: Successful exploitation of this vulnerability may affect availability. | ||||
| CVE-2026-21003 | 2026-04-13 | N/A | ||
| Improper input validation in data related to network restrictions prior to SMR Apr-2026 Release 1 allows physical attackers to bypass the restrictions. | ||||
| CVE-2026-6179 | 2026-04-13 | N/A | ||
| Stored Cross Site Scripting in NightWolf Penetration Testing Platform allows attack trigger and run malicious script in user's browser | ||||
| CVE-2026-6152 | 2026-04-13 | 7.3 High | ||
| A vulnerability was determined in code-projects Vehicle Showroom Management System 1.0. This issue affects some unknown processing of the file /util/StaffAddingFunction.php. This manipulation of the argument STAFF_ID causes sql injection. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized. | ||||
| CVE-2026-6151 | 2026-04-13 | 7.3 High | ||
| A vulnerability was found in code-projects Vehicle Showroom Management System 1.0. This vulnerability affects unknown code of the file /util/PaymentStatusFunction.php. The manipulation of the argument CUSTOMER_ID results in sql injection. It is possible to launch the attack remotely. The exploit has been made public and could be used. | ||||
| CVE-2026-6150 | 1 Code-projects | 1 Simple Laundry System | 2026-04-13 | 4.3 Medium |
| A vulnerability has been found in code-projects Simple Laundry System 1.0. This affects an unknown part of the file /checkupdatestatus.php. The manipulation of the argument serviceId leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2026-25204 | 2026-04-13 | 6.2 Medium | ||
| Deserialization of untrusted data vulnerability in Samsung Open Source Escargot Java Script allows denial of service condition via process abort. This issue affects escarogt prior to commit hash 97e8115ab1110bc502b4b5e4a0c689a71520d335 | ||||