Export limit exceeded: 343035 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Export limit exceeded: 343035 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (343035 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-5534 | 1 Itsourcecode | 1 Online Enrollment System | 2026-04-07 | 7.3 High |
| A vulnerability was identified in itsourcecode Online Enrollment System 1.0. This affects an unknown function of the file /sms/user/index.php?view=edit&id=10 of the component Parameter Handler. Such manipulation of the argument USERID leads to sql injection. The attack can be executed remotely. The exploit is publicly available and might be used. | ||||
| CVE-2026-5538 | 1 Qingdaou | 1 Onlinejudge | 2026-04-07 | 6.3 Medium |
| A vulnerability was detected in QingdaoU OnlineJudge up to 1.6.1. Affected by this issue is the function service_url of the file JudgeServer.service_url of the component judge_server_heartbeat Endpoint. The manipulation results in server-side request forgery. It is possible to launch the attack remotely. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2026-5649 | 1 Code-projects | 1 Online Application System For Admission | 2026-04-07 | 6.3 Medium |
| A vulnerability has been found in code-projects Online Application System for Admission 1.0. This issue affects some unknown processing of the file /enrollment/admsnform.php of the component Endpoint. Such manipulation leads to sql injection. The attack can be executed remotely. The exploit has been disclosed to the public and may be used. | ||||
| CVE-2026-5645 | 1 Projectworlds | 1 Car Rental System | 2026-04-07 | 7.3 High |
| A weakness has been identified in projectworlds Car Rental System 1.0. Affected by this vulnerability is an unknown functionality of the file /pay.php of the component Parameter Handler. Executing a manipulation of the argument mpesa can lead to sql injection. The attack can be launched remotely. The exploit has been made available to the public and could be used for attacks. | ||||
| CVE-2026-5642 | 1 Cyber-iii | 1 Student-management-system | 2026-04-07 | 7.3 High |
| A vulnerability was determined in Cyber-III Student-Management-System up to 1a938fa61e9f735078e9b291d2e6215b4942af3f. This affects an unknown function of the file /viva/update.php of the component HTTP POST Request Handler. This manipulation of the argument Name causes improper authorization. It is possible to initiate the attack remotely. The exploit has been publicly disclosed and may be utilized. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available. The project was informed of the problem early through an issue report but has not responded yet. | ||||
| CVE-2026-5599 | 1 Pretix | 1 Venueless | 2026-04-07 | N/A |
| A user with API access and "manage users" permission in any venueless world is able to trigger deletion of user accounts in other worlds. | ||||
| CVE-2025-47374 | 1 Qualcomm | 1 Snapdragon | 2026-04-07 | 6.5 Medium |
| Memory Corruption when accessing freed memory due to concurrent fence deregistration and signal handling. | ||||
| CVE-2025-47389 | 1 Qualcomm | 1 Snapdragon | 2026-04-07 | 7.8 High |
| Memory corruption when buffer copy operation fails due to integer overflow during attestation report generation. | ||||
| CVE-2025-47392 | 1 Qualcomm | 1 Snapdragon | 2026-04-07 | 8.8 High |
| Memory corruption when decoding corrupted satellite data files with invalid signature offsets. | ||||
| CVE-2025-47391 | 1 Qualcomm | 1 Snapdragon | 2026-04-07 | 7.8 High |
| Memory corruption while processing a frame request from user. | ||||
| CVE-2025-47400 | 1 Qualcomm | 1 Snapdragon | 2026-04-07 | 7.1 High |
| Cryptographic issue while copying data to a destination buffer without validating its size. | ||||
| CVE-2026-21367 | 2026-04-07 | 7.6 High | ||
| Transient DOS when processing nonstandard FILS Discovery Frames with out-of-range action sizes during initial scans. | ||||
| CVE-2026-21371 | 1 Qualcomm | 1 Snapdragon | 2026-04-07 | 7.8 High |
| Memory Corruption when retrieving output buffer with insufficient size validation. | ||||
| CVE-2026-21373 | 1 Qualcomm | 1 Snapdragon | 2026-04-07 | 7.8 High |
| Memory Corruption when accessing an output buffer without validating its size during IOCTL processing. | ||||
| CVE-2026-21375 | 1 Qualcomm | 1 Snapdragon | 2026-04-07 | 7.8 High |
| Memory Corruption when accessing an output buffer without validating its size during IOCTL processing. | ||||
| CVE-2026-21376 | 1 Qualcomm | 1 Snapdragon | 2026-04-07 | 7.8 High |
| Memory Corruption when accessing an output buffer without validating its size during IOCTL processing in a camera sensor driver. | ||||
| CVE-2026-21378 | 2026-04-07 | 7.8 High | ||
| Memory Corruption when accessing an output buffer without validating its size during IOCTL processing in a camera sensor driver. | ||||
| CVE-2026-21380 | 1 Qualcomm | 1 Snapdragon | 2026-04-07 | 7.8 High |
| Memory Corruption when using deprecated DMABUF IOCTL calls to manage video memory. | ||||
| CVE-2026-21381 | 2026-04-07 | 7.6 High | ||
| Transient DOS when receiving a service data frame with excessive length during device matching over a neighborhood awareness network protocol connection. | ||||
| CVE-2026-31063 | 1 Utt | 1 Hiper 1200gw | 2026-04-07 | 4.5 Medium |
| UTT Aggressive HiPER 1200GW v2.5.3-170306 was discovered to contain a buffer overflow in the pools parameter of the formArpBindConfig function. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted input. | ||||