Export limit exceeded: 341141 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (341141 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2018-25201 | 1 Wecodex | 1 School Management System Cms | 2026-03-29 | 7.1 High |
| School Management System CMS 1.0 contains an SQL injection vulnerability in the admin login functionality that allows attackers to bypass authentication by injecting SQL code through the username parameter. Attackers can submit malicious payloads using boolean-based blind SQL injection techniques to the processlogin endpoint to authenticate as administrator without valid credentials. | ||||
| CVE-2018-25210 | 1 Web-ofisi | 2 E-ticaret, Ticaret | 2026-03-29 | 8.2 High |
| WebOfisi E-Ticaret 4.0 contains an SQL injection vulnerability in the 'urun' GET parameter of the endpoint that allows unauthenticated attackers to manipulate database queries. Attackers can inject SQL payloads through the 'urun' parameter to execute boolean-based blind, error-based, time-based blind, and stacked query attacks against the backend database. | ||||
| CVE-2026-1961 | 2 Red Hat, Redhat | 5 Red Hat Satellite 6, Satellite, Satellite Capsule and 2 more | 2026-03-29 | 8 High |
| A flaw was found in Foreman. A remote attacker could exploit a command injection vulnerability in Foreman's WebSocket proxy implementation. This vulnerability arises from the system's use of unsanitized hostname values from compute resource providers when constructing shell commands. By operating a malicious compute resource server, an attacker could achieve remote code execution on the Foreman server when a user accesses VM VNC console functionality. This could lead to the compromise of sensitive credentials and the entire managed infrastructure. | ||||
| CVE-2026-32284 | 1 Shamaton | 1 Msgpack | 2026-03-29 | 5.9 Medium |
| The msgpack decoder fails to properly validate the input buffer length when processing truncated fixext data (format codes 0xd4-0xd8). This can lead to an out-of-bounds read and a runtime panic, allowing a denial of service attack. | ||||
| CVE-2026-32285 | 1 Buger | 1 Jsonparser | 2026-03-29 | 7.5 High |
| The Delete function fails to properly validate offsets when processing malformed JSON input. This can lead to a negative slice index and a runtime panic, allowing a denial of service attack. | ||||
| CVE-2026-32286 | 1 Jackc | 1 Pgproto3 | 2026-03-29 | 7.5 High |
| The DataRow.Decode function fails to properly validate field lengths. A malicious or compromised PostgreSQL server can send a DataRow message with a negative field length, causing a slice bounds out of range panic. | ||||
| CVE-2026-32287 | 1 Antchfx | 1 Xpath | 2026-03-29 | N/A |
| Boolean XPath expressions that evaluate to true can cause an infinite loop in logicalQuery.Select, leading to 100% CPU usage. This can be triggered by top-level selectors such as "1=1" or "true()". | ||||
| CVE-2026-33375 | 1 Grafana | 1 Grafana | 2026-03-29 | 6.5 Medium |
| The Grafana MSSQL data source plugin contains a logic flaw that allows a low-privileged user (Viewer) to bypass API restrictions and trigger a catastrophic Out-Of-Memory (OOM) memory exhaustion, crashing the host container. | ||||
| CVE-2026-21724 | 1 Grafana | 1 Grafana | 2026-03-29 | 5.4 Medium |
| A vulnerability has been discovered in Grafana OSS where an authorization bypass in the provisioning contact points API allows users with Editor role to modify protected webhook URLs without the required alert.notifications.receivers.protected:write permission. | ||||
| CVE-2026-28377 | 1 Grafana | 1 Tempo | 2026-03-29 | 7.5 High |
| A vulnerability in Grafana Tempo exposes the S3 SSE-C encryption key in plaintext through the /status/config endpoint, potentially allowing unauthorized users to obtain the key used to encrypt trace data stored in S3. Thanks to william_goodfellow for reporting this vulnerability. | ||||
| CVE-2026-30532 | 2026-03-29 | 9.8 Critical | ||
| A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the admin/view_product.php file via the "id" parameter. | ||||
| CVE-2026-30533 | 2026-03-29 | 9.8 Critical | ||
| A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the admin/manage_product.php file via the "id" parameter. | ||||
| CVE-2026-30534 | 2026-03-29 | 8.3 High | ||
| A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in admin/manage_category.php via the "id" parameter. | ||||
| CVE-2026-30574 | 2026-03-29 | 7.5 High | ||
| A Business Logic vulnerability exists in SourceCodester Pharmacy Product Management System 1.0 in the add-sales.php file. The application fails to verify if the requested sales quantity (txtqty) exceeds the available stock level. An attacker can manipulate the request to purchase a quantity that is significantly higher than the actual available stock. | ||||
| CVE-2026-30576 | 2026-03-29 | 7.5 High | ||
| A Business Logic vulnerability exists in SourceCodester Pharmacy Product Management System 1.0 in the add-stock.php file. The application fails to validate the "txtprice" and "txttotalcost" parameters during stock entry, allowing negative financial values to be submitted. This leads to corruption of financial records, allowing attackers to manipulate inventory asset values and procurement costs. | ||||
| CVE-2026-30302 | 2026-03-29 | 10 Critical | ||
| The command auto-approval module in CodeRider-Kilo contains an OS Command Injection vulnerability, rendering its whitelist security mechanism ineffective. The vulnerability stems from the incorrect use of an incompatible command parser (the Unix-based shell-quote library) to analyze commands on the Windows platform, coupled with a failure to correctly handle Windows CMD-specific escape sequences (^). Attackers can exploit this discrepancy between the parsing logic and the execution environment by constructing payloads such as git log ^" & malicious_command ^". The CodeRider-Kilo parser is deceived by the escape characters, misinterpreting the malicious command connector (&) as being within a protected string argument and thus auto-approving the command. However, the underlying Windows CMD interpreter ignores the escaped quotes, parsing and executing the subsequent malicious command directly. This allows attackers to achieve arbitrary Remote Code Execution (RCE) after bypassing what appears to be a legitimate Git whitelist check. | ||||
| CVE-2026-30529 | 2026-03-29 | 8.8 High | ||
| A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the Actions.php file (specifically the save_user action). The application fails to properly sanitize user input supplied to the "username" parameter. This allows an authenticated attacker to inject malicious SQL commands. | ||||
| CVE-2026-30530 | 2026-03-29 | 9.8 Critical | ||
| A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the Actions.php file (specifically the save_customer action). The application fails to properly sanitize user input supplied to the "username" parameter. This allows an attacker to inject malicious SQL commands. | ||||
| CVE-2026-30531 | 2026-03-29 | 8.8 High | ||
| A SQL Injection vulnerability exists in SourceCodester Online Food Ordering System v1.0 in the Actions.php file (specifically the save_category action). The application fails to properly sanitize user input supplied to the "name" parameter. This allows an authenticated attacker to inject malicious SQL commands. | ||||
| CVE-2026-30575 | 2026-03-29 | 7.5 High | ||
| A Business Logic vulnerability exists in SourceCodester Pharmacy Product Management System 1.0 in the add-stock.php file. The application fails to validate the "txtqty" parameter during stock entry, allowing negative values to be processed. This causes the system to decrease the inventory level instead of increasing it, leading to inventory corruption and potential Denial of Service by depleting stock records. | ||||