Latest CVE Feed
Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.
A vulnerability has been found in vanna-ai vanna up to 2.0.2. Affected is the function update_sql of the file src/vanna/legacy/flask/__init__.py of the component Endpoint. Such manipulation leads to …
A flaw has been found in vanna-ai vanna up to 2.0.2. This impacts the function remove_training_data of the file src/vanna/legacy/google/bigquery_vector.py. This manipulation of the argument ID causes…
A vulnerability was detected in LB-LINK BL-WR9000 2.4.9. This affects the function sub_458754 of the file /goform/set_wifi. The manipulation results in command injection. It is possible to launch the…
A security vulnerability has been detected in LB-LINK BL-WR9000 2.4.9. The impacted element is the function sub_44D844 of the file /goform/get_hidessid_cfg. The manipulation leads to buffer overflow.…
A weakness has been identified in LB-LINK BL-WR9000 2.4.9. The affected element is the function sub_44E8D0 of the file /goform/get_virtual_cfg. Executing a manipulation can lead to stack-based buffer…
A security flaw has been discovered in CMS Made Simple up to 2.2.21. Impacted is an unknown function of the file admin/listusers.php of the component User Management Module. Performing a manipulation…
A DLL search order hijacking vulnerability in Thermalright TR-VISION HOME on Windows (64-bit) allows a local attacker to escalate privileges via DLL side-loading. The application loads certain dynami…
in OpenHarmony v5.1.0 and prior versions allow a local attacker cause DOS through improper input.
in OpenHarmony v5.0.3 and prior versions allow a local attacker cause information improper input. This vulnerability can be exploited only in restricted scenarios.
in OpenHarmony v5.1.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scen…
in OpenHarmony v5.1.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through out-of-bounds write. This vulnerability can be exploited only in restricted scen…
in OpenHarmony v5.1.0 and prior versions allow a local attacker arbitrary code execution in pre-installed apps through using incompatible type. This vulnerability can be exploited only in restricted …
in OpenHarmony v5.0.3 and prior versions allow a local attacker case sensitive information leak through use of uninitialized resource.
in OpenHarmony v6.0 and prior versions allow a local attacker case DOS through missing release of memory.
libexpat before 2.7.5 allows a NULL pointer dereference in the function setContext on retry after an earlier ouf-of-memory condition.
A vulnerability was identified in itsourcecode Payroll Management System 1.0. This issue affects some unknown processing of the file /manage_employee.php. Such manipulation of the argument ID leads t…
libexpat before 2.7.5 allows an infinite loop while parsing DTD content.
libexpat before 2.7.5 allows a NULL pointer dereference with empty external parameter entity content.
GROWI OpenAI thread/message API endpoints do not perform authorization. Affected are v7.4.5 and earlier versions. A logged-in user who knows a shared AI assistant's identifier may view and/or tamper …
A vulnerability was determined in SSCMS up to 7.4.0. This vulnerability affects the function PathUtils.RemoveParentPath of the file /api/admin/plugins/install/actions/download. This manipulation of t…