Latest CVE Feed

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

Score
Vulnerability
Published
7.5 HIGH
CVE-2026-14768 — code-projects Real State Services builderHome.php sql injection

A weakness has been identified in code-projects Real State Services 1.0. This vulnerability affects unknown code of the file /builderHome.php. This manipulation of the argument loc causes sql injecti…

real_state_services | Remote | Injection
Jul 05, 2026 Jul 05, 2026
Jul 05, 2026
Jul 05, 2026
6.5 MEDIUM
CVE-2026-14767 — CodeAstro Ecommerce Website POST Parameter confirm.php sql injection

A security flaw has been discovered in CodeAstro Ecommerce Website 1.0. This affects an unknown part of the file /ecommerce-website-php/customer/confirm.php of the component POST Parameter Handler. T…

ecommerce_website | Remote | Injection
Jul 05, 2026 Jul 05, 2026
Jul 05, 2026
Jul 05, 2026
6.5 MEDIUM
CVE-2026-14766 — CodeAstro Apartment Visitor Management System POST Parameter search-result.php sql inject…

A vulnerability was identified in CodeAstro Apartment Visitor Management System 1.0. Affected by this issue is some unknown functionality of the file /apartment-visitor/search-result.php of the compo…

Remote | Injection
Jul 05, 2026 Jul 05, 2026
Jul 05, 2026
Jul 05, 2026
7.1 HIGH
CVE-2026-59510 — Authenticated Path Traversal in AIL Framework PDF Object Handling Enables Potential Arbit…

AIL Framework contains a path traversal vulnerability in its PDF object handling. Prior to commit 14c618fce4d1df02358717c48ea903706abecdf2, the PDF.get_filepath() function constructed a file path by …

Remote | Path Traversal
Jul 05, 2026 Jul 05, 2026
Jul 05, 2026
Jul 05, 2026
7.5 HIGH
CVE-2026-14764 — code-projects Hotel and Tourism Reservation Event Management add_event.php sql injection

A vulnerability has been found in code-projects Hotel and Tourism Reservation 1.0. This impacts an unknown function of the file /admin/add_event.php of the component Event Management Page. Such manip…

Remote | Injection
Jul 05, 2026 Jul 05, 2026
Jul 05, 2026
Jul 05, 2026
7.5 HIGH
CVE-2026-14763 — code-projects Hotel and Tourism Reservation Tour Reservations tour_reserves.php sql injec…

A flaw has been found in code-projects Hotel and Tourism Reservation 1.0. This affects an unknown function of the file /admin/tour_reserves.php of the component Tour Reservations Page. This manipulat…

Remote | Injection
Jul 05, 2026 Jul 05, 2026
Jul 05, 2026
Jul 05, 2026
7.5 HIGH
CVE-2026-14762 — code-projects Hotel and Tourism Reservation Room Management rooms.php sql injection

A vulnerability was detected in code-projects Hotel and Tourism Reservation 1.0. The impacted element is an unknown function of the file /admin/rooms.php of the component Room Management Page. The ma…

Remote | Injection
Jul 05, 2026 Jul 05, 2026
Jul 05, 2026
Jul 05, 2026
3.3 LOW
CVE-2026-14761 — radareorg radare2 str.c r_str_append integer overflow

A security vulnerability has been detected in radareorg radare2 up to 6.1.6. The affected element is the function r_str_ndup/r_str_append of the file libr/util/str.c. The manipulation leads to intege…

| Memory Corruption
Jul 05, 2026 Jul 05, 2026
Jul 05, 2026
Jul 05, 2026
3.3 LOW
CVE-2026-14760 — radareorg radare2 regprofile disasm.c r_core_seek_arch_bits use after free

A weakness has been identified in radareorg radare2 up to 6.1.6. Impacted is the function r_core_seek_arch_bits of the file libr/core/disasm.c of the component regprofile Handler. Executing a manipul…

| Memory Corruption
Jul 05, 2026 Jul 05, 2026
Jul 05, 2026
Jul 05, 2026
3.3 LOW
CVE-2026-14759 — radareorg radare2 RBinJava Line Number Table class.c r_bin_java_inner_classes_attr_calc_s…

A security flaw has been discovered in radareorg radare2 up to 6.1.6. This issue affects the function r_bin_java_inner_classes_attr_calc_size of the file shlr/java/class.c of the component RBinJava L…

| Memory Corruption
Jul 05, 2026 Jul 05, 2026
Jul 05, 2026
Jul 05, 2026
8.8 HIGH
CVE-2026-9085 — DNS Hijacking in TUBITAK BILGEM's Pardus-Parental-Control

Incorrect Permission Assignment for Critical Resource, Improper Access Control vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus-Parental-Control allows DNS Spoofing. T…

| Authorization
Jul 05, 2026 Jul 05, 2026
Jul 05, 2026
Jul 05, 2026
7.8 HIGH
CVE-2026-6509 — Privilege Escalation in TUBITAK BILGEM's Pardus Update

Missing Authorization vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus Update allows Privilege Escalation. This issue affects Pardus Update: from <=0.6.3 before 0.6.6.

| Authorization
Jul 05, 2026 Jul 05, 2026
Jul 05, 2026
Jul 05, 2026
3.3 LOW
CVE-2026-14758 — radareorg radare2 hexpairs cmd_anal.inc.c cmd_anal_opcode integer overflow

A vulnerability was identified in radareorg radare2 up to 6.1.6. This vulnerability affects the function cmd_anal_opcode of the file libr/core/cmd_anal.inc.c of the component hexpairs Parser. Such ma…

| Memory Corruption
Jul 05, 2026 Jul 05, 2026
Jul 05, 2026
Jul 05, 2026
5.3 MEDIUM
CVE-2026-14757 — radareorg radare2 cmd_anal.inc core_anal_bytes integer overflow

A vulnerability was determined in radareorg radare2 up to 6.1.6. This affects the function core_anal_bytes of the file libr/core/cmd_anal.inc. This manipulation causes integer overflow. The attack ne…

| Memory Corruption
Jul 05, 2026 Jul 05, 2026
Jul 05, 2026
Jul 05, 2026
7.5 HIGH
CVE-2026-14756 — code-projects Hotel and Tourism Reservation Tour Management add_tour.php sql injection

A vulnerability was found in code-projects Hotel and Tourism Reservation 1.0. Affected by this issue is some unknown functionality of the file /admin/add_tour.php of the component Tour Management Pag…

Remote | Injection
Jul 05, 2026 Jul 05, 2026
Jul 05, 2026
Jul 05, 2026
7.5 HIGH
CVE-2026-14755 — code-projects Hotel and Tourism Reservation Reservations Management reservations.php sql …

A vulnerability has been found in code-projects Hotel and Tourism Reservation 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/reservations.php of the component Rese…

Remote | Injection
Jul 05, 2026 Jul 05, 2026
Jul 05, 2026
Jul 05, 2026
3.9 LOW
CVE-2026-12386 — Buffer Overflow in TUBITAK BILGEM's Pardus Pen

Improper null termination vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus Pen allows Overflow Buffers. This issue affects Pardus Pen: from <=4.1.5 before 4.2.1.

| Memory Corruption
Jul 05, 2026 Jul 05, 2026
Jul 05, 2026
Jul 05, 2026
7.9 HIGH
CVE-2026-12250 — Sensitive Data Exposure in TUBITAK BILGEM's Pardus Domain Joiner

Invocation of process using visible sensitive information vulnerability in TUBITAK BILGEM Software Technologies Research Institute Pardus Domain Joiner allows Excavation. This issue affects Pardus D…

| Information Disclosure
Jul 05, 2026 Jul 05, 2026
Jul 05, 2026
Jul 05, 2026
7.5 HIGH
CVE-2026-14754 — code-projects Hotel and Tourism Reservation add_room.php sql injection

A flaw has been found in code-projects Hotel and Tourism Reservation 1.0. Affected is an unknown function of the file /admin/add_room.php. Executing a manipulation of the argument delete_image/edit/d…

Remote | Injection
Jul 05, 2026 Jul 05, 2026
Jul 05, 2026
Jul 05, 2026
7.5 HIGH
CVE-2026-14753 — mjperpinosa stumasy Note Handler/Assignment notes authorization

A vulnerability was detected in mjperpinosa stumasy up to 327d1b0f2915ba79d7ef8ebb74553e987609d9be. This impacts an unknown function of the file /PHP/objects/notes of the component Note Handler/Assig…

stumasy | Remote | Authorization
Jul 05, 2026 Jul 05, 2026
Jul 05, 2026
Jul 05, 2026
Showing 20 of 7388 Results