Latest CVE Feed

Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.

Score
Vulnerability
Published
5.0 MEDIUM
CVE-2026-16229 — itsourcecode Courier Management System index.php cross site scripting

A flaw has been found in itsourcecode Courier Management System up to 1.0. Affected by this vulnerability is an unknown functionality of the file /index.php. Executing a manipulation of the argument …

courier_management_system | Remote | Cross-Site Scripting
Jul 19, 2026 Jul 19, 2026
Jul 19, 2026
Jul 19, 2026
7.5 HIGH
CVE-2026-16228 — SourceCodester Class and Exam Timetabling System edit_schoolyr.php sql injection

A vulnerability was detected in SourceCodester Class and Exam Timetabling System 1.0. Affected is an unknown function of the file /edit_schoolyr.php. Performing a manipulation of the argument ID resu…

class_and_exam_timetabling_system | Remote | Injection
Jul 19, 2026 Jul 19, 2026
Jul 19, 2026
Jul 19, 2026
7.5 HIGH
CVE-2026-16227 — SourceCodester Class and Exam Timetabling System edit_subject.php sql injection

A security vulnerability has been detected in SourceCodester Class and Exam Timetabling System 1.0. This impacts an unknown function of the file /edit_subject.php. Such manipulation of the argument I…

class_and_exam_timetabling_system | Remote | Injection
Jul 19, 2026 Jul 19, 2026
Jul 19, 2026
Jul 19, 2026
0.0 NA
CVE-2026-53380 — media: rzv2h-ivc: Fix concurrent buffer list access

In the Linux kernel, the following vulnerability has been resolved: media: rzv2h-ivc: Fix concurrent buffer list access The list of buffers (`rzv2h_ivc::buffers.queue`) is protected by a spinlock (…

| Race Condition
Jul 19, 2026 Jul 19, 2026
Jul 19, 2026
Jul 19, 2026
0.0 NA
CVE-2026-53379 — media: i2c: ov8856: free control handler on error in ov8856_init_controls()

In the Linux kernel, the following vulnerability has been resolved: media: i2c: ov8856: free control handler on error in ov8856_init_controls() The control handler wasn't freed if adding controls f…

| Memory Corruption
Jul 19, 2026 Jul 19, 2026
Jul 19, 2026
Jul 19, 2026
0.0 NA
CVE-2026-53378 — drm/colorop: Fix blob property reference tracking in state lifecycle

In the Linux kernel, the following vulnerability has been resolved: drm/colorop: Fix blob property reference tracking in state lifecycle The colorop state blob property handling had memory leaks du…

| Memory Corruption
Jul 19, 2026 Jul 19, 2026
Jul 19, 2026
Jul 19, 2026
0.0 NA
CVE-2026-53377 — drm/msm: always recover the gpu

In the Linux kernel, the following vulnerability has been resolved: drm/msm: always recover the gpu Previously, in case there was no more work to do, recover worker wouldn't trigger recovery and wo…

| Denial of Service
Jul 19, 2026 Jul 19, 2026
Jul 19, 2026
Jul 19, 2026
0.0 NA
CVE-2026-53376 — drm/amdkfd: Add upper bound check for num_of_nodes

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Add upper bound check for num_of_nodes drm/amdkfd: Add upper bound check for num_of_nodes in kfd_ioctl_get_process_ap…

Jul 19, 2026 Jul 19, 2026
Jul 19, 2026
Jul 19, 2026
0.0 NA
CVE-2026-53375 — drm/amdgpu/vce: Prevent partial address patches

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/vce: Prevent partial address patches In the case that only one of lo/hi is valid, the patching could result in a bad a…

| Memory Corruption
Jul 19, 2026 Jul 19, 2026
Jul 19, 2026
Jul 19, 2026
0.0 NA
CVE-2026-53374 — drm/amdgpu: zero-initialize GART table on allocation

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: zero-initialize GART table on allocation GART TLB is flushed after unmapping but not after mapping. Since amdgpu_bo_c…

| Memory Corruption
Jul 19, 2026 Jul 19, 2026
Jul 19, 2026
Jul 19, 2026
0.0 NA
CVE-2026-53373 — mm/vma: do not try to unmap a VMA if mmap_prepare() invoked from mmap()

In the Linux kernel, the following vulnerability has been resolved: mm/vma: do not try to unmap a VMA if mmap_prepare() invoked from mmap() The mmap_prepare hook functionality includes the ability …

| Misconfiguration
Jul 19, 2026 Jul 19, 2026
Jul 19, 2026
Jul 19, 2026
0.0 NA
CVE-2026-53372 — iommu/vt-d: Block PASID attachment to nested domain with dirty tracking

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Block PASID attachment to nested domain with dirty tracking Kernel lacks dirty tracking support on nested domain atta…

| Misconfiguration
Jul 19, 2026 Jul 19, 2026
Jul 19, 2026
Jul 19, 2026
0.0 NA
CVE-2026-53371 — RDMA/ionic: bound node_desc sysfs read with %.64s

In the Linux kernel, the following vulnerability has been resolved: RDMA/ionic: bound node_desc sysfs read with %.64s node_desc[64] in struct ib_device is not guaranteed to be NUL- terminated. The …

| Information Disclosure
Jul 19, 2026 Jul 19, 2026
Jul 19, 2026
Jul 19, 2026
0.0 NA
CVE-2026-53370 — perf/x86/intel: Improve validation and configuration of ACR masks

In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel: Improve validation and configuration of ACR masks Currently there are several issues on the user space ACR mask v…

| Misconfiguration
Jul 19, 2026 Jul 19, 2026
Jul 19, 2026
Jul 19, 2026
0.0 NA
CVE-2026-53369 — udf: reject descriptors with oversized CRC length

In the Linux kernel, the following vulnerability has been resolved: udf: reject descriptors with oversized CRC length udf_read_tagged() skips CRC verification when descCRCLength + sizeof(struct tag…

| Misconfiguration
Jul 19, 2026 Jul 19, 2026
Jul 19, 2026
Jul 19, 2026
0.0 NA
CVE-2026-53368 — f2fs: fix fsck inconsistency caused by incorrect nat_entry flag usage

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix fsck inconsistency caused by incorrect nat_entry flag usage f2fs_need_dentry_mark() reads nat_entry flags without mutua…

| Race Condition
Jul 19, 2026 Jul 19, 2026
Jul 19, 2026
Jul 19, 2026
0.0 NA
CVE-2026-53367 — selinux: fix avdcache auditing

In the Linux kernel, the following vulnerability has been resolved: selinux: fix avdcache auditing The per-task avdcache was incorrectly saving and reusing the audited vector computed by avc_audit_…

| Authorization
Jul 19, 2026 Jul 19, 2026
Jul 19, 2026
Jul 19, 2026
5.8 MEDIUM
CVE-2026-16226 — SourceCodester Pizzafy Ecommerce System admin_class_novo.php save_settings unrestricted u…

A weakness has been identified in SourceCodester Pizzafy Ecommerce System 1.0. This affects the function save_settings of the file /admin/admin_class_novo.php. This manipulation of the argument img c…

pizzafy_ecommerce_system | Remote | Misconfiguration
Jul 19, 2026 Jul 19, 2026
Jul 19, 2026
Jul 19, 2026
6.5 MEDIUM
CVE-2026-16225 — davenardella snap7 s7_peer.cpp NegotiatePDULength out-of-bounds write

A security flaw has been discovered in davenardella snap7 up to 1.4.3. The impacted element is the function TSnap7Peer::NegotiatePDULength of the file src/core/s7_peer.cpp. The manipulation of the ar…

snap7 | Remote | Memory Corruption
Jul 19, 2026 Jul 19, 2026
Jul 19, 2026
Jul 19, 2026
5.3 MEDIUM
CVE-2026-16224 — jxxghp MoviePilot Application API improper authorization

A vulnerability was identified in jxxghp MoviePilot up to 2.13.5. The affected element is an unknown function of the file /jxxghp/MoviePilot of the component Application API. The manipulation leads t…

Remote | Authorization
Jul 19, 2026 Jul 19, 2026
Jul 19, 2026
Jul 19, 2026
Showing 20 of 7788 Results