8.7

CVSS4.0

CVE-2026-32748 - Squid has Denial of Service in ICP Response handling

Squid is a caching proxy for the Web. Prior to version 7.5, due to premature release of resource during expected lifetime and heap Use-After-Free bugs, Squid is vulnerable to Denial of Service when handling ICP traffic. This problem allows a remote attacker to perform a reliable and repeatable Deni…

πŸ“… Published: March 26, 2026, 12:11 a.m. πŸ”„ Last Modified: March 27, 2026, 9:29 a.m.

6.1

CVSS3.1

CVE-2026-29933 -

A reflected cross-site scripting (XSS) vulnerability in the /index/login.html component of YZMCMS v7.4 allows attackers to execute arbitrary Javascript in the context of the user's browser via modifying the referrer value in the request header.

πŸ“… Published: March 26, 2026, midnight πŸ”„ Last Modified: March 30, 2026, 8:57 p.m.

6.1

CVSS3.1

CVE-2026-30162 - TimoΒ 2.0.3 Cross‑Site Scripting via Title Field Links

Cross Site Scripting (xss) vulnerability in Timo 2.0.3 via crafted links in the title field.

πŸ“… Published: March 26, 2026, midnight πŸ”„ Last Modified: March 30, 2026, 1:26 p.m.

6.2

CVSS3.1

CVE-2026-29976 - hcxpcapngtool: hcxtools: ZerBea hcxpcapngtool: Information disclosure via buffer overflow in getrad…

Buffer Overflow vulnerability in ZerBea hcxpcapngtool v. 7.0.1-43-g2ee308e allows a local attacker to obtain sensitive information via the getradiotapfield() function

πŸ“… Published: March 26, 2026, midnight πŸ”„ Last Modified: March 30, 2026, 1:26 p.m.

9.8

CVSS3.1

CVE-2026-30457 -

An issue in the /parser/dwoo component of Daylight Studio FuelCMS v1.5.2 allows attackers to execute arbitrary code via crafted PHP code.

πŸ“… Published: March 26, 2026, midnight πŸ”„ Last Modified: March 30, 2026, 8:57 p.m.

6.1

CVSS3.1

CVE-2026-29969 -

A cross-site scripting (XSS) vulnerability in the wff_cols_pref.css.aspx endpoint of staffwiki v7.0.1.19219 allows attackers to execute arbitrary Javascript in the context of the user's browser via a crafted HTTP request.

πŸ“… Published: March 26, 2026, midnight πŸ”„ Last Modified: March 30, 2026, 8:57 p.m.

6.5

CVSS3.1

CVE-2026-29905 - Persistent Denial of Service via Malformed Image Upload in Kirby CMS

Kirby CMS through 5.1.4 allows an authenticated user with 'Editor' permissions to cause a persistent Denial of Service (DoS) via a malformed image upload. The application fails to properly validate the return value of the PHP getimagesize() function. When the system attempts to process this file fo…

πŸ“… Published: March 26, 2026, midnight πŸ”„ Last Modified: March 30, 2026, 1:26 p.m.

6.1

CVSS3.1

CVE-2026-29934 - Reflected XSS in LightCMS Admin Menus via Modified Referer

A reflected cross-site scripting (XSS) vulnerability in the /admin/menus component of Lightcms v2.0 allows attackers to execute arbitrary Javascript in the context of the user's browser via modifying the referer value in the request header.

πŸ“… Published: March 26, 2026, midnight πŸ”„ Last Modified: March 30, 2026, 1:26 p.m.

7.7

CVSS3.1

CVE-2026-30463 - SQL Injection via Login Controller in FuelCMS 1.5.2

Daylight Studio FuelCMS v1.5.2 was discovered to contain a SQL injection vulnerability via the /controllers/Login.php component.

πŸ“… Published: March 26, 2026, midnight πŸ”„ Last Modified: March 30, 2026, 8:57 p.m.

0.0

CVE-2026-23396 - wifi: mac80211: fix NULL deref in mesh_matches_local()

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix NULL deref in mesh_matches_local() mesh_matches_local() unconditionally dereferences ie->mesh_config to compare mesh configuration parameters. When called from mesh_rx_csa_frame(), the parsed action-frame elem…

πŸ“… Published: March 26, 2026, midnight πŸ”„ Last Modified: March 30, 2026, 1:26 p.m.
Total resulsts: 341475
Page 102 of 34,148
Β« previous page Β» next page
Filters