5.3

CVSS4.0

CVE-2026-7743 - CodeAstro Online Classroom studentdetails sql injection

A vulnerability has been found in CodeAstro Online Classroom 1.0. The impacted element is an unknown function of the file /OnlineClassroom/studentdetails. The manipulation of the argument deleteid leads to sql injection. The attack is possible to be carried out remotely. The exploit has been disclo…

πŸ“… Published: May 4, 2026, 7:15 a.m. πŸ”„ Last Modified: May 4, 2026, 7:15 a.m.

5.3

CVSS4.0

CVE-2026-7742 - CodeAstro Online Classroom facultylogin sql injection

A flaw has been found in CodeAstro Online Classroom 1.0. The affected element is an unknown function of the file /OnlineClassroom/facultylogin. Executing a manipulation of the argument fid can lead to sql injection. The attack can be executed remotely. The exploit has been published and may be used.

πŸ“… Published: May 4, 2026, 7 a.m. πŸ”„ Last Modified: May 4, 2026, 7 a.m.

5.3

CVSS4.0

CVE-2026-7741 - CodeAstro Online Classroom studentlogin sql injection

A vulnerability was detected in CodeAstro Online Classroom 1.0. Impacted is an unknown function of the file /OnlineClassroom/studentlogin. Performing a manipulation of the argument sid results in sql injection. Remote exploitation of the attack is possible. The exploit is now public and may be used.

πŸ“… Published: May 4, 2026, 6:45 a.m. πŸ”„ Last Modified: May 4, 2026, 6:45 a.m.

4.8

CVSS4.0

CVE-2026-7740 - justdan96 tsMuxer vvc.cpp setFPS denial of service

A security vulnerability has been detected in justdan96 tsMuxer up to 2.7.0. This issue affects the function VvcVpsUnit::setFPS of the file tsMuxer/vvc.cpp. Such manipulation of the argument track_id leads to denial of service. An attack has to be approached locally. The exploit has been disclosed …

πŸ“… Published: May 4, 2026, 6:30 a.m. πŸ”„ Last Modified: May 4, 2026, 6:30 a.m.

4.8

CVSS4.0

CVE-2026-7739 - justdan96 tsMuxer hevc.cpp setFPS denial of service

A weakness has been identified in justdan96 tsMuxer up to 2.7.0. This vulnerability affects the function HevcVpsUnit::setFPS of the file /AFLplusplus/tsMuxer_prev/tsMuxer/hevc.cpp. This manipulation of the argument track_id causes denial of service. The attack requires local access. The exploit has…

πŸ“… Published: May 4, 2026, 6:15 a.m. πŸ”„ Last Modified: May 4, 2026, 6:15 a.m.

2.5

CVSS3.1

CVE-2026-43864 -

mutt before 2.3.2 has a show_sig_summary NULL pointer dereference.

πŸ“… Published: May 4, 2026, 6:10 a.m. πŸ”„ Last Modified: May 4, 2026, 6:11 a.m.

3.7

CVSS3.1

CVE-2026-43863 -

mutt before 2.3.2 has an infinite loop in data_object_to_stream in crypt-gpgme.c.

πŸ“… Published: May 4, 2026, 6:05 a.m. πŸ”„ Last Modified: May 4, 2026, 6:06 a.m.

3.7

CVSS3.1

CVE-2026-43862 -

In mutt before 2.3.2, the imap_auth_gss security level is mishandled.

πŸ“… Published: May 4, 2026, 6 a.m. πŸ”„ Last Modified: May 4, 2026, 6:01 a.m.

5.3

CVSS4.0

CVE-2026-7738 - puchunjie doc-tools-mcp MCP mcp-server.ts open_document path traversal

A security flaw has been discovered in puchunjie doc-tools-mcp 1.0.18. This affects the function create_document/open_document of the file src/mcp-server.ts of the component MCP Interface. The manipulation of the argument filePath results in path traversal. The attack can be launched remotely. The …

πŸ“… Published: May 4, 2026, 6 a.m. πŸ”„ Last Modified: May 4, 2026, 6 a.m.

0.0

CVE-2026-5335 - Magic Export & Import < 1.2.0 - Unauthenticated PII Disclosure

The Magic Export & Import WordPress plugin before 1.2.0 stores exported CSV files at a publicly accessible location, making it possible for any visitors to leak sensitive user information.

πŸ“… Published: May 4, 2026, 6 a.m. πŸ”„ Last Modified: May 4, 2026, 6 a.m.
Total resulsts: 347815
Page 2 of 34,782
Β« previous page Β» next page
Filters