0.0

CVE-2021-35485 -

The Applications component of Nokia IMPACT version through 19.11.2.10-20210118042150283 allows an authenticated user to arbitrarily upload server-side executable files via the /ui/rest-proxy/application fileupload parameter. This can occur during the adding of a new application, or during the editi…

πŸ“… Published: March 3, 2026, midnight πŸ”„ Last Modified: March 4, 2026, 2:54 p.m.

7.2

CVSS3.1

CVE-2025-67840 -

Multiple authenticated OS command injection vulnerabilities exist in the Cohesity (formerly Stone Ram) TranZman 4.0 Build 14614 through TZM_1757588060_SEP2025_FULL.depot web application API endpoints (including Scheduler and Actions pages). The appliance directly concatenates user-controlled parame…

πŸ“… Published: March 3, 2026, midnight πŸ”„ Last Modified: March 3, 2026, 5:54 p.m.

0.0

CVE-2024-55019 -

Incorrect access control in the component download_wb.cgi of Weintek cMT-3072XH2 easyweb Web Version v2.1.53, OS v20231011 allows unauthenticated attack to download arbitrary files.

πŸ“… Published: March 3, 2026, midnight πŸ”„ Last Modified: March 3, 2026, 6:32 p.m.

0.0

CVE-2025-62814 -

An issue was discovered in Samsung Mobile Processor Exynos 1280, 2200, 1380, 1480, and 2400. A NULL pointer dereference of ft_handle in load_fw_utc_vector() causes a denial of service.

πŸ“… Published: March 3, 2026, midnight πŸ”„ Last Modified: March 4, 2026, 2:54 p.m.

2.7

CVSS3.1

CVE-2026-26886 -

Sourcecodester Online Men's Salon Management System v1.0 is vulnerable to SQL Injection in /admin/services/manage_service.php.

πŸ“… Published: March 3, 2026, midnight πŸ”„ Last Modified: March 4, 2026, 3:02 p.m.

0.0

CVE-2024-55027 -

Weintek cMT-3072XH2 easyweb v2.1.53, OS v20231011 was discovered to stroe credentials in plaintext in the component uac_temp.db.

πŸ“… Published: March 3, 2026, midnight πŸ”„ Last Modified: March 4, 2026, 2:42 p.m.

0.0

CVE-2025-70821 -

renren-secuity before v5.5.0 is vulnerable to SQL Injection in the BaseServiceImpl.java component

πŸ“… Published: March 3, 2026, midnight πŸ”„ Last Modified: March 3, 2026, 2:39 p.m.

0.0

CVE-2025-66680 -

An issue in the WiseDelfile64.sys component of WiseCleaner Wise Force Deleter 7.3.2 and earlier allows attackers to delete arbitrary files via a crafted request.

πŸ“… Published: March 3, 2026, midnight πŸ”„ Last Modified: March 3, 2026, 3:38 p.m.

8.8

CVSS3.1

CVE-2026-1566 - LatePoint <= 5.2.7 - Authenticated (Agent+) Privilege Escalation

The LatePoint – Calendar Booking Plugin for Appointments and Events plugin for WordPress is vulnerable to privilege escalation via password reset in all versions up to, and including, 5.2.7. This is due to the plugin allowing users with a LatePoint Agent role, who are creating new customers to set …

πŸ“… Published: March 2, 2026, 11:22 p.m. πŸ”„ Last Modified: March 2, 2026, 11:22 p.m.

5.3

CVSS3.1

CVE-2026-1336 - AI ChatBot with ChatGPT and Content Generator by AYS <= 2.7.5 - Missing Authorization to Unauthenti…

The AI ChatBot with ChatGPT and Content Generator by AYS plugin for WordPress is vulnerable to unauthorized access and modification of data due to missing capability checks on the store_data() and get_chatgpt_api_key() functions in all versions up to, and including, 2.7.5. This makes it possible fo…

πŸ“… Published: March 2, 2026, 11:22 p.m. πŸ”„ Last Modified: March 2, 2026, 11:22 p.m.
Total resulsts: 335664
Page 23 of 33,567
Β« previous page Β» next page
Filters