10

CVSS4.0

CVE-2026-24871 - Code injection in Minecraft-Rcon-Manage

Improper Control of Generation of Code ('Code Injection') vulnerability in pilgrimage233 Minecraft-Rcon-Manage.This issue affects Minecraft-Rcon-Manage: before 3.0.

๐Ÿ“… Published: Jan. 27, 2026, 3:50 p.m. ๐Ÿ”„ Last Modified: Jan. 29, 2026, 4:31 p.m.

3.7

CVSS3.1

CVE-2026-24870 - Information disclosure in ixray-1.6-stcop

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in ixray-team ixray-1.6-stcop.This issue affects ixray-1.6-stcop: before 1.3.

๐Ÿ“… Published: Jan. 27, 2026, 3:47 p.m. ๐Ÿ”„ Last Modified: Feb. 5, 2026, 5:02 p.m.

9.8

CVSS3.1

CVE-2026-24832 - Out-of-bounds write in ixray-1.6-stcop

Out-of-bounds Write vulnerability in ixray-team ixray-1.6-stcop.This issue affects ixray-1.6-stcop: before 1.3.

๐Ÿ“… Published: Jan. 27, 2026, 3:43 p.m. ๐Ÿ”„ Last Modified: Feb. 5, 2026, 5:02 p.m.

7.5

CVSS3.1

CVE-2026-24831 - Infinite loop (DoS) in ixray-1.6-stcop

Loop with Unreachable Exit Condition ('Infinite Loop') vulnerability in ixray-team ixray-1.6-stcop.This issue affects ixray-1.6-stcop: before 1.3.

๐Ÿ“… Published: Jan. 27, 2026, 3:40 p.m. ๐Ÿ”„ Last Modified: Feb. 5, 2026, 5:02 p.m.

7.8

CVSS3.1

CVE-2026-0648 -

The vulnerability stems from an incorrect error-checking logic in the CreateCounter()ย function (in threadx/utility/rtos_compatibility_layers/OSEK/tx_osek.c) when handling the return value of osek_get_counter(). Specifically, the current code checks if cntr_idย equals 0uย to determine failure, but @osโ€ฆ

๐Ÿ“… Published: Jan. 27, 2026, 3:40 p.m. ๐Ÿ”„ Last Modified: April 2, 2026, 8:30 p.m.

4.2

CVSS3.1

CVE-2025-55095 -

The function _ux_host_class_storage_media_mount()ย is responsible for mounting partitions on a USB mass storage device. When it encounters an extended partition entry in the partition table, it recursively calls itself to mount the next logical partition. This recursion occurs in _ux_host_class_stoโ€ฆ

๐Ÿ“… Published: Jan. 27, 2026, 3:34 p.m. ๐Ÿ”„ Last Modified: April 2, 2026, 8:28 p.m.

8.7

CVSS4.0

CVE-2025-55102 -

A denial-of-service vulnerability exists in the NetX IPv6 component functionality of Eclipse ThreadX NetX Duo. A specially crafted network packet of "Packet Too Big" with more than 15 different source address can lead to denial of service. An attacker can send a malicious packet to trigger this vulโ€ฆ

๐Ÿ“… Published: Jan. 27, 2026, 3:25 p.m. ๐Ÿ”„ Last Modified: April 2, 2026, 8:30 p.m.

8.8

CVSS4.0

CVE-2021-47902 - Testa Online Test Management System 3.4.7 - 'q' SQL Injection

Testa Online Test Management System 3.4.7 contains a SQL injection vulnerability that allows attackers to manipulate database queries through the 'q' search parameter. Attackers can inject malicious SQL code in the search field to extract database information, potentially accessing sensitive user oโ€ฆ

๐Ÿ“… Published: Jan. 27, 2026, 3:23 p.m. ๐Ÿ”„ Last Modified: March 5, 2026, 1:29 a.m.

5.1

CVSS4.0

CVE-2021-47901 - dirsearch 0.4.1 - CSV Injection

Dirsearch 0.4.1 contains a CSV injection vulnerability when using the --csv-report flag that allows attackers to inject formulas through redirected endpoints. Attackers can craft malicious server redirects with comma-separated paths containing Excel formulas to manipulate the generated CSV report.

๐Ÿ“… Published: Jan. 27, 2026, 3:23 p.m. ๐Ÿ”„ Last Modified: Jan. 29, 2026, 4:31 p.m.

9.3

CVSS4.0

CVE-2021-47900 - Gila CMS < 2.0.0 - Remote Code Execution

Gila CMS versions prior to 2.0.0 contain a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary system commands through manipulated HTTP headers. Attackers can inject PHP code in the User-Agent header with shell_exec() to run system commands by sending crafโ€ฆ

๐Ÿ“… Published: Jan. 27, 2026, 3:23 p.m. ๐Ÿ”„ Last Modified: March 5, 2026, 1:29 a.m.
Total resulsts: 343944
Page 1408 of 34,395
ยซ previous page ยป next page
Filters