CVE-2026-21643 - Fortinet FortiClientEMS SQL Injection
CVE ID : CVE-2026-21643
Published : Feb. 6, 2026, 8:24 a.m. | 23 minutes ago
Description : An improper neutralization of special elements used in an sql command ('sql injection') vulnerability in Fortinet FortiClientEMS 7.4.4 may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted HTTP requests.
Severity: 9.1 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-21643
Published : Feb. 6, 2026, 8:24 a.m. | 23 minutes ago
Description : An improper neutralization of special elements used in an sql command ('sql injection') vulnerability in Fortinet FortiClientEMS 7.4.4 may allow an unauthenticated attacker to execute unauthorized code or commands via specifically crafted HTTP requests.
Severity: 9.1 | CRITICAL
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-1499 - WP Duplicate <= 1.1.8 - Authenticated (Subscriber+) Arbitrary File Upload via 'process_add_site' AJAX Action
CVE ID : CVE-2026-1499
Published : Feb. 6, 2026, 8:25 a.m. | 23 minutes ago
Description : The WP Duplicate plugin for WordPress is vulnerable to Missing Authorization leading to Arbitrary File Upload in all versions up to and including 1.1.8. This is due to a missing capability check on the `process_add_site()` AJAX action combined with path traversal in the file upload functionality. This makes it possible for authenticated (subscriber-level) attackers to set the internal `prod_key_random_id` option, which can then be used by an unauthenticated attacker to bypass authentication checks and write arbitrary files to the server via the `handle_upload_single_big_file()` function, ultimately leading to remote code execution.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-1499
Published : Feb. 6, 2026, 8:25 a.m. | 23 minutes ago
Description : The WP Duplicate plugin for WordPress is vulnerable to Missing Authorization leading to Arbitrary File Upload in all versions up to and including 1.1.8. This is due to a missing capability check on the `process_add_site()` AJAX action combined with path traversal in the file upload functionality. This makes it possible for authenticated (subscriber-level) attackers to set the internal `prod_key_random_id` option, which can then be used by an unauthenticated attacker to bypass authentication checks and write arbitrary files to the server via the `handle_upload_single_big_file()` function, ultimately leading to remote code execution.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-1785 - Code Snippets <= 3.9.4 - Cross-Site Request Forgery to Cloud Snippet Download/Update Actions
CVE ID : CVE-2026-1785
Published : Feb. 6, 2026, 8:25 a.m. | 23 minutes ago
Description : The Code Snippets plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.9.4. This is due to missing nonce validation on the cloud snippet download and update actions in the Cloud_Search_List_Table class. This makes it possible for unauthenticated attackers to force logged-in administrators to download or update cloud snippets without their consent via a crafted request, granted they can trick an administrator into visiting a malicious page.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-1785
Published : Feb. 6, 2026, 8:25 a.m. | 23 minutes ago
Description : The Code Snippets plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.9.4. This is due to missing nonce validation on the cloud snippet download and update actions in the Cloud_Search_List_Table class. This makes it possible for unauthenticated attackers to force logged-in administrators to download or update cloud snippets without their consent via a crafted request, granted they can trick an administrator into visiting a malicious page.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-1252 - Events Listing Widget <= 1.3.4 - Authenticated (Author+) Stored Cross-Site Scripting via Event URL Field
CVE ID : CVE-2026-1252
Published : Feb. 6, 2026, 8:25 a.m. | 23 minutes ago
Description : The Events Listing Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Event URL' parameter in all versions up to, and including, 1.3.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-1252
Published : Feb. 6, 2026, 8:25 a.m. | 23 minutes ago
Description : The Events Listing Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Event URL' parameter in all versions up to, and including, 1.3.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-24914 - "Canon Camera Type Confusion Vulnerability"
CVE ID : CVE-2026-24914
Published : Feb. 6, 2026, 8:26 a.m. | 22 minutes ago
Description : Type confusion vulnerability in the camera module. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 4.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-24914
Published : Feb. 6, 2026, 8:26 a.m. | 22 minutes ago
Description : Type confusion vulnerability in the camera module. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 4.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-24915 - Cisco Media Out-of-Bounds Read Vulnerability
CVE ID : CVE-2026-24915
Published : Feb. 6, 2026, 8:27 a.m. | 20 minutes ago
Description : Out-of-bounds read issue in the media subsystem. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.
Severity: 6.2 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-24915
Published : Feb. 6, 2026, 8:27 a.m. | 20 minutes ago
Description : Out-of-bounds read issue in the media subsystem. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.
Severity: 6.2 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-24918 - Apache Communication Module Read Vulnerability
CVE ID : CVE-2026-24918
Published : Feb. 6, 2026, 8:29 a.m. | 19 minutes ago
Description : Address read vulnerability in the communication module. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-24918
Published : Feb. 6, 2026, 8:29 a.m. | 19 minutes ago
Description : Address read vulnerability in the communication module. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 6.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-24921 - Cisco HDC Module Read Vulnerability
CVE ID : CVE-2026-24921
Published : Feb. 6, 2026, 8:30 a.m. | 17 minutes ago
Description : Address read vulnerability in the HDC module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.
Severity: 4.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-24921
Published : Feb. 6, 2026, 8:30 a.m. | 17 minutes ago
Description : Address read vulnerability in the HDC module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality.
Severity: 4.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-2011 - itsourcecode Student Management System controller.php sql injection
CVE ID : CVE-2026-2011
Published : Feb. 6, 2026, 8:32 a.m. | 16 minutes ago
Description : A vulnerability was found in itsourcecode Student Management System 1.0. The affected element is an unknown function of the file /ramonsys/enrollment/controller.php. The manipulation of the argument ID results in sql injection. The attack can be launched remotely. The exploit has been made public and could be used.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-2011
Published : Feb. 6, 2026, 8:32 a.m. | 16 minutes ago
Description : A vulnerability was found in itsourcecode Student Management System 1.0. The affected element is an unknown function of the file /ramonsys/enrollment/controller.php. The manipulation of the argument ID results in sql injection. The attack can be launched remotely. The exploit has been made public and could be used.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-24922 - Cisco HDC Buffer Overflow Vulnerability
CVE ID : CVE-2026-24922
Published : Feb. 6, 2026, 8:32 a.m. | 16 minutes ago
Description : Buffer overflow vulnerability in the HDC module. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 6.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-24922
Published : Feb. 6, 2026, 8:32 a.m. | 16 minutes ago
Description : Buffer overflow vulnerability in the HDC module. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 6.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-24923 - "HPDC HDC Permission Control Vulnerability"
CVE ID : CVE-2026-24923
Published : Feb. 6, 2026, 8:39 a.m. | 9 minutes ago
Description : Permission control vulnerability in the HDC module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-24923
Published : Feb. 6, 2026, 8:39 a.m. | 9 minutes ago
Description : Permission control vulnerability in the HDC module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-24929 - Adobe Flash Out-of-bounds Read Vulnerability
CVE ID : CVE-2026-24929
Published : Feb. 6, 2026, 8:41 a.m. | 6 minutes ago
Description : Out-of-bounds read vulnerability in the graphics module. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-24929
Published : Feb. 6, 2026, 8:41 a.m. | 6 minutes ago
Description : Out-of-bounds read vulnerability in the graphics module. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-24930 - Adobe Flash UAF Concurrency Vulnerability
CVE ID : CVE-2026-24930
Published : Feb. 6, 2026, 8:42 a.m. | 5 minutes ago
Description : UAF concurrency vulnerability in the graphics module. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 8.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-24930
Published : Feb. 6, 2026, 8:42 a.m. | 5 minutes ago
Description : UAF concurrency vulnerability in the graphics module. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 8.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-24917 - Apache Security Module Use-After-Free Vulnerability
CVE ID : CVE-2026-24917
Published : Feb. 6, 2026, 9:15 a.m. | 3 hours, 32 minutes ago
Description : UAF vulnerability in the security module. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-24917
Published : Feb. 6, 2026, 9:15 a.m. | 3 hours, 32 minutes ago
Description : UAF vulnerability in the security module. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-24919 - "Adobe DFX Out-of-Bounds Write Vulnerability"
CVE ID : CVE-2026-24919
Published : Feb. 6, 2026, 9:15 a.m. | 3 hours, 32 minutes ago
Description : Out-of-bounds write vulnerability in the DFX module. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 6.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-24919
Published : Feb. 6, 2026, 9:15 a.m. | 3 hours, 32 minutes ago
Description : Out-of-bounds write vulnerability in the DFX module. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 6.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-24931 - Verifone Card Module Information Disclosure Vulnerability
CVE ID : CVE-2026-24931
Published : Feb. 6, 2026, 9:15 a.m. | 3 hours, 32 minutes ago
Description : Vulnerability of improper criterion security check in the card module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-24931
Published : Feb. 6, 2026, 9:15 a.m. | 3 hours, 32 minutes ago
Description : Vulnerability of improper criterion security check in the card module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-2012 - itsourcecode Student Management System index.php sql injection
CVE ID : CVE-2026-2012
Published : Feb. 6, 2026, 9:15 a.m. | 3 hours, 32 minutes ago
Description : A vulnerability was determined in itsourcecode Student Management System 1.0. The impacted element is an unknown function of the file /ramonsys/facultyloading/index.php. This manipulation of the argument ID causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-2012
Published : Feb. 6, 2026, 9:15 a.m. | 3 hours, 32 minutes ago
Description : A vulnerability was determined in itsourcecode Student Management System 1.0. The impacted element is an unknown function of the file /ramonsys/facultyloading/index.php. This manipulation of the argument ID causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-24920 - Adobe Experience Manager (AEM) Permission Control Vulnerability - Availability
CVE ID : CVE-2026-24920
Published : Feb. 6, 2026, 10:16 a.m. | 2 hours, 32 minutes ago
Description : Permission control vulnerability in the AMS module. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 6.2 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-24920
Published : Feb. 6, 2026, 10:16 a.m. | 2 hours, 32 minutes ago
Description : Permission control vulnerability in the AMS module. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 6.2 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-24924 - HP Print Module Privilege Escalation Vulnerability
CVE ID : CVE-2026-24924
Published : Feb. 6, 2026, 10:16 a.m. | 2 hours, 32 minutes ago
Description : Vulnerability of improper permission control in the print module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-24924
Published : Feb. 6, 2026, 10:16 a.m. | 2 hours, 32 minutes ago
Description : Vulnerability of improper permission control in the print module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-24927 - "Siemens Frequency Modulation Out-of-Bounds Access Vulnerability"
CVE ID : CVE-2026-24927
Published : Feb. 6, 2026, 10:16 a.m. | 2 hours, 32 minutes ago
Description : Out-of-bounds access vulnerability in the frequency modulation module. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-24927
Published : Feb. 6, 2026, 10:16 a.m. | 2 hours, 32 minutes ago
Description : Out-of-bounds access vulnerability in the frequency modulation module. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-24928 - Apache File System Out-of-Bounds Write Vulnerability
CVE ID : CVE-2026-24928
Published : Feb. 6, 2026, 10:16 a.m. | 2 hours, 32 minutes ago
Description : Out-of-bounds write vulnerability in the file system module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Severity: 5.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-24928
Published : Feb. 6, 2026, 10:16 a.m. | 2 hours, 32 minutes ago
Description : Out-of-bounds write vulnerability in the file system module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Severity: 5.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...