CVE-2026-24923 - "HPDC HDC Permission Control Vulnerability"
CVE ID : CVE-2026-24923
Published : Feb. 6, 2026, 8:39 a.m. | 9 minutes ago
Description : Permission control vulnerability in the HDC module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-24923
Published : Feb. 6, 2026, 8:39 a.m. | 9 minutes ago
Description : Permission control vulnerability in the HDC module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Severity: 6.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-24929 - Adobe Flash Out-of-bounds Read Vulnerability
CVE ID : CVE-2026-24929
Published : Feb. 6, 2026, 8:41 a.m. | 6 minutes ago
Description : Out-of-bounds read vulnerability in the graphics module. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-24929
Published : Feb. 6, 2026, 8:41 a.m. | 6 minutes ago
Description : Out-of-bounds read vulnerability in the graphics module. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-24930 - Adobe Flash UAF Concurrency Vulnerability
CVE ID : CVE-2026-24930
Published : Feb. 6, 2026, 8:42 a.m. | 5 minutes ago
Description : UAF concurrency vulnerability in the graphics module. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 8.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-24930
Published : Feb. 6, 2026, 8:42 a.m. | 5 minutes ago
Description : UAF concurrency vulnerability in the graphics module. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 8.4 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-24917 - Apache Security Module Use-After-Free Vulnerability
CVE ID : CVE-2026-24917
Published : Feb. 6, 2026, 9:15 a.m. | 3 hours, 32 minutes ago
Description : UAF vulnerability in the security module. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-24917
Published : Feb. 6, 2026, 9:15 a.m. | 3 hours, 32 minutes ago
Description : UAF vulnerability in the security module. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-24919 - "Adobe DFX Out-of-Bounds Write Vulnerability"
CVE ID : CVE-2026-24919
Published : Feb. 6, 2026, 9:15 a.m. | 3 hours, 32 minutes ago
Description : Out-of-bounds write vulnerability in the DFX module. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 6.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-24919
Published : Feb. 6, 2026, 9:15 a.m. | 3 hours, 32 minutes ago
Description : Out-of-bounds write vulnerability in the DFX module. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 6.0 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-24931 - Verifone Card Module Information Disclosure Vulnerability
CVE ID : CVE-2026-24931
Published : Feb. 6, 2026, 9:15 a.m. | 3 hours, 32 minutes ago
Description : Vulnerability of improper criterion security check in the card module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-24931
Published : Feb. 6, 2026, 9:15 a.m. | 3 hours, 32 minutes ago
Description : Vulnerability of improper criterion security check in the card module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Severity: 5.9 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-2012 - itsourcecode Student Management System index.php sql injection
CVE ID : CVE-2026-2012
Published : Feb. 6, 2026, 9:15 a.m. | 3 hours, 32 minutes ago
Description : A vulnerability was determined in itsourcecode Student Management System 1.0. The impacted element is an unknown function of the file /ramonsys/facultyloading/index.php. This manipulation of the argument ID causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-2012
Published : Feb. 6, 2026, 9:15 a.m. | 3 hours, 32 minutes ago
Description : A vulnerability was determined in itsourcecode Student Management System 1.0. The impacted element is an unknown function of the file /ramonsys/facultyloading/index.php. This manipulation of the argument ID causes sql injection. The attack may be initiated remotely. The exploit has been publicly disclosed and may be utilized.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-24920 - Adobe Experience Manager (AEM) Permission Control Vulnerability - Availability
CVE ID : CVE-2026-24920
Published : Feb. 6, 2026, 10:16 a.m. | 2 hours, 32 minutes ago
Description : Permission control vulnerability in the AMS module. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 6.2 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-24920
Published : Feb. 6, 2026, 10:16 a.m. | 2 hours, 32 minutes ago
Description : Permission control vulnerability in the AMS module. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 6.2 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-24924 - HP Print Module Privilege Escalation Vulnerability
CVE ID : CVE-2026-24924
Published : Feb. 6, 2026, 10:16 a.m. | 2 hours, 32 minutes ago
Description : Vulnerability of improper permission control in the print module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-24924
Published : Feb. 6, 2026, 10:16 a.m. | 2 hours, 32 minutes ago
Description : Vulnerability of improper permission control in the print module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Severity: 6.1 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-24927 - "Siemens Frequency Modulation Out-of-Bounds Access Vulnerability"
CVE ID : CVE-2026-24927
Published : Feb. 6, 2026, 10:16 a.m. | 2 hours, 32 minutes ago
Description : Out-of-bounds access vulnerability in the frequency modulation module. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-24927
Published : Feb. 6, 2026, 10:16 a.m. | 2 hours, 32 minutes ago
Description : Out-of-bounds access vulnerability in the frequency modulation module. Impact: Successful exploitation of this vulnerability may affect availability.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-24928 - Apache File System Out-of-Bounds Write Vulnerability
CVE ID : CVE-2026-24928
Published : Feb. 6, 2026, 10:16 a.m. | 2 hours, 32 minutes ago
Description : Out-of-bounds write vulnerability in the file system module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Severity: 5.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-24928
Published : Feb. 6, 2026, 10:16 a.m. | 2 hours, 32 minutes ago
Description : Out-of-bounds write vulnerability in the file system module. Impact: Successful exploitation of this vulnerability may affect service confidentiality.
Severity: 5.8 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-2013 - itsourcecode Student Management System index.php sql injection
CVE ID : CVE-2026-2013
Published : Feb. 6, 2026, 10:16 a.m. | 2 hours, 32 minutes ago
Description : A vulnerability was identified in itsourcecode Student Management System 1.0. This affects an unknown function of the file /ramonsys/soa/index.php. Such manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit is publicly available and might be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-2013
Published : Feb. 6, 2026, 10:16 a.m. | 2 hours, 32 minutes ago
Description : A vulnerability was identified in itsourcecode Student Management System 1.0. This affects an unknown function of the file /ramonsys/soa/index.php. Such manipulation of the argument ID leads to sql injection. The attack may be launched remotely. The exploit is publicly available and might be used.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-2014 - itsourcecode Student Management System index.php sql injection
CVE ID : CVE-2026-2014
Published : Feb. 6, 2026, 10:16 a.m. | 2 hours, 32 minutes ago
Description : A security flaw has been discovered in itsourcecode Student Management System 1.0. This impacts an unknown function of the file /ramonsys/billing/index.php. Performing a manipulation of the argument ID results in sql injection. Remote exploitation of the attack is possible. The exploit has been released to the public and may be used for attacks.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-2014
Published : Feb. 6, 2026, 10:16 a.m. | 2 hours, 32 minutes ago
Description : A security flaw has been discovered in itsourcecode Student Management System 1.0. This impacts an unknown function of the file /ramonsys/billing/index.php. Performing a manipulation of the argument ID results in sql injection. Remote exploitation of the attack is possible. The exploit has been released to the public and may be used for attacks.
Severity: 7.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-2015 - Portabilis i-Educar Final Status Import FinalStatusImportService.php improper authorization
CVE ID : CVE-2026-2015
Published : Feb. 6, 2026, 11:15 a.m. | 1 hour, 32 minutes ago
Description : A weakness has been identified in Portabilis i-Educar up to 2.10. Affected is an unknown function of the file FinalStatusImportService.php of the component Final Status Import. Executing a manipulation of the argument school_id can lead to improper authorization. The attack can be executed remotely. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-2015
Published : Feb. 6, 2026, 11:15 a.m. | 1 hour, 32 minutes ago
Description : A weakness has been identified in Portabilis i-Educar up to 2.10. Affected is an unknown function of the file FinalStatusImportService.php of the component Final Status Import. Executing a manipulation of the argument school_id can lead to improper authorization. The attack can be executed remotely. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 6.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-2018 - itsourcecode School Management System controller.php sql injection
CVE ID : CVE-2026-2018
Published : Feb. 6, 2026, 12:02 p.m. | 46 minutes ago
Description : A flaw has been found in itsourcecode School Management System 1.0. This affects an unknown part of the file /ramonsys/settings/controller.php. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been published and may be used.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-2018
Published : Feb. 6, 2026, 12:02 p.m. | 46 minutes ago
Description : A flaw has been found in itsourcecode School Management System 1.0. This affects an unknown part of the file /ramonsys/settings/controller.php. This manipulation of the argument ID causes sql injection. It is possible to initiate the attack remotely. The exploit has been published and may be used.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-1293 - Yoast SEO <= 26.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'yoast-schema' Block Attribute
CVE ID : CVE-2026-1293
Published : Feb. 6, 2026, 12:16 p.m. | 32 minutes ago
Description : The Yoast SEO – Advanced SEO with real-time guidance and built-in AI plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the the `yoast-schema` block attribute in all versions up to, and including, 26.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-1293
Published : Feb. 6, 2026, 12:16 p.m. | 32 minutes ago
Description : The Yoast SEO – Advanced SEO with real-time guidance and built-in AI plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the the `yoast-schema` block attribute in all versions up to, and including, 26.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Severity: 6.4 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-2016 - happyfish100 libfastcommon base64.c base64_decode stack-based overflow
CVE ID : CVE-2026-2016
Published : Feb. 6, 2026, 12:16 p.m. | 32 minutes ago
Description : A security vulnerability has been detected in happyfish100 libfastcommon up to 1.0.84. Affected by this vulnerability is the function base64_decode of the file src/base64.c. The manipulation leads to stack-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed publicly and may be used. The identifier of the patch is 82f66af3e252e3e137dba0c3891570f085e79adf. Applying a patch is the recommended action to fix this issue.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-2016
Published : Feb. 6, 2026, 12:16 p.m. | 32 minutes ago
Description : A security vulnerability has been detected in happyfish100 libfastcommon up to 1.0.84. Affected by this vulnerability is the function base64_decode of the file src/base64.c. The manipulation leads to stack-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed publicly and may be used. The identifier of the patch is 82f66af3e252e3e137dba0c3891570f085e79adf. Applying a patch is the recommended action to fix this issue.
Severity: 5.3 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-2017 - IP-COM W30AP POST Request wx3auth R7WebsSecurityHandler stack-based overflow
CVE ID : CVE-2026-2017
Published : Feb. 6, 2026, 12:16 p.m. | 32 minutes ago
Description : A vulnerability was detected in IP-COM W30AP up to 1.0.0.11(1340). Affected by this issue is the function R7WebsSecurityHandler of the file /goform/wx3auth of the component POST Request Handler. The manipulation of the argument data results in stack-based buffer overflow. The attack may be performed from remote. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 10.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-2017
Published : Feb. 6, 2026, 12:16 p.m. | 32 minutes ago
Description : A vulnerability was detected in IP-COM W30AP up to 1.0.0.11(1340). Affected by this issue is the function R7WebsSecurityHandler of the file /goform/wx3auth of the component POST Request Handler. The manipulation of the argument data results in stack-based buffer overflow. The attack may be performed from remote. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Severity: 10.0 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-2054 - D-Link DIR-605L/DIR-619L Wifi Setting information disclosure
CVE ID : CVE-2026-2054
Published : Feb. 6, 2026, 12:32 p.m. | 16 minutes ago
Description : A security flaw has been discovered in D-Link DIR-605L and DIR-619L 2.06B01/2.13B01. Impacted is an unknown function of the component Wifi Setting Handler. Performing a manipulation results in information disclosure. The attack may be initiated remotely. The exploit has been released to the public and may be used for attacks. This vulnerability only affects products that are no longer supported by the maintainer.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-2054
Published : Feb. 6, 2026, 12:32 p.m. | 16 minutes ago
Description : A security flaw has been discovered in D-Link DIR-605L and DIR-619L 2.06B01/2.13B01. Impacted is an unknown function of the component Wifi Setting Handler. Performing a manipulation results in information disclosure. The attack may be initiated remotely. The exploit has been released to the public and may be used for attacks. This vulnerability only affects products that are no longer supported by the maintainer.
Severity: 0.0 | NA
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2026-2055 - D-Link DIR-605L/DIR-619L DHCP Client Information information disclosure
CVE ID : CVE-2026-2055
Published : Feb. 6, 2026, 1:15 p.m. | 3 hours, 33 minutes ago
Description : A weakness has been identified in D-Link DIR-605L and DIR-619L 2.06B01/2.13B01. The affected element is an unknown function of the component DHCP Client Information Handler. Executing a manipulation can lead to information disclosure. The attack may be launched remotely. The exploit has been made available to the public and could be used for attacks. This vulnerability only affects products that are no longer supported by the maintainer.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2026-2055
Published : Feb. 6, 2026, 1:15 p.m. | 3 hours, 33 minutes ago
Description : A weakness has been identified in D-Link DIR-605L and DIR-619L 2.06B01/2.13B01. The affected element is an unknown function of the component DHCP Client Information Handler. Executing a manipulation can lead to information disclosure. The attack may be launched remotely. The exploit has been made available to the public and could be used for attacks. This vulnerability only affects products that are no longer supported by the maintainer.
Severity: 5.5 | MEDIUM
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE-2025-13818 - Local privilege escalation in ESET Management Agent for Windows
CVE ID : CVE-2025-13818
Published : Feb. 6, 2026, 2:16 p.m. | 2 hours, 32 minutes ago
Description : Local privilege escalation vulnerability via insecure temporary batch file execution in ESET Management Agent
Severity: 8.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE ID : CVE-2025-13818
Published : Feb. 6, 2026, 2:16 p.m. | 2 hours, 32 minutes ago
Description : Local privilege escalation vulnerability via insecure temporary batch file execution in ESET Management Agent
Severity: 8.3 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...