Total CVEs

141,537

Critical Severity

3,871

High Severity

13,923

Last 7 Days

1,442
Quick preset (or use dates below)
Clear Filters
Showing 9,961 - 9,980 of 13,923 CVEs
CVE-2026-3734 HIGH - 7.3

A flaw has been found in SourceCodester Client Database Management System 1.0. Affected is an unknown function of the file /fetch_manager_details.php of the component Endpoint. This manipulation of the argument manager_id causes improper authorization. The attack can be initiated remotely. The explo...

Vendor: lerouxyxchire
Product: client_database_management_system
Published: Mar 08, 2026
Source: NVD
CVE-2026-3732 HIGH - 8.8

A security vulnerability has been detected in Tenda F453 1.0.0.3. This affects the function strcpy of the file /goform/exeCommand. The manipulation of the argument cmdinput leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed publicly a...

Vendor: tenda
Product: f453_firmware
Published: Mar 08, 2026
Source: NVD
CVE-2026-3730 HIGH - 7.3

A security flaw has been discovered in itsourcecode Free Hotel Reservation System 1.0. The affected element is an unknown function of the file /hotel/admin/mod_amenities/index.php?view=edit. Performing a manipulation of the argument amen_id/rmtype_id results in sql injection. The attack is possible ...

Vendor: itsourcecode
Product: free_hotel_reservation_system
Published: Mar 08, 2026
Source: NVD
CVE-2026-3729 HIGH - 8.8

A vulnerability was identified in Tenda F453 1.0.0.3/3.As. Impacted is the function fromPptpUserAdd of the file /goform/PPTPDClient. Such manipulation of the argument username/opttype leads to stack-based buffer overflow. The attack can be executed remotely. The exploit is publicly available and mig...

Vendor: tenda
Product: f453_firmware
Published: Mar 08, 2026
Source: NVD
CVE-2026-3728 HIGH - 8.8

A vulnerability was determined in Tenda F453 1.0.0.3/1.If. This issue affects the function fromSetCfm of the file /goform/setcfm. This manipulation of the argument funcname/funcpara1 causes stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been publicly disc...

Vendor: tenda
Product: f453_firmware
Published: Mar 08, 2026
Source: NVD
CVE-2026-3727 HIGH - 8.8

A vulnerability was found in Tenda F453 1.0.0.3. This vulnerability affects the function sub_3C6C0 of the file /goform/QuickIndex. The manipulation of the argument mit_linktype/PPPOEPassword results in stack-based buffer overflow. The attack may be launched remotely. The exploit has been made public...

Vendor: tenda
Product: f453_firmware
Published: Mar 08, 2026
Source: NVD
CVE-2026-3726 HIGH - 8.8

A vulnerability has been found in Tenda F453 1.0.0.3. This affects the function fromwebExcptypemanFilter of the file /goform/webExcptypemanFilter. The manipulation of the argument page leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the p...

Vendor: tenda
Product: f453_firmware
Published: Mar 08, 2026
Source: NVD
CVE-2026-3723 HIGH - 7.3

A security flaw has been discovered in code-projects Simple Flight Ticket Booking System 1.0. This affects an unknown function of the file /Admindelete.php. The manipulation of the argument flightno results in sql injection. The attack may be performed from remote. The exploit has been released to t...

Vendor: carmelo
Product: simple_flight_ticket_booking_system
Published: Mar 08, 2026
Source: NVD
CVE-2026-3715 HIGH - 8.8

A vulnerability was found in Wavlink WL-WN579X3-C 231124. This affects the function sub_40139C of the file /cgi-bin/firewall.cgi. Performing a manipulation of the argument del_flag results in stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been made publi...

Vendor: wavlink
Product: wl-wn579x3-c_firmware
Published: Mar 08, 2026
Source: NVD
CVE-2026-3709 HIGH - 7.3

A weakness has been identified in code-projects Simple Flight Ticket Booking System 1.0. This affects an unknown function of the file /register.php. Executing a manipulation of the argument Username can lead to sql injection. The attack may be launched remotely. The exploit has been made available t...

Vendor: carmelo
Product: simple_flight_ticket_booking_system
Published: Mar 08, 2026
Source: NVD
CVE-2026-3708 HIGH - 7.3

A security flaw has been discovered in code-projects Simple Flight Ticket Booking System 1.0. The impacted element is an unknown function of the file /login.php. Performing a manipulation of the argument Username results in sql injection. The attack may be initiated remotely. The exploit has been re...

Vendor: carmelo
Product: simple_flight_ticket_booking_system
Published: Mar 08, 2026
Source: NVD
CVE-2026-3705 HIGH - 7.3

A vulnerability was found in code-projects Simple Flight Ticket Booking System 1.0. This issue affects some unknown processing of the file /Adminsearch.php. The manipulation of the argument flightno results in sql injection. It is possible to launch the attack remotely. The exploit has been made pub...

Vendor: carmelo
Product: simple_flight_ticket_booking_system
Published: Mar 08, 2026
Source: NVD
CVE-2026-3701 HIGH - 8.8

A security vulnerability has been detected in H3C Magic B1 up to 100R004. Affected by this vulnerability is the function Edit_BasicSSID_5G of the file /goform/aspForm. Such manipulation of the argument param leads to buffer overflow. The attack can be executed remotely. The exploit has been disclose...

Vendor: h3c
Product: magic_b1_firmware
Published: Mar 08, 2026
Source: NVD
CVE-2026-3700 HIGH - 8.8

A weakness has been identified in UTT HiPER 810G up to 1.7.7-171114. Affected is the function strcpy of the file /goform/formConfigDnsFilterGlobal. This manipulation causes buffer overflow. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be ...

Vendor: utt
Product: 810g_firmware
Published: Mar 08, 2026
Source: NVD
CVE-2026-3699 HIGH - 8.8

A security flaw has been discovered in UTT HiPER 810G up to 1.7.7-171114. This impacts the function strcpy of the file /goform/formRemoteControl. The manipulation results in buffer overflow. The attack may be launched remotely. The exploit has been released to the public and may be used for attacks.

Vendor: utt
Product: 810g_firmware
Published: Mar 08, 2026
Source: NVD
CVE-2026-3698 HIGH - 8.8

A vulnerability was identified in UTT HiPER 810G up to 1.7.7-171114. This affects the function strcpy of the file /goform/NTP. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit is publicly available and might be used.

Vendor: utt
Product: 810g_firmware
Published: Mar 08, 2026
Source: NVD
CVE-2026-30910 HIGH - 7.5

Crypt::Sodium::XS versions through 0.001000 for Perl has potential integer overflows. Combined aead encryption, combined signature creation, and bin2hex functions do not check that output size will be less than SIZE_MAX, which could lead to integer wraparound causing an undersized output buffer. Th...

Vendor: IAMB
Product: Crypt::Sodium::XS
Published: Mar 08, 2026
Source: NVD
CVE-2026-3696 HIGH - 7.3

A vulnerability was found in Totolink N300RH 6..1c.1353_B20190305. The affected element is the function setWiFiWpsConfig of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation results in os command injection. The attack can be initiated remotely. The exploit has bee...

Vendor: totolink
Product: n300rh_firmware
Published: Mar 08, 2026
Source: NVD
CVE-2026-3693 HIGH - 7.3

A flaw has been found in Shy2593666979 AgentChat up to 2.3.0. This issue affects the function get_user_info/update_user_info of the file /src/backend/agentchat/api/v1/user.py of the component User Endpoint. This manipulation of the argument user_id causes improper control of resource identifiers. It...

Published: Mar 08, 2026
Source: NVD
CVE-2026-3679 HIGH - 8.8

A vulnerability was identified in Tenda FH451 1.0.0.9. Affected by this vulnerability is the function formQuickIndex of the file /goform/QuickIndex. Such manipulation of the argument mit_linktype/PPPOEPassword leads to stack-based buffer overflow. It is possible to launch the attack remotely. The ex...

Vendor: tenda
Product: f451_firmware
Published: Mar 07, 2026
Source: NVD