CVE Vulnerability Catalog
Translated CVE descriptions from NVD NIST — in English
CISA KEV catalog updated: (v2026.07.07)
A stack-based buffer overflow vulnerability has been found in Tenda JD12L firmware version 16.03.53.23 in the formWifiBasicSet function of the /goform/WifiBasicSet file. An attacker can remotely exploit this flaw by manipulating the security_5g argument, potentially leading to arbitrary code execution.
A vulnerability was detected in Tenda JD12L 16.03.53.23, involving a stack-based buffer overflow in the fromSetWifiGusetBasic function of the /goform/WifiGuestSet file. An attacker can remotely exploit this by manipulating the shareSpeed argument.
A stack-based buffer overflow vulnerability has been detected in Tenda JD12L firmware version 16.03.53.23 in the formSetPPTPServer function of the /goform/SetPptpServerCfg file. Manipulation of the startIp argument allows remote exploitation. The exploit has been publicly disclosed and may be used.
A weakness has been identified in Chess Play and Learn App up to version 4.9.42 on Android, involving processing of AndroidManifest.xml in the com.chess component. This manipulation leads to exposure of backup file to an unauthorized control sphere. The attack requires physical access to the device.
A security flaw was discovered in MyScale MyScaleDB up to version 1.8.0 in the SegmentId::getCacheKey function within src/VectorIndex/Common/SegmentId.h. It involves insufficient verification of data authenticity, allowing remote attacks with high complexity. The exploit has been published, and a fix is pending acceptance.
A vulnerability was found in Databend up to version 1.2.881 on HTTP. The ClientSessionManager::state_key function in client_session_manager.rs allows authorization bypass. The attack can be performed remotely and the exploit is publicly available.
A vulnerability was found in VoltAgent up to version 2.1.17 in the Memory REST API component. The function handleGetMemoryConversation in memory.handlers.ts improperly authorizes access after manipulation of the conversationId argument. The attack can be performed remotely but is difficult to exploit due to high complexity.
A vulnerability was found in SimStudioAI sim up to version 0.6.92 in the password protection handler component (apps/sim/lib/core/security/deployment.ts). Manipulation leads to use of a weak hash, enabling a remote attack with high complexity. The exploit has been made public and a fix is pending.
A vulnerability was found in RAGapp up to version 0.1.5 in the FileHandler.upload_file/FileHandler.remove_file function in src/ragapp/backend/controllers/files.py. This flaw allows remote path traversal attacks.
A vulnerability was found in khoj-ai khoj up to version 2.0.0-beta.28 in the Conversation Sharing Handler function in src/khoj/routers/api_chat.py. Manipulation of the conversation.agent argument causes incorrect authorization, allowing remote exploitation without authentication.
A vulnerability was found in the Local VectorDB Primary-key Label Handler component of OpenViking up to version 0.3.21, where insufficient verification of data authenticity occurs when processing the ID argument in the str_to_uint64 function. The attack can be launched remotely but is highly complex and difficult to exploit.
The JoomCCK extension for Joomla exposes a front-end controller task that builds two SQL statements by directly concatenating a user-supplied request parameter into the query string without escaping or parameterization.
A cross-site scripting vulnerability was found in Project Management System 1.0 in the /mail.php file (Mail Compose Page). The attack can be performed remotely and exploit details are publicly available.
A path traversal vulnerability was found in ANTLR4 up to version 4.13.2 in the getImportedVocabFile function of TokenVocabParser.java. The attack can be executed remotely and the exploit is publicly available.
A time-of-check time-of-use (TOCTOU) vulnerability has been found in ANTLR4 up to version 4.13.2 in the ObjectInputStream.readObject function of the GrammarDependencies.java file in the Maven Plugin component. The attack requires local access and is difficult to exploit, but an exploit has been published.
A vulnerability was found in ANTLR4 up to 4.13.2, affecting the GoTarget function in GoTarget.java. A local attacker can inject commands via the gofmt component, leading to unauthorized operations.
A vulnerability has been found in ANTLR4 up to version 4.13.2 in the grammar action block handler function within OutputFile.java. Input manipulation can lead to remote code injection. A public exploit is available for attacks.
A stored XSS vulnerability was found in the yashpokharna2555 restaurant management system in login_register.php. Manipulating the Username parameter in the Registration Handler allows remote script execution. The exploit is public and the vendor has not responded.
SQL Injection vulnerability in yashpokharna2555 restaurant-management-system. An attacker can remotely manipulate the 'email' argument in /forgotpassword.php, leading to SQL injection. Exploit is publicly available.
A SQL injection vulnerability was found in itsourcecode Hospital Management System 1.0 in the file /appointment.php. An unknown function mishandles the editid argument, allowing remote SQL injection. The exploit has been publicly disclosed and may be used.

