Aggregator

CVE-2026-22558 | Ubiquiti UniFi Network Application up to 9.0.117/10.1.88/10.2.96 NoSQL data query logic injection (WID-SEC-2026-0784)

VulDB Recent Entries
1 week 2 days ago
A vulnerability marked as critical has been reported in Ubiquiti UniFi Network Application up to 9.0.117/10.1.88/10.2.96. Impacted is an unknown function of the component NoSQL. The manipulation leads to improper neutralization of special elements in data query logic. This vulnerability is traded as CVE-2026-22558. It is possible to initiate the attack remotely. There is no exploit available. It is suggested to upgrade the affected component.
vuldb.com

CVE-2026-22557 | Ubiquiti UniFi Network Application up to 9.0.117/10.1.88/10.2.96 path traversal (WID-SEC-2026-0784)

VulDB Recent Entries
1 week 2 days ago
A vulnerability identified as critical has been detected in Ubiquiti UniFi Network Application up to 9.0.117/10.1.88/10.2.96. This vulnerability affects unknown code. Performing a manipulation results in path traversal. This vulnerability is reported as CVE-2026-22557. The attack is possible to be carried out remotely. No exploit exists. You should upgrade the affected component.
vuldb.com

CVE-2026-4427 | Red Hat Assisted Installer for OpenShift Container Platform 2 pgproto3 array index

VulDB Recent Entries
1 week 2 days ago
A vulnerability was found in Red Hat Assisted Installer for OpenShift Container Platform 2, Multicluster Engine for Kubernetes, Multicluster Global Hub, Advanced Cluster Management for Kubernetes 2, Advanced Cluster Security 4, Enterprise Linux 10, Enterprise Linux 8, Enterprise Linux 9, OpenShift AI, OpenShift Cluster Manager CLI, OpenShift Container Platform 4, OpenShift on AWS, Quay 3 and Trusted Artifact Signer. It has been rated as problematic. Affected by this issue is some unknown functionality of the component pgproto3. This manipulation causes improper validation of array index. This vulnerability is registered as CVE-2026-4427. Remote exploitation of the attack is possible. No exploit is available.
vuldb.com

CISA Urges Organizations to Secure Microsoft Intune Environments Following Stryker Breach

Cyber Security News
1 week 2 days ago

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert urging organizations to harden their endpoint management system configurations following a cyberattack on Stryker Corporation, a U.S.-based medical technology firm, on March 11, 2026. The attack targeted Stryker’s Microsoft environment and has prompted CISA to coordinate with the Federal Bureau of Investigation […]

The post CISA Urges Organizations to Secure Microsoft Intune Environments Following Stryker Breach appeared first on Cyber Security News.

Abinaya

CVE-2026-32843 | LinkItONEDevGroup Location Aware Sensor System up to f06bd20 URL PM25.php cross site scripting

VulDB Recent Entries
1 week 2 days ago
A vulnerability was found in LinkItONEDevGroup Location Aware Sensor System up to f06bd20. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file PM25.php of the component URL Handler. The manipulation results in cross site scripting. This vulnerability is cataloged as CVE-2026-32843. The attack may be launched remotely. There is no exploit available.
vuldb.com

INC

Dark Feed IO
1 week 2 days ago

You must login to view this content

cohenido

CVE-2026-32117 | ekacnet grafanacubism-panel up to 0.1.2 cubism.js assign cross site scripting (GHSA-q6fh-6m3m-5948)

Vuldb Updates
1 week 2 days ago
A vulnerability categorized as problematic has been discovered in ekacnet grafanacubism-panel up to 0.1.2. This affects the function assign of the file cubism.js. Executing a manipulation can lead to cross site scripting. This vulnerability appears as CVE-2026-32117. The attack may be performed from remote. There is no available exploit. It is best practice to apply a patch to resolve this issue.
vuldb.com

CVE-2019-25482 | Jettweb Hazir Rent A Car Sitesi Scripti 2.0 POST Request arac_kategori_id sql injection (Exploit 46624)

Vuldb Updates
1 week 2 days ago
A vulnerability was found in Jettweb Hazir Rent A Car Sitesi Scripti 2.0. It has been rated as critical. Affected is an unknown function of the component POST Request Handler. Performing a manipulation of the argument arac_kategori_id results in sql injection. This vulnerability is cataloged as CVE-2019-25482. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2019-25488 | Jettweb Rent A Car Scripti 4.0 GET Parameter admin/index.php tur/id/ozellikdil sql injection (Exploit 46614)

Vuldb Updates
1 week 2 days ago
A vulnerability categorized as critical has been discovered in Jettweb Rent A Car Scripti 4.0. Affected by this vulnerability is an unknown functionality of the file admin/index.php of the component GET Parameter Handler. Executing a manipulation of the argument tur/id/ozellikdil can lead to sql injection. This vulnerability is registered as CVE-2019-25488. It is possible to launch the attack remotely. Furthermore, an exploit is available.
vuldb.com

CVE-2019-25508 | Jettweb Hazir Ilan Sitesi Scripti 2.0 katgetir.php kat sql injection (Exploit 46606)

Vuldb Updates
1 week 2 days ago
A vulnerability identified as critical has been detected in Jettweb Hazir Ilan Sitesi Scripti 2.0. Affected by this issue is some unknown functionality of the file katgetir.php. The manipulation of the argument kat leads to sql injection. This vulnerability is documented as CVE-2019-25508. The attack can be initiated remotely. Additionally, an exploit exists.
vuldb.com

Managed ad