Security
CVE Feed
Latest vulnerabilities from the National Vulnerability Database.
13055
Total
867
Critical
3775
High
4128
Medium
| CVE ID | Severity | Score | Description | Published |
|---|---|---|---|---|
| CVE-2025-15441 | MEDIUM | 6.8 | The Form Maker by 10Web WordPress plugin before 1.15.38 does not properly prepare SQL queries when the "MySQL Mapping" feature is in use, which could … | Apr 13, 2026 |
| CVE-2026-6165 | HIGH | 7.3 | A weakness has been identified in code-projects Vehicle Showroom Management System 1.0. This vulnerability affects unknown code of the file /util/Login_check.php. Executing a manipulation of … | Apr 13, 2026 |
| CVE-2026-6164 | HIGH | 7.3 | A security flaw has been discovered in code-projects Lost and Found Thing Management 1.0. This affects an unknown part of the file /addcat.php. Performing a … | Apr 13, 2026 |
| CVE-2026-6163 | HIGH | 7.3 | A vulnerability was identified in code-projects Lost and Found Thing Management 1.0. Affected by this issue is some unknown functionality of the file /catageory.php. Such … | Apr 13, 2026 |
| CVE-2026-40447 | MEDIUM | 5.1 | Integer overflow or wraparound vulnerability in Samsung Open Source Escargot allows undefined behavior.This issue affects Escargot: 97e8115ab1110bc502b4b5e4a0c689a71520d335. | Apr 13, 2026 |
| CVE-2026-21014 | UNKNOWN | — | Improper access control in Samsung Camera prior to version 16.5.00.28 allows local attacker to access location data. User interaction is required for triggering this vulnerability. | Apr 13, 2026 |
| CVE-2026-21013 | UNKNOWN | — | Incorrect default permission in Galaxy Wearable prior to version 2.2.68.26 allows local attackers to access sensitive information. | Apr 13, 2026 |
| CVE-2026-21012 | LOW | 3.3 | External control of file name in AODManager prior to SMR Apr-2026 Release 1 allows privileged local attacker to create file with system privilege. | Apr 13, 2026 |
| CVE-2026-21011 | MEDIUM | 6.8 | Incorrect privilege assignment in Bluetooth in Maintenance mode prior to SMR Apr-2026 Release 1 allows physical attackers to bypass Extend Unlock. | Apr 13, 2026 |
| CVE-2026-21010 | MEDIUM | 6.6 | Improper input validation in Retail Mode prior to SMR Apr-2026 Release 1 allows local attackers to trigger privileged functions. | Apr 13, 2026 |
| CVE-2026-21009 | UNKNOWN | — | Improper check for exceptional conditions in Recents prior to SMR Apr-2026 Release 1 allows physical attacker to bypass App Pinning. | Apr 13, 2026 |
| CVE-2026-21008 | MEDIUM | 6.5 | Exposure of sensitive information in S Share prior to SMR Apr-2026 Release 1 allows adjacent attacker to access sensitive information. | Apr 13, 2026 |
| CVE-2026-21007 | MEDIUM | 6.8 | Improper check for exceptional conditions in Device Care prior to SMR Apr-2026 Release 1 allows physical attackers to bypass Knox Guard. | Apr 13, 2026 |
| CVE-2026-21006 | LOW | 2.4 | Improper access control in Samsung DeX prior to SMR Apr-2026 Release 1 allows physical attackers to access to hidden notification contents. | Apr 13, 2026 |
| CVE-2026-6162 | LOW | 3.5 | A vulnerability has been found in PHPGurukul Company Visitor Management System 2.0. This impacts an unknown function of the file /bwdates-reports-details.php. The manipulation of the … | Apr 13, 2026 |
| CVE-2026-6161 | HIGH | 7.3 | A vulnerability was determined in code-projects Simple ChatBox up to 1.0. This affects an unknown part of the file /chatbox/insert.php of the component Endpoint. Executing … | Apr 13, 2026 |
| CVE-2026-6160 | MEDIUM | 5.3 | A vulnerability was found in code-projects Simple ChatBox 1.0. Affected by this issue is the function SimpleChatbox_PHP of the file chatbox.sql of the component Endpoint. … | Apr 13, 2026 |
| CVE-2026-6159 | MEDIUM | 4.3 | A vulnerability has been found in code-projects Simple ChatBox up to 1.0. Affected by this vulnerability is an unknown functionality of the file /chatbox/insert.php of … | Apr 13, 2026 |
| CVE-2026-6158 | HIGH | 7.3 | A flaw has been found in Totolink N300RH 6.1c.1353_B20190305. Affected is the function setUpgradeUboot of the file upgrade.so. This manipulation of the argument FileName causes … | Apr 13, 2026 |
| CVE-2026-40446 | MEDIUM | 6.9 | Access of resource using incompatible type ('type confusion') vulnerability in Samsung Open Source Escargot allows Pointer Manipulation.This issue affects Escargot: 97e8115ab1110bc502b4b5e4a0c689a71520d335. | Apr 13, 2026 |
| CVE-2026-35553 | MEDIUM | 6.7 | Bluetooth ACPI Drivers provided by Dynabook Inc. contain a stack-based buffer overflow vulnerability. An attacker may execute arbitrary code by modifying certain registry values. | Apr 13, 2026 |
| CVE-2026-34864 | MEDIUM | 6.8 | Boundary-unlimited vulnerability in the application read module. Impact: Successful exploitation of this vulnerability may affect availability. | Apr 13, 2026 |
| CVE-2026-34863 | MEDIUM | 6.7 | Out-of-bounds write vulnerability in the file system. Impact: Successful exploitation of this vulnerability may affect availability. | Apr 13, 2026 |
| CVE-2026-34862 | MEDIUM | 6.3 | Race condition vulnerability in the power consumption statistics module. Impact: Successful exploitation of this vulnerability may affect availability. | Apr 13, 2026 |
| CVE-2026-34861 | MEDIUM | 6.3 | Race condition vulnerability in the thermal management module. Impact: Successful exploitation of this vulnerability may affect availability. | Apr 13, 2026 |