CVE Vulnerability Catalog
Translated CVE descriptions from NVD NIST — in English
CISA KEV catalog updated: (v2026.07.07)
In the Linux kernel, the AVX2 implementation for netfilter pipapo sets has a bug that returns non-matching entries on expiry. The issue occurs when AVX2 match functions prematurely stop processing the last field, leaving stale bits in the map, leading to false element clash reports.
W jądrze systemu Linux zidentyfikowano podatność, która prowadzi do dostępu poza granice tablicy dev->_tx[], gdy trace->type.bit6 jest ustawione, a is_input jest prawdziwe. Problem ten występuje, gdy urządzenie wejściowe ma więcej kolejek RX niż urządzenie wyjściowe TX.
Missing invocation of the session ID change method after session binding in Apache Wicket can be exploited for a session fixation attack.
Heap-based buffer overflow vulnerability in the mod_proxy_ajp module of Apache HTTP Server. If mod_proxy_ajp connects to a malicious AJP server, this AJP server can send a malicious AJP message back to mod_proxy_ajp and cause it to write 4 attacker-controlled bytes after the end of a heap-based buffer.
In CoreDNS prior to version 1.14.3, the gRPC, QUIC, DoH, and DoH3 transport implementations incorrectly handle TSIG authentication. For gRPC and QUIC, the server checks the TSIG key name but never validates the HMAC, allowing authentication with any MAC. For DoH and DoH3, the server never inspects the TSIG record at all, treating any request with a TSIG record as authenticated.
Masa CMS is an open source content management system that, in versions 7.2.0 through 7.2.9, 7.3.0 through 7.3.14, 7.4.0 through 7.4.9, and 7.5.0 through 7.5.2, has a vulnerability in the unauthenticated JSON API. The altTable parameter is stored without validation, allowing an attacker to inject arbitrary SQL subqueries, enabling access to sensitive data in the database.
Masa CMS has a SQL injection vulnerability in the beanFeed.cfc component in versions 7.2.0-7.2.9, 7.3.0-7.3.14, 7.4.0-7.4.9, and 7.5.0-7.5.2. The sortDirection parameter is concatenated directly into SQL queries without sanitization, allowing attackers to remotely extract sensitive information or modify data.
Masa CMS is an open source content management system. In versions 7.5.2 and earlier, a SQL injection vulnerability exists in the beanFeed.cfc component within the getQuery function's processing of the sortBy parameter. The application fails to properly sanitize this input, allowing an unauthenticated remote attacker to execute arbitrary SQL commands.
PhpSpreadsheet is a library for reading and writing spreadsheet files. In versions 1.30.2 and earlier, 2.0.0 through 2.1.14, 2.2.0 through 2.4.3, 3.3.0 through 3.10.3, and 4.0.0 through 5.5.0, an attacker can supply a PHP stream wrapper path, which can lead to remote code execution.
A vulnerability has been detected in D-Link DI-8100 version 16.07.26A1, affecting the url_rule_asp function in the /url_rule.asp file of the POST Parameter Handler component. Manipulation of this function leads to buffer overflow.
Kestra v1.3.3 and earlier is vulnerable to SQL Injection. The vulnerability occurs because user-controlled input from a GET parameter is directly concatenated into an SQL query without proper sanitization or parameterization.
In OpenCTI, versions 6.6.0 through 6.9.12, there is a privilege escalation vulnerability that can be exploited by unauthenticated attackers to query the API as any existing user, including the default admin account.
A weakness has been identified in D-Link DI-8100 version 16.07.26A1, affecting the sprintf function in the /auto_reboot.asp file of the HTTP Handler component. Manipulation of the enable/time argument leads to buffer overflow, allowing for remote attack initiation.
ERPNext v15.103.1 and earlier is vulnerable to Server-Side Template Injection (SSTI). An attacker with permission to create or edit email templates can inject template expressions that are executed on the server when the template is rendered.
OpenCMS v20 and before is vulnerable to XML External Entity (XXE) in the Admin Import DB feature due to insecure XML parsing of user supplied .zip files containing a manifest.xml.
In Eclipse BaSyx Java Server SDK versions prior to 2.0.0-milestone-10, inadequate path normalization in the Submodel HTTP API allows an unauthenticated remote attacker to perform a path traversal attack. An attacker can supply a maliciously crafted fileName parameter during a file upload operation, allowing arbitrary files to be written to any location on the host filesystem.
W jądrze systemu Linux zidentyfikowano podatność związana z odczytem poza granicami (OOB) w dentry_hashtable, gdy użytkownik ustawia 'dhash_entries=1'. Problem ten prowadzi do błędu strony w trybie jądra, co może skutkować nieprzewidzianym dostępem do pamięci.
A vulnerability in the Linux kernel related to the ext4 filesystem has been resolved, concerning the handling of wraparound when searching for blocks for indirect mapped files. A code change restricts block allocation to numbers fitting within 32-bit block numbers.
A vulnerability has been detected in EFM ipTIME NAS1dual 1.5.24 affecting the function get_csrf_whites in the file /cgi/advanced/misc_main.cgi. Manipulation of this function leads to stack-based buffer overflow.
An unauthenticated OS command injection vulnerability exists in the GoAhead web server on MeiG Smart FORGE_SLT711 devices (firmware MDM9607.LE.1.0-00110-STD.PROD-1). The attack is possible via the /action/SetRemoteAccessCfg endpoint.

