Common Vulnerabilities and Exposures (CVE)

CVE-2022-24992

Jul 4, 2026 23:43:21 UTC

A vulnerability in the component process.php of QR Code Generator v5.2.7 allows attackers to perform directory traversal.

CVE-2022-31384

Jul 4, 2026 23:43:17 UTC

Directory Management System v1.0 was discovered to contain a SQL injection vulnerability via the fullname parameter in add-directory.php.

CVE-2021-45420

Jul 4, 2026 23:43:13 UTC

Emerson Dixell XWEB-500 products are affected by arbitrary file write vulnerability in /cgi-bin/logo_extra_upload.cgi, /cgi-bin/cal_save.cgi, and /cgi-bin/lo_utils.cgi. An attacker will be able to write any file on the target system without...

CVE-2020-21818

Jul 4, 2026 23:43:08 UTC

A heap based buffer overflow vulnerability exists in GNU LibreDWG 0.10.2641 via htmlescape ../../programs/escape.c:48.

CVE-2021-42216

Jul 4, 2026 23:43:04 UTC

A Broken or Risky Cryptographic Algorithm exists in AnonAddy 0.8.5 via VerificationController.php.

CVE-2021-43159

Jul 4, 2026 23:43:00 UTC

A Remote Code Execution (RCE) vulnerability exists in Ruijie Networks Ruijie RG-EW Series Routers up to ReyeeOS 1.55.1915 / EW_3.0(1)B11P55 via the setSessionTime function in /cgi-bin/luci/api/common..

CVE-2021-42638

Jul 4, 2026 23:42:56 UTC

PrinterLogic Web Stack versions 19.1.1.13 SP9 and below do not sanitize user input resulting in pre-auth remote code execution.

CVE-2020-26679

Jul 4, 2026 23:42:51 UTC

vFairs 3.3 is affected by Insecure Permissions. Any user logged in to a vFairs virtual conference or event can modify any other users profile information or profile picture. After receiving any user's unique identification number and their ...

CVE-2022-35192

Jul 4, 2026 23:42:47 UTC

D-Link Wireless AC1200 Dual Band VDSL ADSL Modem Router DSL-3782 Firmware v1.01 allows unauthenticated attackers to cause a Denial of Service (DoS) via the User parameter or Pwd parameter to Login.asp.

CVE-2020-24913

Jul 4, 2026 23:42:43 UTC

A SQL injection vulnerability in qcubed (all versions including 3.1.1) in profile.php via the strQuery parameter allows an unauthenticated attacker to access the database by injecting SQL code via a crafted POST request.

CVE-2021-44087

Jul 4, 2026 23:42:38 UTC

A Remote Code Execution (RCE) vulnerability exists in Sourcecodester Attendance and Payroll System v1.0 which allows an unauthenticated remote attacker to upload a maliciously crafted PHP via photo upload.

CVE-2022-30426

Jul 4, 2026 23:42:34 UTC

There is a stack buffer overflow vulnerability, which could lead to arbitrary code execution in UEFI DXE driver on some Acer products. An attack could exploit this vulnerability to escalate privilege from ring 3 to ring 0, and hijack contro...

CVE-2021-36582

Jul 4, 2026 23:42:30 UTC

In Kooboo CMS 2.1.1.0, it is possible to upload a remote shell (e.g., aspx) to the server and then call upon it to receive a reverse shell from the victim server. The files are uploaded to /Content/Template/root/reverse-shell.aspx and can b...

CVE-2021-34201

Jul 4, 2026 23:42:27 UTC

D-Link DIR-2640-US 1.01B04 is vulnerable to Buffer Overflow. There are multiple out-of-bounds vulnerabilities in some processes of D-Link AC2600(DIR-2640). Local ordinary users can overwrite the global variables in the .bss section, causing...

CVE-2022-37146

Jul 4, 2026 23:42:22 UTC

The PlexTrac platform prior to version 1.28.0 allows for username enumeration via HTTP response times on invalid login attempts for users configured to use the PlexTrac authentication provider. Login attempts for valid, unlocked users confi...