Common Vulnerabilities and Exposures (CVE)

CVE-2022-37772

Jul 5, 2026 00:08:08 UTC

Maarch RM 2.8.3 solution contains an improper restriction of excessive authentication attempts due to excessive verbose responses from the application. An unauthenticated remote attacker could potentially exploit this vulnerability, leading...

CVE-2022-44194

Jul 5, 2026 00:08:04 UTC

Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow via parameters apmode_dns1_pri and apmode_dns1_sec.

CVE-2022-40842

Jul 5, 2026 00:07:54 UTC

ndk design NdkAdvancedCustomizationFields 3.5.0 is vulnerable to Server-side request forgery (SSRF) via rotateimg.php.

CVE-2021-46114

Jul 5, 2026 00:07:50 UTC

jpress v 4.2.0 is vulnerable to RCE via io.jpress.module.product.ProductNotifyKit#doSendEmail. The admin panel provides a function through which attackers can edit the email templates and inject some malicious code.

CVE-2021-45807

Jul 5, 2026 00:07:45 UTC

jpress v4.2.0 is vulnerable to command execution via io.jpress.web.admin._AddonController::doUploadAndInstall.

CVE-2021-36667

Jul 5, 2026 00:07:41 UTC

Command injection vulnerability in Druva inSync 6.9.0 for MacOS, allows attackers to execute arbitrary commands via crafted payload to the local HTTP server due to un-sanitized call to the python os.system library.

CVE-2021-42637

Jul 5, 2026 00:07:37 UTC

PrinterLogic Web Stack versions 19.1.1.13 SP9 and below use user-controlled input to craft a URL, resulting in a Server Side Request Forgery (SSRF) vulnerability.

CVE-2020-35854

Jul 5, 2026 00:07:33 UTC

Textpattern 4.8.4 is affected by cross-site scripting (XSS) in the Body parameter.

CVE-2022-26987

Jul 5, 2026 00:07:28 UTC

TP-Link TL-WDR7660 2.0.30, Mercury D196G 20200109_2.0.4, and Fast FAC1900R 20190827_2.0.2 routers have a stack overflow issue in `MmtAtePrase` function. Local users could get remote code execution.

CVE-2022-26988

Jul 5, 2026 00:07:24 UTC

TP-Link TL-WDR7660 2.0.30, Mercury D196G 20200109_2.0.4, and Fast FAC1900R 20190827_2.0.2 routers have a stack overflow issue in `MntAte` function. Local users could get remote code execution.

CVE-2021-29046

Jul 5, 2026 00:07:20 UTC

Cross-site scripting (XSS) vulnerability in the Asset module's category selector input field in Liferay Portal 7.3.5 and Liferay DXP 7.3 before fix pack 1, allows remote attackers to inject arbitrary web script or HTML via the _com_liferay_...

CVE-2020-27376

Jul 5, 2026 00:07:16 UTC

Dr Trust USA iCheck Connect BP Monitor BP Testing 118 version 1.2.1 is vulnerable to Missing Authentication.

CVE-2021-26787

Jul 5, 2026 00:07:08 UTC

A cross site scripting (XSS) vulnerability in Genesys Workforce Management 8.5.214.20 can occur (during record deletion) via the Time-off parameter.

CVE-2022-23352

Jul 5, 2026 00:06:58 UTC

An issue in BigAnt Software BigAnt Server v5.6.06 can lead to a Denial of Service (DoS).

CVE-2022-26646

Jul 5, 2026 00:06:50 UTC

Online Banking System Protect v1.0 was discovered to contain a local file inclusion (LFI) vulnerability via the pages parameter.