A vulnerability was found in code-projects Online Music Site 1.0 and classified as problematic. This affects an unknown part of the file /Frontend/Feedback.php of the component POST Request Handler. The manipulation of the argument fname/femail/faddress/fmessage results in cross site scripting.
This vulnerability is cataloged as CVE-2026-13567. The attack may be launched remotely. Furthermore, there is an exploit available.
A vulnerability was found in itsourcecode Hospital Management System 1.0. It has been classified as critical. The impacted element is an unknown function of the file /appointment.php. This manipulation of the argument editid causes sql injection.
This vulnerability is handled as CVE-2026-13497. The attack can be initiated remotely. Additionally, an exploit exists.
A vulnerability was found in yashpokharna2555 restaurent-management-system. It has been declared as critical. This affects an unknown function of the file /forgotpassword.php of the component POST Parameter Handler. Such manipulation of the argument email leads to sql injection.
This vulnerability is uniquely identified as CVE-2026-13498. The attack can be launched remotely. Moreover, an exploit is present.
This product does not use versioning. This is why information about affected and unaffected releases are unavailable.
The project was informed of the problem early through an issue report but has not responded yet.
A vulnerability was found in yashpokharna2555 restaurent-management-system. It has been rated as problematic. This impacts an unknown function of the file login_register.php of the component Registration Handler. Performing a manipulation of the argument Username results in cross site scripting.
This vulnerability was named CVE-2026-13499. The attack may be initiated remotely. In addition, an exploit is available.
This product uses a rolling release model to deliver continuous updates. As a result, specific version information for affected or updated releases is not available.
The project was informed of the problem early through an issue report but has not responded yet.
A vulnerability described as problematic has been identified in code-projects Project Management System 1.0. This vulnerability affects unknown code of the file /mail.php of the component Mail Compose Page. Such manipulation leads to cross site scripting.
This vulnerability is listed as CVE-2026-13504. The attack may be performed from remote. In addition, an exploit is available.
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter More Than 4,000 Legacy Routers Compromised by AryStinger, Turned into Global Attack Proxies for Hackers A VBScript campaign distributed through WhatsApp deploying RMM software Lost in relocation: analysis of a new loader distributing CASTLESTEALER […]
A vulnerability classified as critical has been found in Linux Kernel up to 6.1.175/6.6.142/6.12.93/6.18.35/7.0.12. Impacted is the function hugetlb_update_hwpoison of the file hugetlb.c of the component mm. Performing a manipulation results in deadlock.
This vulnerability is known as CVE-2026-53207. Access to the local network is required for this attack. No exploit is available.
It is recommended to upgrade the affected component.
A vulnerability, which was classified as critical, was found in Linux Kernel up to 7.0.12. The affected element is the function min_t of the component drm. Such manipulation leads to out-of-bounds read.
This vulnerability is documented as CVE-2026-53136. The attack requires being on the local network. There is not any exploit available.
You should upgrade the affected component.
A vulnerability was found in Linux Kernel up to 7.0.12. It has been declared as critical. Impacted is the function isert_login_recv_done of the file drivers/infiniband/ulp/isert/ib_isert.c of the component IB. Executing a manipulation of the argument negative can lead to out-of-bounds read.
This vulnerability appears as CVE-2026-53176. The attack may be performed from remote. There is no available exploit.
It is recommended to upgrade the affected component.
A vulnerability, which was classified as critical, has been found in Linux Kernel up to 7.0.12. The impacted element is the function tlv_data_is_valid of the component Bluetooth. The manipulation of the argument length leads to out-of-bounds read.
This vulnerability is uniquely identified as CVE-2026-53255. The attack can only be initiated within the local network. No exploit exists.
It is advisable to upgrade the affected component.