A Qualcomm chipset vulnerability (CVE-2026-21385) causes memory corruption through improper integer handling during memory allocation, enabling local privilege escalation to kernel level. KEV-listed and patched, this vulnerability affects Qualcomm-based mobile devices and embedded systems, potentially impacting billions of Android devices globally.
Tenda AC15 router has a code injection in formsetUsbUnload (EPSS 1.7%) enabling unauthenticated remote code execution.
Tenda AC15 router has a command injection in formSetIptv (EPSS 1.1%) enabling unauthenticated root-level code execution.
Tenda W20E router has a code injection vulnerability in usbPartitionName parameter allowing unauthenticated remote code execution with EPSS 1.1%.
Chamilo LMS prior to 1.11.28 has a code injection through SOAP request parameters enabling remote code execution.
Twenty CRM v1.15.0 has a code injection vulnerability enabling remote attackers to execute arbitrary code through the CRM platform.
Tenda W20E has a ninth buffer overflow in yet another CGI endpoint.
Tenda W20E has an eighth buffer overflow in addDhcpRules parameter.
Tenda W20E has a seventh buffer overflow in gstup parameter handling.
Tenda W20E has a sixth buffer overflow in pPortMapIndex parameter validation.
Tenda W20E has a fifth buffer overflow.
Tenda W20E has a fourth buffer overflow vulnerability.
Tenda W20E has a third buffer overflow in a different CGI parameter.
Tenda W20E has a buffer overflow — second of eight critical vulnerabilities in this router firmware.
Simple Food Order System v1.0 has SQL injection in cancel-order.
Simple Food Order System v1.0 has SQL injection in view-ticket-admin.
Simple Food Order System v1.0 has SQL injection in view-ticket.
Simple Food Order System v1.0 has SQL injection in edit-order.
Simple Gym Management System v1.0 has SQL injection in trainer search.
Pharmacy POS has a fifth SQL injection in view_sales.
Pharmacy POS has a fourth SQL injection in view_reports.
Pharmacy POS has a third SQL injection in view_products.
Pharmacy POS has a second SQL injection in view_categories.
Pharmacy Point of Sale System v1.0 has SQL injection in manage endpoints.
Personnel Property Equipment System has a fourth SQL injection.
Personnel Property Equipment System v1.0 has a third SQL injection.
Personnel Property Equipment System v1.0 has a second SQL injection in a different admin endpoint.
Personnel Property Equipment System v1.0 has SQL injection in admin panel.
Simple Student Alumni System v1.0 has a third SQL injection.
Simple Student Alumni System v1.0 has SQL injection in record_search.php.
Simple Student Alumni System v1.0 has SQL injection in modal_view.php.
Chamilo LMS prior to 1.11.30 has a time-based SQL injection in a different endpoint, providing an additional database extraction vector.
Chamilo LMS prior to 1.11.30 has an error-based SQL injection enabling database extraction.
Chamilo LMS prior to 1.11.30 has a blind SSRF vulnerability enabling internal network reconnaissance from the learning platform.
Remote code execution in Tenda AC15 firmware versions up to 15.13.07.13 via a stack-based buffer overflow in the /goform/TextEditingConversion endpoint allows unauthenticated attackers to achieve complete system compromise. Public exploit code exists for this vulnerability, and no patch is currently available, creating immediate risk for deployed devices. An attacker can exploit this remotely with minimal complexity by manipulating the wpapsk_crypto2_4g parameter.
Chamilo is a learning management system. [CVSS 8.8 HIGH]
Chamilo is a learning management system. Prior to version 1.11.30, an input validation vulnerability exists when importing user data from CSV files. [CVSS 8.8 HIGH]
ZimaOS 1.5.2-beta3 lacks proper path validation in its API, allowing authenticated users to bypass frontend restrictions and write files to protected system directories such as /etc and /usr. Public exploit code exists for this vulnerability, enabling attackers with valid credentials to modify critical OS files and potentially achieve code execution. No patch is currently available.
Chamilo is a learning management system. Prior to version 1.11.30, a Stored XSS vulnerability exists in the glossary function, enabling all users with the Teachers role to inject JavaScript malicious code against the administrator. [CVSS 8.3 HIGH]
Out-of-bounds read in Exiv2's CRW image parser allows remote attackers to cause denial of service and potentially disclose sensitive memory contents through crafted image files. Versions prior to 0.28.8 are affected, and public exploit code exists for this vulnerability. A patch is available that administrators should deploy immediately to prevent exploitation.
Textream prior to version 1.5.1 fails to validate the Origin header during WebSocket handshake, allowing malicious websites to establish unauthorized connections to the local DirectorServer and inject arbitrary commands. An attacker can exploit this from a browser to gain full remote control of teleprompter content without user interaction beyond visiting a compromised page. Public exploit code exists for this vulnerability; updating to version 1.5.1 or later resolves the issue.
An issue was discovered in /goform/WifiWpsStart in Tenda AC6V2.0 V15.03.06.23_multi. The index and mode are controllable. [CVSS 7.5 HIGH]
Chamilo is a learning management system. Chamillo is affected by a post-authentication phar unserialize which leads to a remote code execution (RCE) within versions 1.11.12 to 1.11.26. [CVSS 7.2 HIGH]
Chamilo is a learning management system. Prior to version 1.11.30, there is an OS Command Injection vulnerability in /main/admin/sub_language_ajax.inc.php via the POST new_language parameter. [CVSS 7.2 HIGH]
Chamilo is a learning management system. Prior to version 1.11.30, there is an OS Command Injection vulnerability in /plugin/vchamilo/views/manage.controller.php. [CVSS 7.2 HIGH]
Chamilo is a learning management system. Prior to version 1.11.30, there is an OS Command Injection vulnerability in /main/cron/lang/check_parse_lang.php. [CVSS 7.2 HIGH]
Chamilo is a learning management system. Prior to version 1.11.30, there is an OS command Injection vulnerability in /plugin/vchamilo/views/import.php with the POST to_main_database parameter. [CVSS 7.2 HIGH]
Chamilo is a learning management system. Prior to version 1.11.30, there is an OS Command Injection vulnerability in /plugin/vchamilo/views/editinstance.php via the POST main_database parameter. [CVSS 7.2 HIGH]
Arbitrary code execution in Personnel Property Equipment System v1.0 allows authenticated attackers with high privileges to execute malicious code through the admin picture upload functionality. Public exploit code exists for this vulnerability, and no patch is currently available. Attackers can achieve complete compromise of confidentiality, integrity, and availability on affected systems.
Chamilo is a learning management system. [CVSS 7.2 HIGH]