CVE ID :CVE-2026-33293 Published : March 22, 2026, 5:17 p.m. | 6 hours, 46 minutes ago Description :WWBN AVideo is an open source video platform. Prior to version 26.0, the `deleteDump` parameter in `plugin/CloneSite/cloneServer.json.php`…
CVE-2026-4553 – Tenda F453 Parameters Natlimit fromNatlimit stack-based overflow
CVE ID :CVE-2026-4553 Published : March 22, 2026, 4:16 p.m. | 7 hours, 47 minutes ago Description :A vulnerability was identified in Tenda F453 1.0.0.3. Impacted is the function fromNatlimit of the file /goform/Natlimit…
CVE-2026-4529 – D-Link DHP-1320 SOAP redirect_count_down_page stack-based overflow
CVE ID :CVE-2026-4529 Published : March 21, 2026, 11:16 p.m. | 59 minutes ago Description :A vulnerability was identified in D-Link DHP-1320 1.00WWB04. This affects the function redirect_count_down_page of the component SOAP Handler….
CVE-2026-3629 – Import and export users and customers <= 1.29.7 – Privilege Escalation to Administrator via save_extra_user_profile_fields
CVE ID :CVE-2026-3629 Published : March 21, 2026, 11:16 p.m. | 59 minutes ago Description :The Import and export users and customers plugin for WordPress is vulnerable to privilege escalation in all versions…
CVE-2019-25581 – i-doit CMDB 1.12 SQL Injection via objGroupID Parameter
CVE ID :CVE-2019-25581 Published : March 21, 2026, 4:16 p.m. | 8 hours ago Description :i-doit CMDB 1.12 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by…
CVE-2019-25580 – ownDMS 4.7 SQL Injection via pdfstream.php imagestream.php
CVE ID :CVE-2019-25580 Published : March 21, 2026, 4:16 p.m. | 8 hours ago Description :ownDMS 4.7 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting…
CVE-2019-25579 – phpTransformer 2016.9 Directory Traversal via jQueryFileUpload
CVE ID :CVE-2019-25579 Published : March 21, 2026, 4:16 p.m. | 8 hours ago Description :phpTransformer 2016.9 contains a directory traversal vulnerability that allows unauthenticated attackers to access arbitrary files by manipulating the…
CVE-2026-24060 – Automated Logic WebCTRL Premium Server Cleartext Transmission of Sensitive Information
CVE ID :CVE-2026-24060 Published : March 20, 2026, 11:19 p.m. | 57 minutes ago Description :Service information is not encrypted when transmitted as BACnet packets over the wire, and can be sniffed, intercepted,…
CVE-2026-33243 – barebox: FIT Signature Verification Bypass Vulnerability
CVE ID :CVE-2026-33243 Published : March 20, 2026, 11:16 p.m. | 59 minutes ago Description :barebox is a bootloader. In barebox from version 2016.03.0 to before version 2025.09.3 and from version 2025.10.0 to…
CVE-2026-33236 – NLTK has a Downloader Path Traversal Vulnerability (AFO) – Arbitrary File Overwrite
CVE ID :CVE-2026-33236 Published : March 20, 2026, 11:16 p.m. | 59 minutes ago Description :NLTK (Natural Language Toolkit) is a suite of open source Python modules, data sets, and tutorials supporting research…