CVE ID :CVE-2015-20120 Published : March 15, 2026, 6:35 p.m. | 5 hours, 30 minutes ago Description :Next Click Ventures RealtyScript 4.0.2 contains multiple time-based blind SQL injection vulnerabilities that allow unauthenticated attackers to…
CVE-2017-20220 – Serviio PRO 1.8 Unauthenticated Password Change via REST API
CVE ID :CVE-2017-20220 Published : March 15, 2026, 6:34 p.m. | 5 hours, 31 minutes ago Description :Serviio PRO 1.8 contains an improper access control vulnerability in the Configuration REST API that allows unauthenticated…
CVE-2017-20218 – Serviio PRO 1.8 Local Privilege Escalation via Unquoted Path
CVE ID :CVE-2017-20218 Published : March 15, 2026, 6:34 p.m. | 5 hours, 31 minutes ago Description :Serviio PRO 1.8 contains an unquoted search path vulnerability in the Windows service that allows local users…
CVE-2017-20217 – Serviio PRO 1.8 REST API Information Disclosure
CVE ID :CVE-2017-20217 Published : March 15, 2026, 6:34 p.m. | 5 hours, 31 minutes ago Description :Serviio PRO 1.8 contains an information disclosure vulnerability due to improper access control enforcement in the Configuration…
CVE-2016-20034 – Wowza Streaming Engine 4.5.0 Privilege Escalation via user edit
CVE ID :CVE-2016-20034 Published : March 15, 2026, 6:34 p.m. | 5 hours, 31 minutes ago Description :Wowza Streaming Engine 4.5.0 contains a privilege escalation vulnerability that allows authenticated read-only users to elevate privileges…
CVE-2026-32729 – Runtipi has a TOTP two-factor authentication bypass via unrestricted brute-force on `/api/auth/verify-totp`
CVE ID :CVE-2026-32729 Published : March 13, 2026, 9:41 p.m. | 2 hours, 21 minutes ago Description :Runtipi is a personal homeserver orchestrator. Prior to 4.8.1, The Runtipi /api/auth/verify-totp endpoint does not enforce any…
CVE-2026-3227 – Authenticated Command Injection on TP-Link TL-WR802N, TL-WR841N and TL-WR840N
CVE ID :CVE-2026-3227 Published : March 13, 2026, 9:38 p.m. | 2 hours, 24 minutes ago Description :A command injection vulnerability was identified in TP-Link TL-WR802N v4, TL-WR841N v14, and TL-WR840N v6 due to…
CVE-2026-32616 – Pigeon has a Host Header Injection in email verification flow
CVE ID :CVE-2026-32616 Published : March 13, 2026, 9:12 p.m. | 2 hours, 50 minutes ago Description :Pigeon is a message board/notepad/social system/blog. Prior to 1.0.201, the application uses $_SERVER[‘HTTP_HOST’] without validation to construct…
CVE-2026-32627 – cpp-httplib has a Silent TLS Certificate Verification Bypass on HTTPS Redirect via Proxy
CVE ID :CVE-2026-32627 Published : March 13, 2026, 8:48 p.m. | 3 hours, 14 minutes ago Description :cpp-httplib is a C++11 single-file header-only cross platform HTTP/HTTPS library. Prior to 0.37.2, when a cpp-httplib client…
CVE-2025-15060 – claude-hovercraft executeClaudeCode Command Injection Remote Code Execution Vulnerability
CVE ID :CVE-2025-15060 Published : March 13, 2026, 8:43 p.m. | 3 hours, 19 minutes ago Description :claude-hovercraft executeClaudeCode Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code…