NuytsTech Security - Worldwide Cybersecurity Vulnerabilities

NuytsTech Security

27/01/2026

CVE-2026-1477

An out-of-band SQL injection vulnerability (OOB SQLi) has been detected in the Performance Evaluation (EDD) application developed by Gabinete Técnico de Programación. Exploiting this vulnerability in the parameter ‘Id_usuario’ and ‘Id_evaluacion’ in ‘/evaluacion_competencias_evalua_old.aspx’, could...

27/01/2026

CVE-2026-1476

An out-of-band SQL injection vulnerability (OOB SQLi) has been detected in the Performance Evaluation (EDD) application developed by Gabinete Técnico de Programación. Exploiting this vulnerability in the parameter ‘Id_usuario’ in ‘/evaluacion_acciones_ver_auto.aspx’, could allow an...

27/01/2026

CVE-2026-1475

An out-of-band SQL injection vulnerability (OOB SQLi) has been detected in the Performance Evaluation (EDD) application developed by Gabinete Técnico de Programación. Exploiting this vulnerability in the parameter ‘Id_usuario’ in ‘/evaluacion_acciones_evalua.aspx’, could allow an...

27/01/2026

CVE-2026-1474

An out-of-band SQL injection vulnerability (OOB SQLi) has been detected in the Performance Evaluation (EDD) application developed by Gabinete Técnico de Programación. Exploiting this vulnerability in the parameter ‘Id_usuario’ and ‘Id_evaluacion’ en ‘/evaluacion_inicio.aspx’, could...

27/01/2026

CVE-2026-1473

An out-of-band SQL injection vulnerability (OOB SQLi) has been detected in the Performance Evaluation (EDD) application developed by Gabinete Técnico de Programación. Exploiting this vulnerability in the parameter ‘Id_usuario’ in ‘/evaluacion_competencias_evalua.aspx’, could allow an...

27/01/2026

CVE-2026-1472

An out-of-band SQL injection vulnerability (OOB SQLi) has been detected in the Performance Evaluation (EDD) application developed by Gabinete Técnico de Programación. Exploiting this vulnerability in the parameter ‘txAny’ in ‘/evaluacion_competencias_autoeval_list.aspx’, could allow an...

27/01/2026

CVE-2026-0705

Local privilege escalation due to insecure folder permissions. The following products are affected: Acronis Cloud Manager (Windows) before build 6.4.25342.354. More information : https://security-advisory.acronis.com/advisories/SEC-7316

27/01/2026

CVE-2026-24875

Integer Overflow or Wraparound vulnerability in yoyofr modizer.This issue affects modizer: before 4.1.1. More information : https://github.com/yoyofr/modizer/pull/133

27/01/2026

CVE-2026-24874

Access of Resource Using Incompatible Type (‘Type Confusion’) vulnerability in themrdemonized xray-monolith.This issue affects xray-monolith: before 2025.12.30. More information : https://github.com/themrdemonized/xray-monolith/pull/399

27/01/2026

CVE-2026-24873

Out-of-bounds Read vulnerability in Rinnegatamante lpp-vita.This issue affects lpp-vita: before lpp-vita r6. More information : https://github.com/Rinnegatamante/lpp-vita/pull/82

27/01/2026

CVE-2026-24872

improper pointer arithmetic vulnerability in ProjectSkyfire SkyFire_548.This issue affects SkyFire_548: before 5.4.8-stable5. More information : https://github.com/cadaver/turso3d/pull/11

27/01/2026

CVE-2026-24871

Improper Control of Generation of Code (‘Code Injection’) vulnerability in pilgrimage233 Minecraft-Rcon-Manage.This issue affects Minecraft-Rcon-Manage: before 3.0. More information : https://github.com/pilgrimage233/Minecraft-Rcon-Manage/pull/13

27/01/2026

CVE-2026-24870

Exposure of Sensitive Information to an Unauthorized Actor vulnerability in ixray-team ixray-1.6-stcop.This issue affects ixray-1.6-stcop: before 1.3. More information : https://github.com/ixray-team/ixray-1.6-stcop/pull/258

27/01/2026

CVE-2026-24869

Use-after-free in the Layout: Scrolling and Overflow component. This vulnerability affects Firefox < 147.0.2. More information : https://bugzilla.mozilla.org/show_bug.cgi?id=2008698