github
diff --git a/‎advisories/unreviewed/2026/02/GHSA-2jrm-m9vw-3rc4/GHSA-2jrm-m9vw-3rc4.json‎
Lines changed: 52 additions & 0 deletions b/‎advisories/unreviewed/2026/02/GHSA-2jrm-m9vw-3rc4/GHSA-2jrm-m9vw-3rc4.json‎
Lines changed: 52 additions & 0 deletions
diff --git a/‎advisories/unreviewed/2026/02/GHSA-3757-h5gm-6pj5/GHSA-3757-h5gm-6pj5.json‎
Lines changed: 52 additions & 0 deletions b/‎advisories/unreviewed/2026/02/GHSA-3757-h5gm-6pj5/GHSA-3757-h5gm-6pj5.json‎
Lines changed: 52 additions & 0 deletions
diff --git a/‎advisories/unreviewed/2026/02/GHSA-3hx2-rfg2-h3hp/GHSA-3hx2-rfg2-h3hp.json‎
Lines changed: 56 additions & 0 deletions b/‎advisories/unreviewed/2026/02/GHSA-3hx2-rfg2-h3hp/GHSA-3hx2-rfg2-h3hp.json‎
Lines changed: 56 additions & 0 deletions
diff --git a/‎advisories/unreviewed/2026/02/GHSA-56wx-xhr6-q6v2/GHSA-56wx-xhr6-q6v2.json‎
Lines changed: 56 additions & 0 deletions b/‎advisories/unreviewed/2026/02/GHSA-56wx-xhr6-q6v2/GHSA-56wx-xhr6-q6v2.json‎
Lines changed: 56 additions & 0 deletions
diff --git a/‎advisories/unreviewed/2026/02/GHSA-684h-gqgj-c42j/GHSA-684h-gqgj-c42j.json‎
Lines changed: 52 additions & 0 deletions b/‎advisories/unreviewed/2026/02/GHSA-684h-gqgj-c42j/GHSA-684h-gqgj-c42j.json‎
Lines changed: 52 additions & 0 deletions
diff --git a/‎advisories/unreviewed/2026/02/GHSA-76cj-j4cw-vf9p/GHSA-76cj-j4cw-vf9p.json‎
Lines changed: 56 additions & 0 deletions b/‎advisories/unreviewed/2026/02/GHSA-76cj-j4cw-vf9p/GHSA-76cj-j4cw-vf9p.json‎
Lines changed: 56 additions & 0 deletions
@@ -0,0 +1,52 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-2jrm-m9vw-3rc4",
+  "modified": "2026-02-08T21:30:19Z",
+  "published": "2026-02-08T21:30:19Z",
+  "aliases": [
+    "CVE-2026-2183"
+  ],
+  "details": "A security vulnerability has been detected in Great Developers Certificate Generation System up to 97171bb0e5e22e52eacf4e4fa81773e5f3cffb73. This affects an unknown part of the file /restructured/csv.php. The manipulation leads to unrestricted upload. Remote exploitation of the attack is possible. This product follows a rolling release approach for continuous delivery, so version details for affected or updated releases are not provided. The code repository of the project has not been active for many years.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"
+    },
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-2183"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/lakshayyverma/CVE-Discovery/blob/main/Certificate.md"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/?ctiid.344886"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/?id.344886"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/?submit.749713"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-284"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-02-08T20:15:51Z"
+  }
+}
@@ -0,0 +1,52 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-3757-h5gm-6pj5",
+  "modified": "2026-02-08T21:30:18Z",
+  "published": "2026-02-08T21:30:18Z",
+  "aliases": [
+    "CVE-2026-2173"
+  ],
+  "details": "A vulnerability was identified in code-projects Online Examination System 1.0. Affected by this issue is some unknown functionality of the file login.php. The manipulation of the argument username/password leads to sql injection. The attack may be initiated remotely.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"
+    },
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-2173"
+    },
+    {
+      "type": "WEB",
+      "url": "https://code-projects.org"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/?ctiid.344874"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/?id.344874"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/?submit.749255"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-74"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-02-08T19:16:21Z"
+  }
+}
@@ -0,0 +1,56 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-3hx2-rfg2-h3hp",
+  "modified": "2026-02-08T21:30:18Z",
+  "published": "2026-02-08T21:30:18Z",
+  "aliases": [
+    "CVE-2026-2180"
+  ],
+  "details": "A vulnerability was identified in Tenda RX3 16.03.13.11. Affected is an unknown function of the file /goform/fast_setting_wifi_set. Such manipulation of the argument ssid_5g leads to stack-based buffer overflow. The attack can be launched remotely. The exploit is publicly available and might be used.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+    },
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-2180"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/LX-66-LX/cve-new/issues/4"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/?ctiid.344883"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/?id.344883"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/?submit.749703"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.tenda.com.cn"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-119"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-02-08T20:15:51Z"
+  }
+}
@@ -0,0 +1,56 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-56wx-xhr6-q6v2",
+  "modified": "2026-02-08T21:30:19Z",
+  "published": "2026-02-08T21:30:19Z",
+  "aliases": [
+    "CVE-2026-2186"
+  ],
+  "details": "A vulnerability has been found in Tenda RX3 16.03.13.11. Impacted is the function fromSetIpMacBind of the file /goform/SetIpMacBind. Such manipulation of the argument list leads to stack-based buffer overflow. The attack may be performed from remote. The exploit has been disclosed to the public and may be used.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+    },
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-2186"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/LX-66-LX/cve-new/issues/7"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/?ctiid.344889"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/?id.344889"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/?submit.749718"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.tenda.com.cn"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-119"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-02-08T21:15:48Z"
+  }
+}
@@ -0,0 +1,52 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-684h-gqgj-c42j",
+  "modified": "2026-02-08T21:30:17Z",
+  "published": "2026-02-08T21:30:17Z",
+  "aliases": [
+    "CVE-2026-2172"
+  ],
+  "details": "A vulnerability was determined in code-projects Online Application System for Admission 1.0. Affected by this vulnerability is an unknown functionality of the file enrollment/index.php of the component Login Endpoint. Executing a manipulation can lead to sql injection. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"
+    },
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-2172"
+    },
+    {
+      "type": "WEB",
+      "url": "https://code-projects.org"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/?ctiid.344873"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/?id.344873"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/?submit.749253"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-74"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-02-08T19:16:21Z"
+  }
+}
@@ -0,0 +1,56 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-76cj-j4cw-vf9p",
+  "modified": "2026-02-08T21:30:19Z",
+  "published": "2026-02-08T21:30:19Z",
+  "aliases": [
+    "CVE-2026-2185"
+  ],
+  "details": "A flaw has been found in Tenda RX3 16.03.13.11. This issue affects the function set_device_name of the file /goform/setBlackRule of the component MAC Filtering Configuration Endpoint. This manipulation of the argument devName/mac causes stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been published and may be used.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
+    },
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
+    }
+  ],
+  "affected": [],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2026-2185"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/LX-66-LX/cve-new/issues/6"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/?ctiid.344888"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/?id.344888"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/?submit.749715"
+    },
+    {
+      "type": "WEB",
+      "url": "https://www.tenda.com.cn"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-119"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2026-02-08T21:15:48Z"
+  }
+}