Lucene search
K

303 matches found

NVD
NVD
added 2026/05/17 4:16 a.m.12 views

CVE-2026-8728

A security vulnerability has been detected in Open5GS up to 2.7.7. The impacted element is the function ogssbidiscoveryoptionparseplmnlist in the library /lib/sbi/conv.c of the component NRF. Such manipulation of the argument target-plmn-list leads to denial of service. The attack can be executed...

6.5CVSS0.0039EPSS
Exploits1References6
vulnersOsv
vulnersOsv
added 2026/04/29 12:33 p.m.12 views

RPD:bmc-rpd (=1.1), aendter.jenkins.plugins:filesystem-list-parameter-plugin (>=0.0.1 <=0.0.6) +25551 more potentially affected by CVE-2026-22745 via org.springframework:spring-webmvc (>=1.2.1 <=5.3.4)

org.springframework:spring-webmvc MAVEN version =1.2.1, =0.0.1, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =4.4.0.0, =0.0.12, =0.1.15 and more Source cves: CVE-2026-22745 Source advisory: OSV:GHSA-6P4F-WCWH-5VVM...

5.3CVSS5.7AI score0.00341EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/04/08 5:0 a.m.6 views

CVE-2024-36058

The Send Basket functionality in Koha Library before 23.05.10 is susceptible to Time-Based SQL Injection because it fails to sanitize the POST parameter biblist in /cgi-bin/koha/opac-sendbasket.pl, allowing library users to read arbitrary data from the database...

9.8CVSS6.1AI score0.00478EPSS
Exploits1References1
EUVD
EUVD
added 2026/04/07 6:31 p.m.3 views

EUVD-2024-55539

The Send Basket functionality in Koha Library before 23.05.10 is susceptible to Time-Based SQL Injection because it fails to sanitize the POST parameter biblist in /cgi-bin/koha/opac-sendbasket.pl, allowing library users to read arbitrary data from the database...

6.1AI score0.00478EPSS
Exploits1References5
NVD
NVD
added 2026/04/07 5:16 p.m.3 views

CVE-2024-36058

The Send Basket functionality in Koha Library before 23.05.10 is susceptible to Time-Based SQL Injection because it fails to sanitize the POST parameter biblist in /cgi-bin/koha/opac-sendbasket.pl, allowing library users to read arbitrary data from the database...

9.8CVSS0.00478EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/04/07 12:0 a.m.3 views

CVE-2024-36058

The Send Basket functionality in Koha Library before 23.05.10 is susceptible to Time-Based SQL Injection because it fails to sanitize the POST parameter biblist in /cgi-bin/koha/opac-sendbasket.pl, allowing library users to read arbitrary data from the database...

6.1AI score0.00478EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/03/03 12:0 a.m.19 views

CVE-2025-69765

Tenda AX3 firmware v16.03.12.11 contains a stack overflow in formGetIptv function and the list parameter, which can cause memory corruption and enable remote code execution...

0.00738EPSS
Exploits1References2
CNNVD
CNNVD
added 2026/03/03 12:0 a.m.8 views

Tenda Ax3 安全漏洞

The Tenda Ax3 is a Wi-Fi 6 dual-band router with a gigabit port from the Chinese company Tenda. The Tenda Ax3 v16.03.12.11 version contains a security vulnerability. This vulnerability stems from a stack overflow issue in the formGetIptv function and the list parameter, which may lead to memory...

7.5CVSS6.2AI score0.00738EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2026/03/03 12:0 a.m.4 views

CVE-2025-69765

Tenda AX3 firmware v16.03.12.11 contains a stack overflow in formGetIptv function and the list parameter, which can cause memory corruption and enable remote code execution...

6.3AI score0.00738EPSS
Exploits1References2
CVE
CVE
added 2026/03/03 12:0 a.m.12 views

CVE-2025-69765

CVE-2025-69765 : Tenda AX3 firmware v16.03.12.11 contains a stack overflow in the formGetIptv function and the list parameter, enabling memory corruption and remote code execution. Affected product: Tenda AX3 router. Root cause: stack overflow leading to RCE as described in multiple sources (NVD,...

7.5CVSS6.3AI score0.00738EPSS
Exploits1References2Affected Software1
NVD
NVD
added 2026/02/19 1:16 p.m.4 views

CVE-2019-25412

Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting unsanitized input through the NTPSERVERLIST parameter. Attackers can send POST requests to the /korugan/time endpoint with script payloads in the...

6.1CVSS0.0033EPSS
Exploits1References4
NVD
NVD
added 2026/02/16 2:16 a.m.8 views

CVE-2026-2528

A vulnerability was identified in Wavlink WL-WN579A3 up to 20210219. Affected by this vulnerability is the function DeleteMaclist of the file /cgi-bin/wireless.cgi. The manipulation of the argument deletelist leads to command injection. Remote exploitation of the attack is possible. The exploit i...

9.8CVSS0.06554EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/02/07 7:22 a.m.8 views

CVE-2026-2000

A vulnerability was found in DCN DCME-320 up to 20260121. Impacted is the function applyconfig of the file /function/system/basic/bridgecfg.php of the component Web Management Backend. Performing a manipulation of the argument iplist results in command injection. The attack is possible to be...

7.2CVSS5AI score0.17152EPSS
Exploits1References1
CNNVD
CNNVD
added 2026/02/06 12:0 a.m.6 views

DCN DCME-320 命令注入漏洞

DCN DCME-320 is an Internet exchange gateway router developed by China's DCN Technology Co., Ltd. Versions of DCN DCME-320 prior to 20260121 contained a command injection vulnerability. This vulnerability stemmed from incorrect operations with the parameter iplist in the function applyconfig with...

7.2CVSS5.8AI score0.17152EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/02/06 12:0 a.m.9 views

PT-2026-6684

Name of the Vulnerable Software and Affected Versions DCN DCME-320 versions up to 20260121 Description A flaw exists in the Web Management Backend component of DCN DCME-320. Specifically, manipulating the ip list argument within the apply config function of the /function/system/basic/bridge cfg.p...

5.8CVSS5.4AI score0.17152EPSS
Exploits1References7
RedhatCVE
RedhatCVE
added 2026/01/22 12:20 a.m.9 views

CVE-2025-69762

Tenda AX3 firmware v16.03.12.11 contains a stack overflow in formSetIptv via the list parameter, which can cause memory corruption and enable remote code execution...

9.8CVSS6AI score0.00822EPSS
Exploits1References1
OSV
OSV
added 2026/01/21 6:16 p.m.4 views

CVE-2025-69762

Tenda AX3 firmware v16.03.12.11 contains a stack overflow in formSetIptv via the list parameter, which can cause memory corruption and enable remote code execution...

9.8CVSS6.3AI score0.00822EPSS
Exploits1References2
Cvelist
Cvelist
added 2026/01/21 12:0 a.m.14 views

CVE-2025-69762

Tenda AX3 firmware v16.03.12.11 contains a stack overflow in formSetIptv via the list parameter, which can cause memory corruption and enable remote code execution...

0.00822EPSS
Exploits1References2
CVE
CVE
added 2026/01/21 12:0 a.m.14 views

CVE-2025-69762

Tenda AX3 firmware v16.03.12.11 is affected by a stack overflow in the formSetIptv handler triggered via the list parameter. This flaw can lead to memory corruption and remote code execution. The affected component is the formSetIptv stack in the device’s firmware, and the root cause is a stack o...

9.8CVSS6.2AI score0.00822EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/01/21 12:0 a.m.2 views

CVE-2025-69762

Tenda AX3 firmware v16.03.12.11 contains a stack overflow in formSetIptv via the list parameter, which can cause memory corruption and enable remote code execution...

9.8CVSS6AI score0.00822EPSS
Exploits1References3
Rows per page
Query Builder