EUVD-2026-17613

A flaw has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This vulnerability affects the function...

CVE-2026-5211

The CVE-2026-5211 entry concerns multiple D-Link NAS models (DNS-120, DNS-315L, DNS-320/320L/320LW/321, DNS-727 etc., including DNS-1550-04) with a vulnerability in UPnP_AV_Server_Path_Del within /cgi-bin/app_mgr.cgi. The flaw arises from manipulating the f_dir argument, causing a stack-based buf...

CVE-2026-5211 D-Link DNS-1550-04 app_mgr.cgi UPnP_AV_Server_Path_Del stack-based overflow

A flaw has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This vulnerability affects the function...

CVE-2026-5211

A flaw has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This vulnerability affects the function...

CVE-2026-4214

A flaw has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This issue affects the function...

EUVD-2026-12279

A vulnerability has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. The impacted element is the function...

CVE-2026-4205

A vulnerability has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. The impacted element is the function...

CVE-2026-4214 D-Link DNS-1550-04 app_mgr.cgi UPnP_AV_Server_Path_Setting stack-based overflow

A flaw has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This issue affects the function...

CVE-2026-4214

A flaw has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This issue affects the function...

CVE-2026-4214 D-Link DNS-1550-04 app_mgr.cgi UPnP_AV_Server_Path_Setting stack-based overflow

A flaw has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This issue affects the function...

CVE-2026-4214

CVE-2026-4214 affects a range of D-Link NAS/Network devices (DNS-120 and many DNS/DNR models) with a flaw in UPnP_AV_Server_Path_Setting (/cgi-bin/app_mgr.cgi) that can cause a stack-based buffer overflow. The issue can be triggered remotely and an exploit has been published. The connected source...

CVE-2026-4205 D-Link DNS-1550-04 app_mgr.cgi FTP_Server_BlockIP_Del command injection

A vulnerability has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. The impacted element is the function...

CVE-2026-4205 D-Link DNS-1550-04 app_mgr.cgi FTP_Server_BlockIP_Del command injection

A vulnerability has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. The impacted element is the function...

CVE-2026-1464

Integer Overflow or Wraparound vulnerability in MuntashirAkon AppManager app/src/main/java/org/apache/commons/compress/archivers/tar modules. This vulnerability is associated with program files TarUtils.Java. This issue affects AppManager: before 4.0.4...

CVE-2026-1464

Integer Overflow or Wraparound vulnerability in MuntashirAkon AppManager app/src/main/java/org/apache/commons/compress/archivers/tar modules. This vulnerability is associated with program files TarUtils.Java. This issue affects AppManager: before 4.0.4...

App Manager security vulnerability

App Manager is an Android package manager and viewer developed by Muntashir Al-Islam as a personal project. Versions of App Manager prior to 4.0.4 contained security vulnerabilities, which were caused by integer overflows or circular errors in the TarUtils.Java files...

Security Bulletin: IBM WebSphere Application Server shipped with IBM Tivoli System Automation Application Manager could provide weaker than expected security for TLS connections.

Summary A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Tivoli System Automation Application ManagerCVE-2025-33142 Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affecte...

CVE-2025-1142 IBM Edge Application Manager server-side request forgery

IBM Edge Application Manager 4.5 is vulnerable to server-side request forgery SSRF. This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks...

Liferay Portal 7.4.x < 7.4.3.132 Cross-Site Scripting

Liferay Portal versions 7.4.x prior to 7.4.3.132 and DXP versions prior to 2024.Q1.13 or 2024.Q2 prior to 2024.Q4.6 are affected by a Cross-Site Scripting allowing an remote non-authenticated attacker to inject JavaScript into the modules/apps/marketplace/marketplace-app-manager-web. No source da...

Cross-site Scripting (XSS)

com.liferay:com.liferay.marketplace.app.manager.web is vulnerable to Cross-site Scripting XSS. The vulnerability is due to improper input sanitization due to failure to properly escape user-supplied input in the Marketplace App Manager Web module, allowing injection of JavaScript by unauthenticat...