5383 matches found
CVE-2026-34123
On Tapo C520WS v2, restricted accounts for example, hub users are intended to execute only a limited set of low‑sensitivity operations. Due to a logic flaw in the device’s API authorization mechanism, an attacker can craft requests that leverage legitimate “method mapping” behavior to bypass...
GHSA-5X67-J5XG-C5GJ Bugsink: DOS using large numbers of event tags
Summary In affected versions, Bugsink stores every tag supplied with an incoming event. An event with an unusually large number of custom i.e. supplied by an attacker tags can therefore make ingestion spend more time than intended writing tag rows. Bugsink uses a single-writer database...
CVE-2026-34851
Race condition vulnerability in the event notification module. Impact: Successful exploitation of this vulnerability may affect availability...
CVE-2026-34850
Race condition vulnerability in the notification service. Impact: Successful exploitation of this vulnerability may affect availability...
CVE-2026-34849
UAF vulnerability in the screen management module. Impact: Successful exploitation of this vulnerability may affect availability...
CVE-2026-41963
Stack overflow vulnerability in the media platform. Impact: Successful exploitation of this vulnerability may affect availability...
CVE-2026-40131
SQL injection vulnerability exists in @sap/hdi-deploy package, where SQL queries are dynamically constructed using user input without proper parameterization or prepared statements. Successful exploitation could allow the high privileged users to alter the SELECT statements impacting...
CVE-2025-41669
The Web-based Management allows a remote low privileged Engineer user to install additional APPs on the device downloaded from the PLCnext Store without implementing any data verification mechanism, leading to the capability for an Engineer user to reach arbitrary code execution with root...
CVE-2026-34859
UAF vulnerability in the kernel module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality...
CVE-2026-34855
Out-of-bounds write vulnerability in the kernel module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality...
CVE-2026-34864
Boundary-unlimited vulnerability in the application read module. Impact: Successful exploitation of this vulnerability may affect availability...
CVE-2026-34857
UAF vulnerability in the communication module. Impact: Successful exploitation of this vulnerability may affect availability...
CVE-2026-34866
Out-of-bounds write vulnerability in the WEB module.Impact: Successful exploitation of this vulnerability will affect availability and confidentiality...
CVE-2026-34862
Race condition vulnerability in the power consumption statistics module. Impact: Successful exploitation of this vulnerability may affect availability...
CVE-2026-34867
Double free vulnerability in the multi-mode input system. Impact: Successful exploitation of this vulnerability may affect availability...
CVE-2026-34858
UAF vulnerability in the communication module. Impact: Successful exploitation of this vulnerability may affect availability...
CVE-2026-34863
Out-of-bounds write vulnerability in the file system. Impact: Successful exploitation of this vulnerability may affect availability...
CVE-2026-34854
UAF vulnerability in the kernel module. Impact: Successful exploitation of this vulnerability will affect availability and confidentiality...
CVE-2026-34861
Race condition vulnerability in the thermal management module. Impact: Successful exploitation of this vulnerability may affect availability...
CVE-2026-34852
Stack overflow vulnerability in the media platform. Impact: Successful exploitation of this vulnerability may affect availability...