Lucene search
K

38572 matches found

Cvelist
Cvelist
added 2026/04/12 7:15 a.m.32 views

CVE-2026-6121 Tenda F451 httpd WrlclientSet stack-based overflow

A flaw has been found in Tenda F451 1.0.0.7. Affected by this vulnerability is the function WrlclientSet of the file /goform/WrlclientSet of the component httpd. This manipulation of the argument GO causes stack-based buffer overflow. The attack may be initiated remotely. The exploit has been...

9CVSS0.00511EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/04/12 7:15 a.m.4 views

CVE-2026-6121

A flaw has been found in Tenda F451 1.0.0.7. Affected by this vulnerability is the function WrlclientSet of the file /goform/WrlclientSet of the component httpd. This manipulation of the argument GO causes stack-based buffer overflow. The attack may be initiated remotely. The exploit has been...

9CVSS6.3AI score0.00511EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2026/04/12 7:15 a.m.18 views

CVE-2026-6121

The CVE-2026-6121 entry concerns Tenda F451 1.0.0.7. A flaw in the httpd component, specifically the WrlclientSet function in /goform/WrlclientSet, allows a stack-based buffer overflow triggered by manipulating the GO argument. This vulnerability enables remote access with no user interaction req...

9CVSS7.9AI score0.00511EPSS
Exploits0References5Affected Software1
EUVD
EUVD
added 2026/04/12 6:30 a.m.5 views

EUVD-2026-21718

A vulnerability was detected in Tenda F451 1.0.0.7. Affected is the function fromDhcpListClient of the file /goform/DhcpListClient of the component httpd. The manipulation of the argument page results in stack-based buffer overflow. The attack can be launched remotely. The exploit is now public a...

9CVSS8AI score0.00673EPSS
Exploits0References6
Snyk
Snyk
added 2026/04/12 3:30 a.m.8 views

Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

Overview metagpt is a The Multi-Agent Framework Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Output Used by a Downstream Component 'Injection' via the generatethoughts function in the Tree-of-Thought Solver component. An attacker can execute...

9.8CVSS7.8AI score0.00409EPSS
Exploits1References2
Rockylinux
Rockylinux
added 2026/04/12 12:0 a.m.4 views

thunderbird security update

An update is available for thunderbird. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list Mozilla Thunderbird is a standalone mail and newsgroup client. Security...

10CVSS7.3AI score0.00773EPSS
Exploits0
CNNVD
CNNVD
added 2026/04/12 12:0 a.m.5 views

TOTOLINK A7100RU 操作系统命令注入漏洞

The TOTOLINK A7100RU is a wireless router produced by TOTOLINK, a Chinese company. The Totolink A7100RU 7.4cu.2313b20191024 version has a vulnerability related to operating system command injection. This vulnerability stems from an improper handling of the ttyEnable parameter in the...

10CVSS7.3AI score0.01803EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/04/12 12:0 a.m.5 views

PT-2026-32154

A flaw has been found in Tenda F451 1.0.0.7. Affected by this vulnerability is the function WrlclientSet of the file /goform/WrlclientSet of the component httpd. This manipulation of the argument GO causes stack-based buffer overflow. The attack may be initiated remotely. The exploit has been...

9CVSS7.9AI score0.00511EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/04/12 12:0 a.m.5 views

PT-2026-32156

A vulnerability was found in Tenda F451 1.0.0.7. This affects the function fromAddressNat of the file /goform/addressNat of the component httpd. Performing a manipulation of the argument entrys results in stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has...

9CVSS7.8AI score0.00518EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/04/12 12:0 a.m.5 views

Tenda F451 安全漏洞

The Tenda F451 is a wireless router produced by the Chinese company Tenda. Version 1.0.0.7 of the Tenda F451 contains a security vulnerability. This vulnerability stems from the improper handling of the parameter entrys in the fromAddressNat function within the httpd component, potentially leadin...

9CVSS7.7AI score0.00518EPSS
Exploits0References6
OSV
OSV
added 2026/04/11 7:4 p.m.3 views

SUSE-SU-2026:1273-1 Security update for MozillaFirefox

This update for MozillaFirefox fixes the following issues: - Update to 149.0.2 and 140.9.1esr bsc1261663. - CVE-2026-5731: Memory safety bugs fixed in Firefox ESR 115.34.1, Firefox ESR 140.9.1, Thunderbird ESR 140.9.1, Firefox 149.0.2 and Thunderbird 149.0.2. - CVE-2026-5732: Incorrect boundary...

9.8CVSS5.8AI score0.0035EPSS
Exploits0References5
EUVD
EUVD
added 2026/04/11 3:30 p.m.2 views

EUVD-2026-21678

Various stored XSS vulnerabilities in the maps- and icon rendering logic in Phoca Maps component 5.0.0-6.0.2 have been discovered...

5.8AI score0.00248EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/11 12:52 p.m.3 views

CVE-2026-23900 Extension - phoca.cz - Stored XSS vectors in Phoca Maps component 5.0.0 - 6.0.2 for Joomla

Various stored XSS vulnerabilities in the maps- and icon rendering logic in Phoca Maps component 5.0.0-6.0.2 have been discovered...

5.8AI score0.00248EPSS
Exploits0References1
Veracode
Veracode
added 2026/04/11 5:8 a.m.5 views

Improper Output Handling

Apache Log4j Core is vulnerable to Improper Output Handling. The vulnerability is due to XmlLayout failing to sanitize characters forbidden by the XML 1.0 specification, allowing log messages or MDC values to produce malformed XML or trigger exceptions during logging, which can lead to dropped or...

7.5CVSS5.8AI score0.0086EPSS
Exploits0References7Affected Software1
Microsoft CVE
Microsoft CVE
added 2026/04/11 12:31 a.m.2 views

Chromium: CVE-2026-5910 Integer overflow in Media

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.8CVSS5.8AI score0.00195EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2026/04/11 12:31 a.m.3 views

Chromium: CVE-2026-5879 Insufficient validation of untrusted input in ANGLE

This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...

8.8CVSS5.8AI score0.00303EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/04/11 12:0 a.m.6 views

PT-2026-32097

Various stored XSS vulnerabilities in the maps- and icon rendering logic in Phoca Maps component 5.0.0-6.0.2 have been discovered...

5.8AI score0.00248EPSS
Exploits0References2
Snyk
Snyk
added 2026/04/10 5:8 p.m.6 views

Improper Encoding or Escaping of Output

Overview Affected versions of this package are vulnerable to Improper Encoding or Escaping of Output in the XMLLayout component. An attacker can cause log records to be silently dropped or fail to be indexed by injecting XML 1.0 forbidden characters into logged data, which results in invalid XML...

6.3CVSS5.8AI score0.00499EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/04/10 6:57 a.m.4 views

CVE-2026-5919

An insufficient validation of untrusted input flaw was found in the WebSockets component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=483423893...

7.7CVSS5.7AI score0.0019EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/04/10 6:57 a.m.4 views

CVE-2026-5918

An inappropriate implementation flaw was found in the Navigation component of the Chromium browser. Upstream bugs: https://code.google.com/p/chromium/issues/detail?id=490139441...

5.9CVSS5.7AI score0.00158EPSS
Exploits0References5
Rows per page
Query Builder