Lucene search
K

3921 matches found

Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.15 views

PT-2026-48209

Shenzhen Tenda Technology Co., Ltd Tenda W20E v15.11.0.6 was discovered to contain a buffer overflow in the webAuthWhiteUserInfo parameter of the formAddWebAuthWhiteUser function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted HTTP request...

5.9AI score0.00309EPSS
Exploits0References1
CVE
CVE
added 2026/06/09 12:0 a.m.15 views

CVE-2026-36791

The CVE-2026-36791 entry affects Shenzhen Tenda Technology Co., Ltd. Tenda O3v3 v1.0.0.5, where a stack overflow in the save_list_data parameter of the formSetCfm function could allow a crafted HTTP request to cause a Denial of Service. Affected component: the save_list_data handling within formS...

7.5CVSS5.6AI score0.00397EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.15 views

PT-2026-48201

Shenzhen Tenda Technology Co., Ltd Tenda W15E v15.11.0.10 was discovered to contain a buffer overflow in the gotoUrl parameter of the formPortalAuth function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted HTTP request...

5.9AI score0.00309EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/09 12:0 a.m.9 views

CVE-2026-36798

Shenzhen Tenda Technology Co., Ltd Tenda G0 v15.11.0.5 was discovered to contain multiple stack overflows in the formSetDebugCfgr function via the enable, level, and module parameters. These vulnerabilities allow attackers to cause a Denial of Service DoS via a crafted HTTP request...

5.5AI score0.00301EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.14 views

PT-2026-48185

Shenzhen Tenda Technology Co., Ltd Tenda W3 Wireless Router v1.0.0.32204 was discovered to contain a stack overflow in the wl radio parameter of the formWifiRadioSet function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted HTTP request...

5.6AI score0.00397EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.17 views

PT-2026-48182

Shenzhen Tenda Technology Co., Ltd Tenda O3 Wireless Router v1.0.0.54180 was discovered to contain a stack overflow in the domain parameter of the fromNetToolGet function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted HTTP request...

5.6AI score0.00397EPSS
Exploits0References1
CVE
CVE
added 2026/06/09 12:0 a.m.18 views

CVE-2026-36802

CVE-2026-36802 affects Shenzhen Tenda Technology Co. PW201A v1.0.5. The issue is a buffer overflow in the page parameter of the SafeMacFilter function, enabling a crafted HTTP request to trigger a Denial of Service. All connected sources (RH Red Hat, NVD, CVE listings, CVE pages, and vuln enrichm...

7.5CVSS5.9AI score0.00309EPSS
Exploits0References1
CVE
CVE
added 2026/06/09 12:0 a.m.20 views

CVE-2026-36820

CVE-2026-36820 affects Shenzhen Tenda Technology Co., Ltd. Tenda W20E v15.11.0.6. A buffer overflow in the webAuthWhiteUserInfo parameter of the formAddWebAuthWhiteUser function is described, enabling a crafted HTTP request to trigger a Denial of Service (DoS). No exploitation details, affected v...

7.5CVSS5.9AI score0.00309EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/08 6:31 p.m.13 views

EUVD-2026-35118

Shenzhen Tenda Technology Co., Ltd Tenda FH451 V1.0.0.9 was discovered to contain a stack overflow in the list1 parameter of the fromDhcpListClient function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted HTTP request...

7.5CVSS5.6AI score0.00415EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/08 6:26 p.m.9 views

CVE-2026-10786

Improper access control in the ticketing integration settings in Devolutions Server allows an authenticated low-privileged user to obtain cleartext credentials for configured ticketing integrations via a crafted API request. This issue affects : Devolutions Server 2026.2.4.0 Devolutions Server...

5.5AI score0.00148EPSS
Exploits0References1
NVD
NVD
added 2026/06/08 4:16 p.m.12 views

CVE-2026-36786

Shenzhen Tenda Technology Co., Ltd Tenda FH451 V1.0.0.9 was discovered to contain a stack overflow in the list1 parameter of the fromDhcpListClient function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted HTTP request...

7.5CVSS0.00415EPSS
Exploits0References1
NVD
NVD
added 2026/06/05 9:16 p.m.15 views

CVE-2026-36785

Shenzhen Tenda Technology Co., Ltd Tenda FH451 V1.0.0.9 was discovered to contain a stack overflow in the page parameter of the fromDhcpListClient function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted HTTP request...

7.5CVSS0.00357EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/06/05 7:51 p.m.11 views

CVE-2025-70950

An issue in gohttp commit 34ea51 allows attackers to execute a directory traversal via supplying a crafted request...

7.3CVSS7.9AI score0.00523EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:42 p.m.9 views

CVE-2026-35904

Incorrect access control in the web management interface of T3 Technology CPE models T625Pro v1.0.07, T6825G v1.0.03, and T7281 v1.0.03 allows unauthorized attackers to enable the Telnet service via sending a crafted request to a vulnerable CGI component...

9.8CVSS5.5AI score0.00547EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:35 p.m.10 views

CVE-2026-5794

A vulnerability affecting the detailed versions of Cryptobox allows a legitimate user to prevent another to login by triggering an account lockout via sending a specially crafted request...

7.1CVSS5.5AI score0.00256EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:35 p.m.12 views

CVE-2026-5163

Mattermost versions 11.5.x = 11.5.1 fail to verify channel membership when processing AI-assisted message rewrites which allows an authenticated attacker to read the content of threads in private channels and direct messages they do not have access to via a crafted request to the post rewrite...

6.5CVSS5.5AI score0.00205EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:28 p.m.10 views

CVE-2026-4410

IBM WebSphere Application Server - Liberty 19.0.0.7 through 26.0.0.5 and IBM WebSphere Application Server 9.0, and 8.5 and WebSphere Application Server Liberty are vulnerable to a denial of service, caused by sending a specially-crafted request. A remote attacker could exploit this vulnerability ...

7.5CVSS5.5AI score0.005EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:25 p.m.13 views

CVE-2026-44441

ERPNext is a free and open source Enterprise Resource Planning tool. Prior to 15.106.0 and 16.16.0, a malicious user could send a crafted request to an endpoint, which would lead to the server making an HTTP call to a service of the user's choice. This vulnerability is fixed in 15.106.0 and 16.16...

5CVSS5.5AI score0.00162EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:21 p.m.11 views

CVE-2026-38529

A Broken Object-Level Authorization BOLA in the /Settings/UserController.php endpoint of Webkul Krayin CRM v2.2.x allows authenticated attackers to arbitrarily reset user passwords and perform a full account takeover via supplying a crafted HTTP request...

8.8CVSS5.5AI score0.00624EPSS
Exploits2References1
CVE
CVE
added 2026/06/05 7:21 p.m.24 views

CVE-2026-46357

CVE-2026-46357 affects HAX CMS NodeJS backend. An authenticated attacker can crash the NodeJS process by sending a malformed request to the remote import workflow via the createSite endpoint, causing an availability DoS with a single HTTP request. The crash originates from a file object without o...

6.5CVSS5.3AI score0.0024EPSS
Exploits0References1
Rows per page
Query Builder