Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

988 matches found

CVE
CVEadded 2026/03/15 11:2 p.m.16 views

CVE-2026-4195

CVE-2026-4195 describes a remote command-injection flaw in multiple D-Link NAS/routers (e.g., DNS-120, DNS-320 series, DNS-1550-04, etc.) via manipulation of the file path /cgi-bin/wizard_mgr.cgi. The affected function is unknown, but exploitation allows arbitrary commands to be executed with net...

9.8CVSS6.3AI score0.03499EPSS
Exploits1References5Affected Software1
ATTACKERKB
ATTACKERKBadded 2026/03/15 3:2 a.m.1 views

CVE-2026-4164

A flaw has been found in Wavlink WL-WN578W2 221110. Impacted is the function DeleteMaclist/SetName/GuestWifi of the file /cgi-bin/wireless.cgi of the component POST Request Handler. Executing a manipulation can lead to command injection. It is possible to launch the attack remotely. The exploit h...

10CVSS5.5AI score0.02057EPSS
Exploits0References8Affected Software1
Cvelist
Cvelistadded 2026/03/12 4:2 p.m.30 views

CVE-2026-4045 projectsend Auth.php response discrepancy

A flaw has been found in projectsend up to r1945. This impacts an unknown function of the file includes/Classes/Auth.php. Executing a manipulation of the argument ldapemail can lead to observable response discrepancy. The attack can be executed remotely. A high complexity level is associated with...

6.3CVSS0.00289EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2026/03/12 4:2 p.m.2 views

CVE-2026-4045

A flaw has been found in projectsend up to r1945. This impacts an unknown function of the file includes/Classes/Auth.php. Executing a manipulation of the argument ldapemail can lead to observable response discrepancy. The attack can be executed remotely. A high complexity level is associated with...

6.3CVSS5.2AI score0.00289EPSS
Exploits0References4
OSV
OSVadded 2026/03/12 4:16 a.m.2 views

UBUNTU-CVE-2026-3979

A flaw has been found in quickjs-ng quickjs up to 0.12.1. This affects the function jsiteratorconcatreturn of the file quickjs.c. This manipulation causes use after free. The attack requires local access. The exploit has been published and may be used. Patch name:...

5.3CVSS5.3AI score0.00112EPSS
Exploits0References2
EUVD
EUVDadded 2026/03/12 3:31 a.m.4 views

EUVD-2026-11497

A flaw has been found in Tenda i3 1.0.0.62204. Affected is the function formwrlSSIDget of the file /goform/wifiSSIDget. Executing a manipulation of the argument index can lead to stack-based buffer overflow. The attack may be launched remotely. The exploit has been published and may be used...

9CVSS6.4AI score0.00619EPSS
Exploits1References6
NVD
NVDadded 2026/03/12 1:15 a.m.4 views

CVE-2026-3970

A flaw has been found in Tenda i3 1.0.0.62204. Affected is the function formwrlSSIDget of the file /goform/wifiSSIDget. Executing a manipulation of the argument index can lead to stack-based buffer overflow. The attack may be launched remotely. The exploit has been published and may be used...

9CVSS0.00619EPSS
Exploits1References5
CVE
CVEadded 2026/03/12 1:2 a.m.11 views

CVE-2026-3970

CVE-2026-3970 affects Tenda i3 1.0.0.6(2204). The vulnerability is in the function formwrlSSIDget of the file /goform/wifiSSIDget, where manipulation of the argument index can trigger a stack-based buffer overflow . It can be exploited remotely, and a working exploit has been published. The provi...

9CVSS6.4AI score0.00619EPSS
Exploits1References5Affected Software1
EUVD
EUVDadded 2026/03/12 12:31 a.m.2 views

EUVD-2026-11492

A flaw has been found in Alfresco Activiti up to 7.19/8.8.0. Affected by this issue is the function deserialize/createObjectInputStream of the file activiti-core/activiti-engine/src/main/java/org/activiti/engine/impl/variable/SerializableType.java of the component Process Variable Serialization...

6.5CVSS5.4AI score0.00242EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2026/03/12 12:0 a.m.3 views

PT-2026-24898

A flaw has been found in Alfresco Activiti up to 7.19/8.8.0. Affected by this issue is the function deserialize/createObjectInputStream of the file activiti-core/activiti-engine/src/main/java/org/activiti/engine/impl/variable/SerializableType.java of the component Process Variable Serialization...

6.5CVSS5.4AI score0.00242EPSS
Exploits0References5
EUVD
EUVDadded 2026/03/11 9:31 p.m.4 views

EUVD-2026-11405

A flaw has been found in xierongwkhd weimai-wetapp up to 5fe9e8225be4f73f2c5087f134aff657bdf1c6f2. This vulnerability affects the function getLikeMovieList of the file source-code/src/main/java/com/moke/wp/wxweimai/controller/HomeController.java of the component Endpoint. Executing a manipulation...

5.8CVSS5.7AI score0.0021EPSS
Exploits0References7
NVD
NVDadded 2026/03/11 9:16 p.m.3 views

CVE-2026-3957

A flaw has been found in xierongwkhd weimai-wetapp up to 5fe9e8225be4f73f2c5087f134aff657bdf1c6f2. This vulnerability affects the function getLikeMovieList of the file source-code/src/main/java/com/moke/wp/wxweimai/controller/HomeController.java of the component Endpoint. Executing a manipulation...

5.8CVSS0.0021EPSS
Exploits0References6
ATTACKERKB
ATTACKERKBadded 2026/03/11 9:2 p.m.3 views

CVE-2026-3957

A flaw has been found in xierongwkhd weimai-wetapp up to 5fe9e8225be4f73f2c5087f134aff657bdf1c6f2. This vulnerability affects the function getLikeMovieList of the file source-code/src/main/java/com/moke/wp/wxweimai/controller/HomeController.java of the component Endpoint. Executing a manipulation...

5.8CVSS5.7AI score0.0021EPSS
Exploits0References6
RedhatCVE
RedhatCVEadded 2026/03/10 2:8 p.m.5 views

CVE-2026-3818

A flaw has been found in Tiandy Easy7 CMS Windows 7.17.0. Impacted is an unknown function of the file /Easy7/apps/WebService/GetDBData.jsp. This manipulation of the argument strTBName causes sql injection. The attack may be initiated remotely. The exploit has been published and may be used. The...

9.8CVSS5.7AI score0.00419EPSS
Exploits0References1
RedhatCVE
RedhatCVEadded 2026/03/10 8:9 a.m.3 views

CVE-2026-3799

A flaw has been found in Tenda i3 1.0.0.62204. This impacts the function formSetCfm of the file /goform/setcfm. This manipulation of the argument funcpara1 causes stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been published and may be used...

9CVSS7.8AI score0.00632EPSS
Exploits1References1
SUSE CVE
SUSE CVEadded 2026/03/10 12:29 a.m.3 views

SUSE CVE-2026-3713

A flaw has been found in pnggroup libpng up to 1.6.55. Affected by this vulnerability is the function dopnm2png of the file contrib/pngminus/pnm2png.c of the component pnm2png. This manipulation of the argument width/height causes heap-based buffer overflow. The attack is restricted to local...

5.3CVSS6AI score0.00126EPSS
Exploits0References3
NVD
NVDadded 2026/03/09 12:16 p.m.4 views

CVE-2026-3818

A flaw has been found in Tiandy Easy7 CMS Windows 7.17.0. Impacted is an unknown function of the file /Easy7/apps/WebService/GetDBData.jsp. This manipulation of the argument strTBName causes sql injection. The attack may be initiated remotely. The exploit has been published and may be used. The...

9.8CVSS0.00419EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2026/03/09 12:2 p.m.3 views

CVE-2026-3818

A flaw has been found in Tiandy Easy7 CMS Windows 7.17.0. Impacted is an unknown function of the file /Easy7/apps/WebService/GetDBData.jsp. This manipulation of the argument strTBName causes sql injection. The attack may be initiated remotely. The exploit has been published and may be used. The...

7.5CVSS5.7AI score0.00419EPSS
Exploits0References4Affected Software1
CVE
CVEadded 2026/03/09 12:2 p.m.8 views

CVE-2026-3818

CVE-2026-3818 affects Tiandy Easy7 CMS for Windows, version 7.17.0. The vulnerability is in the file /Easy7/apps/WebService/GetDBData.jsp, where manipulating the argument strTBName enables SQL injection. Exploitation may be performed remotely, and public exploit material exists. Multiple connecte...

9.8CVSS6.9AI score0.00419EPSS
Exploits0References4Affected Software1
EUVD
EUVDadded 2026/03/09 9:30 a.m.2 views

EUVD-2026-10313

A vulnerability was found in Tenda FH1202 1.2.0.14408. This impacts the function fromP2pListFilter of the file /goform/P2pListFilter. The manipulation of the argument page results in stack-based buffer overflow. The attack can be executed remotely. The exploit has been made public and could be us...

9CVSS6.4AI score0.00667EPSS
Exploits1References6
Rows per page
Query Builder