Lucene search
K

4250 matches found

ATTACKERKB
ATTACKERKB
added 4 days ago5 views

CVE-2026-13743

CubeSpace CW0057 Reaction Wheel firmware versions prior to 5.0.20 are vulnerable to an Improper Verification of Cryptographic Signature vulnerability. This could allow an attacker with physical access to the product to upload arbitrary malicious firmware to the device without authentication...

5.2CVSS5.9AI score0.00116EPSS
Exploits0References2
NVD
NVD
added 5 days ago6 views

CVE-2026-58452

JAIOTlink C492A-W6 Wi-Fi IP cameras running firmware 4.8.30.57701411 contain an OS command injection vulnerability that allows authenticated attackers to achieve remote code execution by supplying a malicious Wireless parameter to the HTTP PUT NetSDK/Factory SetMAC endpoint. Attackers can craft a...

8.8CVSS0.02422EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/06/26 7:54 p.m.6 views

CVE-2026-32833

Cudy LT300 3.0 running firmware prior to version 2.5.12 contains an OS command injection vulnerability that allows authenticated attackers to execute arbitrary commands by injecting shell metacharacters into the cbid.system.ntp.current POST parameter in the system time configuration interface...

8.8CVSS6.7AI score0.0134EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/26 7:54 p.m.6 views

EUVD-2026-39862

Cudy LT300 3.0 running firmware prior to version 2.5.12 contains an OS command injection vulnerability that allows authenticated attackers to execute arbitrary commands by injecting shell metacharacters into the cbid.system.ntp.current POST parameter in the system time configuration interface...

8.8CVSS6.7AI score0.0134EPSS
Exploits0References2
NVD
NVD
added 2026/06/23 3:16 p.m.10 views

CVE-2026-35019

NetComm NF20MESH routers running firmware R6B031 and earlier contain an authentication bypass vulnerability that allows unauthenticated attackers to gain administrative access by exploiting a hardcoded AES-256 key used to encrypt session cookies for the web management interface. Attackers can for...

9.2CVSS0.00431EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.8 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: uether: Fixed NULL pointer dereferencing in ethgetdrvinfo The commit ec35c1969650 “usb: gadget: fncm: Fixed netdevice lifecycle handling with devicemove“” re-parents the gadget device to /sys/devices/virtual during...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: igb: Fixed string truncation warnings in igbsetfwversion. Commit 1978d3ead82c “intel: fixed string truncation warnings” fixes the warning “-Wformat-truncation=” in igbmain.c by using kasprintf...

5.5CVSS6.5AI score0.00178EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/19 12:0 a.m.26 views

CVE-2026-51843

Tenda AC7 v15.03.06.44 contains a stack buffer overflow vulnerability in the /goform/AdvSetMacMtuWan interface via the wanMTU parameter...

0.00363EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.13 views

PT-2026-50967

Name of the Vulnerable Software and Affected Versions Tenda AC7 version 15.03.06.44 Description A stack buffer overflow occurs in the '/goform/AdvSetMacMtuWan' endpoint through the cloneType parameter. A stack buffer overflow is a condition where a program writes more data to a buffer located on...

9.8CVSS6.4AI score0.00363EPSS
Exploits0References5
CVE
CVE
added 2026/06/19 12:0 a.m.14 views

CVE-2026-51843

The vulnerability CVE-2026-51843 affects Tenda AC7 devices running v15.03.06.44. Description: a stack buffer overflow in the /goform/AdvSetMacMtuWan interface reachable via the wanMTU parameter. Affected component/function: the wanMTU path of the AdvSetMacMtuWan interface. Root cause: stack-based...

9.8CVSS6.2AI score0.00363EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/15 9:30 p.m.10 views

EUVD-2026-36749

An issue in Boyleep K11, y108 firmware v.2.3.0.11291 allows a physically proximate attacker to execute arbitrary code via the factory test feature...

5.8AI score0.00174EPSS
Exploits0References2
NVD
NVD
added 2026/06/15 8:16 p.m.7 views

CVE-2026-36933

An issue in Boyleep K11, y108 firmware v.2.3.0.11291 allows a physically proximate attacker to execute arbitrary code via the factory test feature...

6.8CVSS0.00174EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.14 views

PT-2026-49289

Name of the Vulnerable Software and Affected Versions Boyleep K11, y108 version 2.3.0.11291 Description A flaw in the factory test feature allows an attacker with physical proximity to the device to execute arbitrary code. Recommendations At the moment, there is no information about a newer versi...

6.8CVSS6.1AI score0.00174EPSS
Exploits0References3
CVE
CVE
added 2026/06/15 12:0 a.m.16 views

CVE-2026-36933

The CVE-2026-36933 issue affects Boyleep K11 y108 firmware v2.3.0.11291. A physically proximate attacker can execute arbitrary code via the factory test feature. The impact is described as high for confidentiality, integrity, and availability; the root cause is tied to the factory test feature, w...

6.8CVSS5.9AI score0.00174EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.9 views

PT-2026-49292

Name of the Vulnerable Software and Affected Versions Tenda 5G03 version V05.03.02.04 Version 1.0 Description Command injection is possible in the action set volume function through the volume parameter. Recommendations At the moment, there is no information about a newer version that contains a...

9.8CVSS5.9AI score0.01046EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/10 9:0 p.m.9 views

CVE-2026-0409

A NETGEAR security issue that could allow an attacker with ability to intercept and tamper with traffic between the router and the Internet to run commands on your device when the device administrator performs certain specific management actions. This issue affects NETGEAR Orbi 370 series devices...

7.5CVSS5.5AI score0.00256EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/10 3:0 a.m.10 views

CVE-2026-36816

Shenzhen Tenda Technology Co., Ltd Tenda W15E v15.11.0.10 was discovered to contain a buffer overflow in the wewifiWhiteUserInfo parameter of the formAddWewifiWhiteUser function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted HTTP request...

7.5CVSS5.9AI score0.00309EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/09 8:52 p.m.10 views

EUVD-2026-35837

UXSS in Focus for iOS / Klar Webkit navigation. This vulnerability was fixed in Focus for iOS 151.3.1 and Klar for iOS 151.3.1...

5.5AI score0.00216EPSS
Exploits0References2
NVD
NVD
added 2026/06/09 7:17 p.m.10 views

CVE-2026-36815

Shenzhen Tenda Technology Co., Ltd Tenda W15E v15.11.0.10 was discovered to contain a buffer overflow in the hostname parameter of the formSetNetCheckTools function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted HTTP request...

7.5CVSS0.00309EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/09 6:30 p.m.10 views

EUVD-2026-35450

A NETGEAR security issue that could allow an attacker with ability to intercept and tamper with traffic between the router and the Internet to run commands on your device when the device administrator performs certain specific management actions. This issue affects NETGEAR Orbi 370 series devices...

7.5CVSS5.5AI score0.00256EPSS
Exploits0References2
Rows per page
Query Builder