Lucene search
K

25074 matches found

RedhatCVE
RedhatCVE
added 2026/03/09 8:2 a.m.6 views

CVE-2026-3699

A security flaw has been discovered in UTT HiPER 810G up to 1.7.7-171114. This impacts the function strcpy of the file /goform/formRemoteControl. The manipulation results in buffer overflow. The attack may be launched remotely. The exploit has been released to the public and may be used for attac...

9CVSS6.1AI score0.00655EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/03/09 8:2 a.m.5 views

CVE-2026-3701

A security vulnerability has been detected in H3C Magic B1 up to 100R004. Affected by this vulnerability is the function EditBasicSSID5G of the file /goform/aspForm. Such manipulation of the argument param leads to buffer overflow. The attack can be executed remotely. The exploit has been disclos...

9CVSS6.2AI score0.00687EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/03/09 7:2 a.m.4 views

CVE-2026-3808 Tenda FH1202 webtypelibrary formWebTypeLibrary stack-based overflow

A vulnerability was detected in Tenda FH1202 1.2.0.14408. The affected element is the function formWebTypeLibrary of the file /goform/webtypelibrary. Performing a manipulation of the argument webSiteId results in stack-based buffer overflow. The attack may be initiated remotely. The exploit is no...

9CVSS6.5AI score0.02551EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/03/09 6:32 a.m.4 views

CVE-2026-3807 Tenda FH1202 AdvSetWrlsafeset formWrlsafeset stack-based overflow

A security vulnerability has been detected in Tenda FH1202 1.2.0.14408. Impacted is the function formWrlsafeset of the file /goform/AdvSetWrlsafeset. Such manipulation of the argument mitssid/mitssidindex leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has...

9CVSS6.5AI score0.00644EPSS
Exploits1References6
ATTACKERKB
ATTACKERKB
added 2026/03/09 6:32 a.m.3 views

CVE-2026-3807

A security vulnerability has been detected in Tenda FH1202 1.2.0.14408. Impacted is the function formWrlsafeset of the file /goform/AdvSetWrlsafeset. Such manipulation of the argument mitssid/mitssidindex leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has...

9CVSS8AI score0.00644EPSS
Exploits1References6Affected Software1
EUVD
EUVD
added 2026/03/09 6:31 a.m.5 views

EUVD-2026-10292

A vulnerability was found in Tenda i3 1.0.0.62204. Affected by this vulnerability is the function formSetAutoPing of the file /goform/setAutoPing. Performing a manipulation of the argument ping1/ping2 results in stack-based buffer overflow. The attack is possible to be carried out remotely. The...

9CVSS8AI score0.00635EPSS
Exploits1References8
OSV
OSV
added 2026/03/09 4:16 a.m.3 views

CVE-2026-3799

A flaw has been found in Tenda i3 1.0.0.62204. This impacts the function formSetCfm of the file /goform/setcfm. This manipulation of the argument funcpara1 causes stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been published and may be used...

8.8CVSS6.2AI score0.00632EPSS
Exploits1References5
RedHat Linux
RedHat Linux
added 2026/03/09 2:13 a.m.2 views

golang: net/url: Memory exhaustion in query parameter parsing in net/url

A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted...

7.5CVSS5.8AI score0.01945EPSS
Exploits0References8
RedHat Linux
RedHat Linux
added 2026/03/09 1:52 a.m.9 views

golang: net/url: Memory exhaustion in query parameter parsing in net/url

A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted...

7.5CVSS5.8AI score0.01945EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2026/03/09 1:42 a.m.5 views

CVE-2026-3679

A vulnerability was identified in Tenda FH451 1.0.0.9. Affected by this vulnerability is the function formQuickIndex of the file /goform/QuickIndex. Such manipulation of the argument mitlinktype/PPPOEPassword leads to stack-based buffer overflow. It is possible to launch the attack remotely. The...

9CVSS8AI score0.00594EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/03/09 12:0 a.m.2 views

CVE-2025-70243

Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetWANWizard534...

6.1AI score0.00565EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/03/09 12:0 a.m.4 views

PT-2026-24068

Name of the Vulnerable Software and Affected Versions D-Link DIR-513 version 1.10 Description A stack buffer overflow condition exists in D-Link DIR-513 version 1.10. The issue is triggered by providing a crafted value to the curTime parameter within the ''/goform/formdumpeasysetup'' API endpoint...

7.5CVSS6.1AI score0.00456EPSS
Exploits1References9
CNNVD
CNNVD
added 2026/03/09 12:0 a.m.6 views

JFlow 安全漏洞

JFlow is a low-code BPM development platform open-sourced by Jinan Chicheng opencc in China. JFlow has a security vulnerability, which stems from incorrect operations on the function Calculate in the file src/main/java/bp/wf/httphandler/WFCCForm.java, potentially leading to injection attacks...

9.8CVSS6.6AI score0.00361EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2026/03/09 12:0 a.m.4 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: python-tornado (UTSA-2026-005918)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005918 advisory. Tornado is a Python web framework and asynchronous networking library. When Tornado's multipart/form- data parser encounters certain errors, it logs a warning but...

7.5CVSS6.9AI score0.00667EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/03/08 9:2 a.m.5 views

CVE-2026-3726

A vulnerability has been found in Tenda F453 1.0.0.3. This affects the function fromwebExcptypemanFilter of the file /goform/webExcptypemanFilter. The manipulation of the argument page leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to th...

9CVSS6.4AI score0.00632EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2026/03/08 8:15 a.m.3 views

CVE-2026-3720

A security flaw has been discovered in 1024-lab/lab1024 SmartAdmin up to 3.29. Impacted is an unknown function of the file smart-admin-web-javascript/src/views/business/oa/notice/components/notice-form-drawer.vue of the component Notice Module. The manipulation results in cross site scripting. Th...

5.4CVSS4AI score0.00221EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/03/08 7:56 a.m.6 views

CVE-2026-2420

The LotekMedia Popup Form plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin settings in all versions up to, and including, 1.0.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Administrator-level...

4.4CVSS5.7AI score0.00193EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/08 7:56 a.m.6 views

CVE-2025-8899

The Paid Videochat Turnkey Site – HTML5 PPV Live Webcams plugin for WordPress is vulnerable to Privilege Escalation in all versions up to, and including, 7.3.20. This is due to videowhisperregisterform function not restricting user roles that can be set during registration. This makes it possible...

8.8CVSS5.7AI score0.0037EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/08 7:2 a.m.3 views

CVE-2026-3720

A security flaw has been discovered in 1024-lab/lab1024 SmartAdmin up to 3.29. Impacted is an unknown function of the file smart-admin-web-javascript/src/views/business/oa/notice/components/notice-form-drawer.vue of the component Notice Module. The manipulation results in cross site scripting. Th...

5.1CVSS4.2AI score0.00221EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2026/03/08 7:2 a.m.36 views

CVE-2026-3720 1024-lab/lab1024 SmartAdmin Notice notice-form-drawer.vue cross site scripting

A security flaw has been discovered in 1024-lab/lab1024 SmartAdmin up to 3.29. Impacted is an unknown function of the file smart-admin-web-javascript/src/views/business/oa/notice/components/notice-form-drawer.vue of the component Notice Module. The manipulation results in cross site scripting. Th...

5.1CVSS0.00221EPSS
Exploits1References4
Rows per page
Query Builder