CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3632 matches found

Vulnrichment•added 2025/08/06 12:0 a.m.•4 views

CVE-2025-51054

Vedo Suite 2024.17 is vulnerable to Incorrect Access Control, which allows remote attackers to obtain a valid high privilege JWT token without prior authentication via sending an empty HTTP POST request to the /autologin/ API endpoint...

6.8AI score0.00406EPSS

Exploits2References2

Tenable Nessus•added 2025/08/04 12:0 a.m.•5 views

Amazon Linux 2023 : libmicrohttpd, libmicrohttpd-devel (ALAS2023-2025-1133)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2025-1133 advisory. GNU libmicrohttpd before 0.9.76 allows remote DoS Denial of Service due to improper parsing of a multipart/form-data boundary in the postprocessor.c MHDcreatepostprocessor method. This allows an attack...

5.9CVSS6.7AI score0.01243EPSS

Exploits1References4

RedhatCVE•added 2025/08/02 8:23 p.m.•4 views

CVE-2014-125122

A stack-based buffer overflow vulnerability exists in the tmUnblock.cgi endpoint of the Linksys WRT120N wireless router. The vulnerability is triggered by sending a specially crafted HTTP POST request with an overly long TMBlockURL parameter to the endpoint. By exploiting this flaw, an...

5.3CVSS7.2AI score0.00727EPSS

Exploits0References1

RedhatCVE•added 2025/08/02 8:22 p.m.•8 views

CVE-2013-10037

An OS command injection vulnerability exists in WebTester version 5.x via the install2.php installation script. The parameters cpusername, cppassword, and cpdomain are passed directly to shell commands without sanitization. A remote unauthenticated attacker can exploit this flaw by sending a...

9.3CVSS7.5AI score0.09857EPSS

Exploits0References1

NVD•added 2025/07/31 3:15 p.m.•11 views

CVE-2014-125122

5.3CVSS0.00727EPSS

Exploits0References4

Cvelist•added 2025/07/31 3:1 p.m.•11 views

CVE-2013-10037 WebTester 5.x install2.php Unauthenticated Command Execution

9.3CVSS0.09857EPSS

Exploits0References5

RedhatCVE•added 2025/07/29 11:59 p.m.•4 views

CVE-2025-8246

A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105. It has been rated as critical. Affected by this issue is some unknown functionality of the file /boafrm/formRoute of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The...

9CVSS7.4AI score0.00727EPSS

Exploits1References1

RedhatCVE•added 2025/07/29 10:58 p.m.•4 views

CVE-2025-8245

A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /boafrm/formMultiAPVLAN of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer...

9CVSS7.4AI score0.00937EPSS

Exploits1References1

RedhatCVE•added 2025/07/29 9:54 p.m.•13 views

CVE-2025-8243

A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105 and classified as critical. This issue affects some unknown processing of the file /boafrm/formMapDel of the component HTTP POST Request Handler. The manipulation of the argument devicemac1 leads to buffer overflow. The attack may be...

9CVSS7.4AI score0.00962EPSS

Exploits1References1

RedhatCVE•added 2025/07/29 9:54 p.m.•15 views

CVE-2025-8242

A vulnerability has been found in TOTOLINK X15 1.0.0-B20230714.1105 and classified as critical. This vulnerability affects unknown code of the file /boafrm/formFilter of the component HTTP POST Request Handler. The manipulation of the argument ip6addr/url/vpnPassword/vpnUser leads to buffer...

9CVSS7.6AI score0.01EPSS

Exploits1References1

RedhatCVE•added 2025/07/29 10:34 a.m.•18 views

CVE-2025-8219

A vulnerability was found in Shanghai Lingdang Information Technology Lingdang CRM up to 8.6.4.7. It has been rated as critical. This issue affects some unknown processing of the file /crm/crmapi/erp/tabdetailmoduleSavedxkp.php of the component HTTP POST Request Handler. The manipulation of the...

9.8CVSS7.1AI score0.0036EPSS

Exploits0References1

NVD•added 2025/07/27 11:15 p.m.•6 views

CVE-2025-8246

9CVSS0.00727EPSS

Exploits1References5

NVD•added 2025/07/27 11:15 p.m.•4 views

CVE-2025-8245

9CVSS0.00937EPSS

Exploits1References5

CVE•added 2025/07/27 11:2 p.m.•19 views

CVE-2025-8246

The CVE-2025-8246 entry applies to TOTOLINK X15 firmware version 1.0.0-B20230714.1105. The issue exists in the HTTP POST Request Handler, specifically the /boafrm/formRoute file, where improper handling of the submit-url parameter leads to a buffer overflow. This can be triggered remotely and has...

9CVSS7.3AI score0.00727EPSS

Exploits1References5Affected Software1

Vulnrichment•added 2025/07/27 11:2 p.m.•3 views

CVE-2025-8246 TOTOLINK X15 HTTP POST Request formRoute buffer overflow

9CVSS8.9AI score0.00727EPSS

Exploits1References5

Cvelist•added 2025/07/27 10:32 p.m.•10 views

CVE-2025-8245 TOTOLINK X15 HTTP POST Request formMultiAPVLAN buffer overflow

9CVSS0.00937EPSS

Exploits1References5

CVE•added 2025/07/27 10:32 p.m.•17 views

CVE-2025-8245

The CVE-2025-8245 affects TOTOLINK X15 router (version 1.0.0-B20230714.1105) and targets the boa server’s HTTP POST handler. The vulnerability is a buffer overflow in processing the submit-url parameter of the /boafrm/formMultiAPVLAN file, allowing a remote attacker to trigger overflow and cause ...

9CVSS7.3AI score0.00937EPSS

Exploits1References5Affected Software1

NVD•added 2025/07/27 10:15 p.m.•4 views

CVE-2025-8244

A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105. It has been classified as critical. Affected is an unknown function of the file /boafrm/formMapDelDevice of the component HTTP POST Request Handler. The manipulation of the argument macstr leads to buffer overflow. It is possible to...

9.8CVSS0.01059EPSS

Exploits1References5