1436 matches found
TP-Link Archer A20 v3 Router - Cross-site Scripting
The TP-Link Archer A20 v3 router is vulnerable to Cross-site Scripting XSS due to improper handling of directory listing paths in the web interface. When a specially crafted URL is visited, the router's web page renders the directory listing and executes arbitrary JavaScript embedded in the URL...
EUVD-2026-40407
A UI misrepresentation vulnerability was identified in GitHub Enterprise Server that allowed an OAuth application to gain unintended access to an organization's runner management. An attacker could exploit this by creating an OAuth application requesting the managerunners:org scope and directing ...
CVE-2026-27956
Affected product: Coolify (open-source self-hostable tool). Vulnerability: Cross-team domain enumeration via the endpoint GET /api/v1/servers/{server_uuid}/domains?uuid={app_uuid} allows any authenticated API user to enumerate FQDNs of applications belonging to other teams. Root cause (as stated)...
CVE-2026-54888 Uncontrolled recursion over deeply nested Markdown crashes the BEAM in mdex
Uncontrolled Recursion vulnerability in leandrocp mdex allows denial of service via deeply nested Markdown input. mdex converts between an Elixir %MDEx.Document struct and Comrak's internal AST using two mutually recursive Rust functions, exdocumenttocomrakast and comrakasttoexdocument, in the NI...
Astra Linux – Vulnerabilities in Linux, Linux-5.10, Linux-5.15, Linux-6.1
A issue was discovered in the Linux kernel before version 6.6.8. The dovccioctl function in net/atm/ioctl.c has a use-after-free issue due to a race condition involving vccrecvmsg...
Siemens RUGGEDCOM RST2428P User Interface (UI) Misrepresentation of Critical Information (CVE-2025-46394)
In tar in BusyBox through 1.37.0, a TAR archive can have filenames hidden from a listing through the use of terminal escape sequences. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for more information. %NASLMINLEVEL 80900 C Tenable, Inc...
CVE-2026-45550
Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, PUT /smon/check app/routes/smon/routes.py:117-138 gates only on roxywicommon.checkusergroupforflask — which validates that the caller has some group, not that the target checkid...
EUVD-2026-34996
A security flaw has been discovered in songquanpeng one-api up to 0.6.11-preview.7. Affected by this issue is the function Redeem of the file model/redemption.go of the component Redemption Code Top-Up Endpoint. The manipulation results in business logic errors. The attack may be launched remotel...
D-Link DGS-1100-08PD 安全漏洞
The D-Link DGS-1100-08PD is an 8-port Gigabit intelligent management switch from D-Link Corporation. Version 1.00.006 of the D-Link DGS-1100-08PD contains a security vulnerability. This vulnerability stems from improper handling of the /etc/boa.conf file within the Web Interface component, which...
CVE-2026-25624
An administrative cross-site scripting XSS vulnerability exists in the web user interface dashboard layout of Arista Edge Threat Management - Arista Next Generation Firewall NGFW. Unvalidated user-supplied variables are echoed back to administrative profiles, facilitating vector payload processin...
CVE-2026-25623 Arista Edge Threat Management NGFW UI Arbitrary Command Execution
An input validation command execution vulnerability exists in the browser management pipeline of Arista Edge Threat Management - Arista Next Generation Firewall NGFW. Authenticated administrators can leverage this exposure to obtain underlying terminal script code processing execution permissions...
CVE-2026-7156
A vulnerability was detected in Totolink A8000RU 7.1cu.643b20200521. Affected is the function CsteSystem of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument HTTP results in os command injection. The attack may be launched remotely. The exploit is now...
CVE-2026-23819
A vulnerability in the web-based management interface of Access Points running AOS-10 and AOS-8 Instant could allow an unauthenticated remote attacker to execute arbitrary JavaScript code in a victim's browser within the same local network. Successful exploitation could allow an attacker to...
CVE-2026-44633
Live Helper Chat is an open-source application that enables live support websites. In 4.84v, the Live Helper Chat REST API chat update endpoint allows a REST user with lhchat/use to update a chat in a department they cannot read. The endpoint accepts arbitrary chat object fields, so the user can...
Shibby Tomato 操作系统命令注入漏洞
Shibby Tomato is a third-party router firmware developed by Shibby’s individual developers. Version 1.28.0000 of Shibby Tomato contains a vulnerability related to operating system command injection. This vulnerability stems from the startvpnserver function in the /sbin/rc file within the Web UI...
Improper Validation of Certificate with Host Mismatch
Overview org.apache.directory.api:api-ldap-client-api is a LDAP Client API. Affected versions of this package are vulnerable to Improper Validation of Certificate with Host Mismatch in the TLS server identity verification. An attacker can intercept and impersonate the server by presenting a...
EUVD-2025-209999
Nozomi Networks Labs identified a CWE-78: Improper Neutralization of Special Elements used in an OS Command 'OS Command Injection' in the Administration WebUI in Waterfall WF-500 RX Host in version 7.9.1.0 R2502171040 that allows remote authenticated attackers to execute arbitrary operating syste...
ASUS System Control Interface 安全漏洞
ASUS System Control Interface is a computer system control interface developed by ASUS, a Chinese company. There is a security vulnerability in the ASUS System Control Interface, which stems from improper allocation of permissions for critical resources. This vulnerability could allow local users...
free5GC 安全漏洞
free5GC is an open-source project for the 5th generation 5G mobile core network. Versions of free5GC prior to 4.2.2 contained security vulnerabilities. These vulnerabilities stemmed from the lack of inbound OAuth2/Bearer-token authorization when the NEF module mounted the 3gpp-traffic-influence...
Kwetsbaarheid verholpen in Cisco Secure Workload
Cisco has identified a vulnerability in Cisco Secure Workload. This vulnerability resides within the internal REST APIs of Cisco Secure Workload. Unauthorized malicious actors with access to the internal infrastructure can obtain Site Admin privileges through inadequate validation and...