Lucene search
K

1440 matches found

Cvelist
Cvelist
added 2026/01/23 2:58 a.m.32 views

CVE-2026-0784 ALGO 8180 IP Audio Alerter Web UI Command Injection Remote Code Execution Vulnerability

ALGO 8180 IP Audio Alerter Web UI Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ALGO 8180 IP Audio Alerter devices. Authentication is required to exploit this vulnerability. The specific fla...

7.2CVSS0.0148EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/22 12:0 a.m.9 views

TOTOLINK NR1800X 命令注入漏洞

TOTOLINK NR1800X is an outstanding 5G NR indoor Wi-Fi and SIP CPE from China's TOTOLINK. designed to provide fast and easy deployment of NR fixed data services in homes and offices. The TOTOLINK NR1800X suffers from a command injection vulnerability, which stems from a misuse of the parameter...

8.8CVSS6.8AI score0.02646EPSS
Exploits1References5
CVE
CVE
added 2026/01/21 8:51 p.m.14 views

CVE-2026-22598

ManageIQ API before version radjabov-2 is vulnerable to a Denial of Service caused by creating a malformed TimeProfile, which leads to timeout of later UI and API requests. The issue is mitigated in version radjabov-2, which includes a patch; manual patches are also mentioned as an option. The av...

7.1CVSS5.4AI score0.00339EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/01/21 4:26 p.m.20 views

CVE-2026-20109 Cisco Packaged Contact Center Enterprise and Cisco Unified Contact Center Enterprise Cross-Site Scripting Vulnerability

Multiple vulnerabilities in the web-based management interface of Cisco Packaged Contact Center Enterprise Packaged CCE and Cisco Unified Contact Center Enterprise Unified CCE could allow an authenticated, remote attacker to conduct a cross-site scripting XSS attack against a user of the web-base...

4.8CVSS0.00173EPSS
Exploits0References1
CVE
CVE
added 2026/01/21 4:26 p.m.21 views

CVE-2026-20055

Cisco CVE-2026-20055 affects the web-based management interfaces of Packaged CCE and Unified CCE. The issue is cross-site scripting (XSS) due to insufficient input validation in the interface pages. An authenticated attacker with administrative credentials could inject script code and potentially...

4.8CVSS5.8AI score0.00173EPSS
Exploits0References1
NVD
NVD
added 2026/01/19 11:15 a.m.7 views

CVE-2026-1150

A security flaw has been discovered in Totolink LR350 9.3.5u.6369B20220309. Impacted is the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument command results in command injection. The attack can be launched remotely...

8.8CVSS0.0235EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/01/17 12:0 a.m.10 views

PT-2026-5425

Name of the Vulnerable Software and Affected Versions Tenda HG10 US HG7 HG9 HG10re 300001138 en xpon affected versions not specified Description A flaw exists in the Login Interface component of the software, specifically within the checkUserFromLanOrWan function located in the...

7.5CVSS7.2AI score0.02537EPSS
Exploits1References11
NVD
NVD
added 2026/01/15 5:16 p.m.8 views

CVE-2026-20047

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE and Cisco ISE Passive Identity Connector ISE-PIC could allow an authenticated, remote attacker to conduct cross-site scripting XSS attacks against a user of the interface. This vulnerability is due to...

4.8CVSS0.00238EPSS
Exploits0References1
CVE
CVE
added 2026/01/15 4:32 p.m.18 views

CVE-2026-20075

CVE-2026-20075 affects Cisco EPNM and Cisco Prime Infrastructure web-based management interfaces. The root cause is improper validation of user input, enabling a stored cross-site scripting (XSS) vulnerability in data fields. An authenticated, remote attacker with valid admin credentials could in...

4.8CVSS5.8AI score0.00221EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/01/15 4:32 p.m.6 views

CVE-2026-20076 Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied inpu...

4.8CVSS5.7AI score0.00238EPSS
Exploits0References1
Cisco
Cisco
added 2026/01/15 4:0 p.m.11 views

Cisco Identity Services Engine Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the interface. This vulnerability is due to insufficient validation of user-supplied inpu...

4.8CVSS6.1AI score0.00238EPSS
Exploits0References1
Cisco
Cisco
added 2026/01/15 4:0 p.m.9 views

Cisco Evolved Programmable Network Manager and Cisco Prime Infrastructure Stored Cross-Site Scripting Vulnerability

A vulnerability in the web-based management interface of Cisco Evolved Programmable Network Manager EPNM and Cisco Prime Infrastructure could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against users of the interface of an affected system. This...

4.8CVSS6.2AI score0.00221EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/15 12:0 a.m.22 views

CVE-2025-65349

A Stored Cross-Site Scripting XSS vulnerability in Web management interface in Each Italy Wireless Mini Router WIRELESS-N 300M v28K.MiniRouter.20190211 allows attackers to execute arbitrary scripts via a crafted payload due to unsanitized repeater AP SSID value when is displayed in any page at...

0.0023EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.5 views

Cisco Identity Services Engine (cisco-sa-ise-xss-9TDh2kx)

According to its self-reported version, Cisco ISE is affected by a vulnerability. - A vulnerability in the web-based management interface of Cisco Identity Services Engine ISE could allow an authenticated, remote attacker to conduct a stored cross-site scripting XSS attack against a user of the...

4.8CVSS6AI score0.00238EPSS
Exploits0References3
NVD
NVD
added 2026/01/14 5:16 p.m.14 views

CVE-2025-37183

Vulnerabilities in the web-based management interface of EdgeConnect SD-WAN Orchestrator could allow an authenticated remote attacker to perform SQL injection attacks. Successful exploitation could allow an attacker to execute arbitrary SQL commands on the underlying database, potentially leading...

7.2CVSS0.00404EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/01/13 12:0 a.m.5 views

Hubert Hub 安全漏洞

Hubert Hub is a digital management platform from Hubert Brazil. A security vulnerability exists in Hubert Hub v2.0 version 1.27.3, which stems from insecure permissions and could lead to an authenticated, low-privileged attacker requesting access to other user information via a specially crafted...

6.5CVSS5.8AI score0.00306EPSS
Exploits1References4
CNNVD
CNNVD
added 2026/01/13 12:0 a.m.6 views

HPE AOS 安全漏洞

HPE AOS is an operating system from HPE, USA. A security vulnerability exists in HPE AOS 8 that stems from a command injection vulnerability in the web-based management interface that could lead to the execution of arbitrary commands...

7.2CVSS6AI score0.01122EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/09 12:32 p.m.8 views

CVE-2023-4332

Broadcom RAID Controller web interface is vulnerable due to Improper permissions on the log file...

7.5CVSS6.8AI score0.00496EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:32 p.m.8 views

CVE-2023-4325

Broadcom RAID Controller web interface is vulnerable due to usage of Libcurl with LSA has known vulnerabilities...

9.8CVSS6.9AI score0.00588EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:31 p.m.4 views

CVE-2023-4324

Broadcom RAID Controller web interface is vulnerable due to insecure defaults of lacking HTTP Content-Security-Policy headers...

9.8CVSS6.9AI score0.00588EPSS
Exploits0References1
Rows per page
Query Builder