6551 matches found
PT-2026-50995
Name of the Vulnerable Software and Affected Versions Joomla! Component vBizz version 1.0.7 Description An SQL injection allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the payid parameter. This is achieved by submitting POST requests to the...
CVE-2026-9158
In Eclipse 4diac FORTE versions 3.0.0 to 3.1.0, a specially crafted DELETE connection command to the management interface can lead to a dangling pointer. This allows subsequent commands to access freed memory use-after-free...
EUVD-2026-37896
In Eclipse 4diac FORTE versions 3.0.0 to 3.1.0, a specially crafted DELETE connection command to the management interface can lead to a dangling pointer. This allows subsequent commands to access freed memory use-after-free...
CVE-2026-9158
In Eclipse 4diac FORTE versions 3.0.0 to 3.1.0, a specially crafted DELETE connection command to the management interface can lead to a dangling pointer. This allows subsequent commands to access freed memory use-after-free...
CVE-2026-9158
In Eclipse 4diac FORTE versions 3.0.0 to 3.1.0, a specially crafted DELETE connection command to the management interface can lead to a dangling pointer. This allows subsequent commands to access freed memory use-after-free...
CVE-2026-9158
This CVE affects Eclipse 4diac FORTE, versions 3.0.0–3.1.0. A specially crafted DELETE command to the management interface can trigger a dangling pointer, allowing subsequent commands to access freed memory (use-after-free). The issue is tied to the management interface handling of DELETE request...
CVE-2026-9158
In Eclipse 4diac FORTE versions 3.0.0 to 3.1.0, a specially crafted DELETE connection command to the management interface can lead to a dangling pointer. This allows subsequent commands to access freed memory use-after-free...
PT-2026-50686
Name of the Vulnerable Software and Affected Versions Eclipse 4diac FORTE versions 3.0.0 through 3.1.0 Description A specially crafted DELETE connection command sent to the management interface can cause a dangling pointer. This condition enables a use-after-free scenario, where subsequent comman...
CVE-2026-0272
A privilege escalation vulnerability in Palo Alto Networks PAN-OS® software allows an authenticated administrator with access to the Command Line Interface CLI to perform actions on the device with root privileges. The security risk posed by this issue is significantly minimized when CLI access i...
CVE-2026-6444
A flaw exists in the FlashArray Purity management interface where an authenticated low-privileged user may, under specific conditions, access functionality beyond their assigned privileges...
CVE-2026-0272
Technical details for CVE-2026-0272 are not publicly provided in the supplied documents beyond a general description of privilege escalation in PAN-OS CLI. Monitor for updates; no specifics on vulnerable component, affected versions, or fixes are present.
CVE-2026-0272 PAN-OS: Privilege Escalation (PE) Vulnerability in the Command Line Interface (CLI)
A privilege escalation vulnerability in Palo Alto Networks PAN-OS® software allows an authenticated administrator with access to the Command Line Interface CLI to perform actions on the device with root privileges. The security risk posed by this issue is significantly minimized when CLI access i...
CVE-2026-0416
An insufficient input validation vulnerability in certain NETGEAR router models as listed allows an authenticated administrator with local network access to submit crafted input that bypasses intended management interface restrictions, resulting in unauthorized modification of protected router...
CVE-2026-11557
A weakness has been identified in Tenda F451 1.0.0.7/1.0.0.9. The affected element is the function fromNatlimit of the file /goform/Natlimit of the component Web Management Interface. Executing a manipulation of the argument page can lead to stack-based buffer overflow. The attack can be executed...
CVE-2026-11556
A security flaw has been discovered in Tenda F451 1.0.0.7/1.0.0.9. Impacted is the function formWriteFacMac of the file /goform/WriteFacMac of the component Web Management Interface. Performing a manipulation of the argument mac results in os command injection. Remote exploitation of the attack i...
CVE-2026-11524
A vulnerability has been found in Tenda W20E 15.11.0.6. Impacted is the function modifyWifiFilterRules of the file /goform/modifyWifiFilterRules of the component Web Management Interface. The manipulation of the argument wifiFilterListRemark leads to stack-based buffer overflow. The attack may be...
EUVD-2026-35457
Authenticated administrators connected to the local network can modify router functionality beyond what is intended through the standard management interface...
CVE-2026-0416
An insufficient input validation vulnerability in certain NETGEAR router models as listed allows an authenticated administrator with local network access to submit crafted input that bypasses intended management interface restrictions, resulting in unauthorized modification of protected router...
CVE-2026-0416 Improper input validation in certain NETGEAR routers allows unauthorized modification of protected router functionality
An insufficient input validation vulnerability in certain NETGEAR router models as listed allows an authenticated administrator with local network access to submit crafted input that bypasses intended management interface restrictions, resulting in unauthorized modification of protected router...
CVE-2026-0416 Improper input validation in certain NETGEAR routers allows unauthorized modification of protected router functionality
An insufficient input validation vulnerability in certain NETGEAR router models as listed allows an authenticated administrator with local network access to submit crafted input that bypasses intended management interface restrictions, resulting in unauthorized modification of protected router...