Lucene search
+L

6551 matches found

ptsecurity
ptsecurity
added 2026/06/19 12:0 a.m.20 views

PT-2026-50995

Name of the Vulnerable Software and Affected Versions Joomla! Component vBizz version 1.0.7 Description An SQL injection allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the payid parameter. This is achieved by submitting POST requests to the...

7.1CVSS6.2AI score0.00221EPSS
Exploits0References8
nvd
nvd
added 2026/06/18 2:17 p.m.16 views

CVE-2026-9158

In Eclipse 4diac FORTE versions 3.0.0 to 3.1.0, a specially crafted DELETE connection command to the management interface can lead to a dangling pointer. This allows subsequent commands to access freed memory use-after-free...

9.8CVSS0.00304EPSS
Exploits0References1
euvd
euvd
added 2026/06/18 2:10 p.m.11 views

EUVD-2026-37896

In Eclipse 4diac FORTE versions 3.0.0 to 3.1.0, a specially crafted DELETE connection command to the management interface can lead to a dangling pointer. This allows subsequent commands to access freed memory use-after-free...

7.2CVSS5.3AI score0.00304EPSS
Exploits0References1
cvelist
cvelist
added 2026/06/18 2:10 p.m.26 views

CVE-2026-9158

In Eclipse 4diac FORTE versions 3.0.0 to 3.1.0, a specially crafted DELETE connection command to the management interface can lead to a dangling pointer. This allows subsequent commands to access freed memory use-after-free...

7.2CVSS0.00304EPSS
Exploits0References1
attackerkb
attackerkb
added 2026/06/18 2:10 p.m.10 views

CVE-2026-9158

In Eclipse 4diac FORTE versions 3.0.0 to 3.1.0, a specially crafted DELETE connection command to the management interface can lead to a dangling pointer. This allows subsequent commands to access freed memory use-after-free...

7.2CVSS5.3AI score0.00304EPSS
Exploits0References2Affected Software1
cve
cve
added 2026/06/18 2:10 p.m.30 views

CVE-2026-9158

This CVE affects Eclipse 4diac FORTE, versions 3.0.0–3.1.0. A specially crafted DELETE command to the management interface can trigger a dangling pointer, allowing subsequent commands to access freed memory (use-after-free). The issue is tied to the management interface handling of DELETE request...

9.8CVSS5.3AI score0.00304EPSS
Exploits0References1Affected Software1
osv
osv
added 2026/06/18 2:10 p.m.3 views

CVE-2026-9158

In Eclipse 4diac FORTE versions 3.0.0 to 3.1.0, a specially crafted DELETE connection command to the management interface can lead to a dangling pointer. This allows subsequent commands to access freed memory use-after-free...

7.2CVSS6AI score0.00304EPSS
Exploits0References4
ptsecurity
ptsecurity
added 2026/06/18 12:0 a.m.22 views

PT-2026-50686

Name of the Vulnerable Software and Affected Versions Eclipse 4diac FORTE versions 3.0.0 through 3.1.0 Description A specially crafted DELETE connection command sent to the management interface can cause a dangling pointer. This condition enables a use-after-free scenario, where subsequent comman...

9.8CVSS5.8AI score0.00304EPSS
Exploits0References4
nvd
nvd
added 2026/06/10 10:16 p.m.17 views

CVE-2026-0272

A privilege escalation vulnerability in Palo Alto Networks PAN-OS® software allows an authenticated administrator with access to the Command Line Interface CLI to perform actions on the device with root privileges. The security risk posed by this issue is significantly minimized when CLI access i...

8.5CVSS0.00261EPSS
Exploits0References2
redhatcve
redhatcve
added 2026/06/10 9:2 p.m.12 views

CVE-2026-6444

A flaw exists in the FlashArray Purity management interface where an authenticated low-privileged user may, under specific conditions, access functionality beyond their assigned privileges...

8.6CVSS5.4AI score0.00279EPSS
Exploits0References1
cve
cve
added 2026/06/10 9:1 p.m.27 views

CVE-2026-0272

Technical details for CVE-2026-0272 are not publicly provided in the supplied documents beyond a general description of privilege escalation in PAN-OS CLI. Monitor for updates; no specifics on vulnerable component, affected versions, or fixes are present.

8.5CVSS5.5AI score0.00261EPSS
Exploits0References2Affected Software1
cvelist
cvelist
added 2026/06/10 9:1 p.m.109 views

CVE-2026-0272 PAN-OS: Privilege Escalation (PE) Vulnerability in the Command Line Interface (CLI)

A privilege escalation vulnerability in Palo Alto Networks PAN-OS® software allows an authenticated administrator with access to the Command Line Interface CLI to perform actions on the device with root privileges. The security risk posed by this issue is significantly minimized when CLI access i...

8.5CVSS0.00261EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/06/10 9:0 p.m.11 views

CVE-2026-0416

An insufficient input validation vulnerability in certain NETGEAR router models as listed allows an authenticated administrator with local network access to submit crafted input that bypasses intended management interface restrictions, resulting in unauthorized modification of protected router...

6.8CVSS5.4AI score0.0018EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/06/09 8:59 p.m.13 views

CVE-2026-11557

A weakness has been identified in Tenda F451 1.0.0.7/1.0.0.9. The affected element is the function fromNatlimit of the file /goform/Natlimit of the component Web Management Interface. Executing a manipulation of the argument page can lead to stack-based buffer overflow. The attack can be executed...

9CVSS8.4AI score0.00476EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/06/09 8:59 p.m.12 views

CVE-2026-11556

A security flaw has been discovered in Tenda F451 1.0.0.7/1.0.0.9. Impacted is the function formWriteFacMac of the file /goform/WriteFacMac of the component Web Management Interface. Performing a manipulation of the argument mac results in os command injection. Remote exploitation of the attack i...

9CVSS7.3AI score0.01614EPSS
Exploits0References1
redhatcve
redhatcve
added 2026/06/09 8:59 p.m.12 views

CVE-2026-11524

A vulnerability has been found in Tenda W20E 15.11.0.6. Impacted is the function modifyWifiFilterRules of the file /goform/modifyWifiFilterRules of the component Web Management Interface. The manipulation of the argument wifiFilterListRemark leads to stack-based buffer overflow. The attack may be...

9CVSS8.3AI score0.00466EPSS
Exploits0References1
euvd
euvd
added 2026/06/09 6:30 p.m.11 views

EUVD-2026-35457

Authenticated administrators connected to the local network can modify router functionality beyond what is intended through the standard management interface...

6.8CVSS5.4AI score0.0018EPSS
Exploits0References3
nvd
nvd
added 2026/06/09 5:16 p.m.12 views

CVE-2026-0416

An insufficient input validation vulnerability in certain NETGEAR router models as listed allows an authenticated administrator with local network access to submit crafted input that bypasses intended management interface restrictions, resulting in unauthorized modification of protected router...

6.8CVSS0.0018EPSS
Exploits0References3
vulnrichment
vulnrichment
added 2026/06/09 3:50 p.m.9 views

CVE-2026-0416 Improper input validation in certain NETGEAR routers allows unauthorized modification of protected router functionality

An insufficient input validation vulnerability in certain NETGEAR router models as listed allows an authenticated administrator with local network access to submit crafted input that bypasses intended management interface restrictions, resulting in unauthorized modification of protected router...

6.8CVSS5.1AI score0.0018EPSS
Exploits0References3
cvelist
cvelist
added 2026/06/09 3:50 p.m.32 views

CVE-2026-0416 Improper input validation in certain NETGEAR routers allows unauthorized modification of protected router functionality

An insufficient input validation vulnerability in certain NETGEAR router models as listed allows an authenticated administrator with local network access to submit crafted input that bypasses intended management interface restrictions, resulting in unauthorized modification of protected router...

6.8CVSS0.0018EPSS
Exploits0References3
Rows per page
Query Builder