Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

9 matches found

NVD
NVDadded 2026/03/19 11:16 p.m.1 views

CVE-2026-32721

LuCI is the OpenWrt Configuration Interface. Versions prior to both 24.10.5 and 25.12.0, contain a stored XSS vulnerability in the wireless scan modal, where SSID values from scan results are rendered as raw HTML without any sanitization. The wireless.js file in the luci-mod-network package passe...

8.6CVSS0.00008EPSS
Exploits0References3
CVE
CVEadded 2026/03/19 10:46 p.m.19 views

CVE-2026-32721

LuCI (OpenWrt configuration interface) is affected by a stored XSS in the wireless scan modal within luci-mod-network. The vulnerability arises because SSIDs from scan results are rendered as raw HTML via innerHTML in wireless.js when passed to dom.append(), allowing a malicious SSID to execute a...

8.6CVSS5.8AI score0.00008EPSS
Exploits0References3Affected Software2
RedhatCVE
RedhatCVEadded 2026/01/09 9:59 a.m.10 views

CVE-2020-7248

libubox in OpenWrt before 18.06.7 and 19.x before 19.07.1 has a tagged binary data JSON serialization vulnerability that may cause a stack based buffer overflow...

7.5CVSS7.1AI score0.04568EPSS
Exploits0References1
EUVD
EUVDadded 2025/10/07 12:30 a.m.1 views

EUVD-2020-28375

Malware in sbrugna...

7.5CVSS7.5AI score0.04568EPSS
Exploits0References5
RedhatCVE
RedhatCVEadded 2025/05/23 4:30 a.m.6 views

CVE-2023-38320

An issue was discovered in OpenNDS Captive Portal before version 10.1.2. It has a showpreauthpage NULL pointer dereference that can be triggered with a crafted GET HTTP with a missing User-Agent header. Triggering this issue results in crashing OpenNDS a Denial-of-Service condition. This problem...

7.5CVSS6.7AI score0.00589EPSS
Exploits0
RedhatCVE
RedhatCVEadded 2025/05/22 10:31 a.m.3 views

CVE-2019-5101

An exploitable information leak vulnerability exists in the ustream-ssl library of OpenWrt, versions 18.06.4 and 15.05.1. When connecting to a remote server, the server's SSL certificate is checked but no action is taken when the certificate is invalid. An attacker could exploit this behavior by...

5.9CVSS6.7AI score0.00238EPSS
Exploits1References1
ATTACKERKB
ATTACKERKBadded 2022/09/19 5:15 p.m.3 views

CVE-2022-38333

Openwrt before v21.02.3 and Openwrt v22.03.0-rc6 were discovered to contain two skip loops in the function headervalue. This vulnerability allows attackers to access sensitive information via a crafted HTTP request...

7.5CVSS5.8AI score0.00675EPSS
Exploits0References7
OSV
OSVadded 2021/01/26 6:15 p.m.3 views

CVE-2019-25015

LuCI in OpenWrt 18.06.0 through 18.06.4 allows stored XSS via a crafted SSID...

5.4CVSS5.4AI score0.00343EPSS
Exploits1References2
CNNVD
CNNVDadded 2020/11/19 12:0 a.m.2 views

OpenWrt Resource Management Error Vulnerability

OpenWrt is a Linux operating system for embedded devices. A security vulnerability exists in libuci in OpenWrt versions prior to 18.06.9 and 19.x series versions prior to 19.07.5, which stems from the possibility of encountering the use of a malware package name after using free. This is related ...

10CVSS7.3AI score0.00507EPSS
Exploits0References4
Rows per page
Query Builder