CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

263 matches found

UBUNTU-CVE-2026-46306

In the Linux kernel, the following vulnerability has been resolved: flowdissector: do not dissect PPPoE PFC frames RFC 2516 Section 7 states that Protocol Field Compression PFC is NOT RECOMMENDED for PPPoE. In practice, pppd does not support negotiating PFC for PPPoE sessions, and the flow...

5.3AI score0.00024EPSS

Exploits0References11

Cvelist•added 4 days ago•34 views

CVE-2026-46306 flow_dissector: do not dissect PPPoE PFC frames

0.00024EPSS

Exploits0References8

ATTACKERKB•added 4 days ago•3 views

CVE-2026-46306

5.3AI score0.00024EPSS

Exploits0References9Affected Software1

EUVD•added 4 days ago•5 views

EUVD-2026-35171

5.4AI score0.00024EPSS

Exploits0References8

Positive Technologies•added 4 days ago•6 views

PT-2026-47377

In the Linux kernel, the following vulnerability has been resolved: flow dissector: do not dissect PPPoE PFC frames RFC 2516 Section 7 states that Protocol Field Compression PFC is NOT RECOMMENDED for PPPoE. In practice, pppd does not support negotiating PFC for PPPoE sessions, and the flow...

5.4AI score0.00024EPSS

Exploits0References9

RedhatCVE•added last week•6 views

CVE-2026-9512

A security flaw has been discovered in Totolink CA750-PoE 6.2c.510. This vulnerability affects the function setPasswordCfg of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. Performing a manipulation of the argument admuser/admpass results in os command injection. The attack can b...

6.5CVSS6.3AI score0.04841EPSS

Exploits0References1

RedhatCVE•added last week•8 views

CVE-2026-9532

A security vulnerability has been detected in Totolink CA750-PoE 6.2c.510. The affected element is the function setUploadUserData of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. Such manipulation of the argument FileName leads to os command injection. The attack may be performe...

6.5CVSS6.2AI score0.04841EPSS

Exploits0References1

RedhatCVE•added 2026/05/28 8:13 p.m.•8 views

CVE-2026-9531

A weakness has been identified in Totolink CA750-PoE 6.2c.510. Impacted is the function setUpgradeUboot of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. This manipulation of the argument FileName causes os command injection. The attack is possible to be carried out remotely. The...

6.5CVSS6.4AI score0.04841EPSS

Exploits0References1

ATTACKERKB•added 2026/05/27 12:56 p.m.•5 views

CVE-2026-46043

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Validate pad and ICRC before payloadsize in rxercv rxercv currently checks only that the incoming packet is at least headersizepkt bytes long before payloadsize is used. However, payloadsize subtracts both the...

9.1CVSS5.7AI score0.0007EPSS

Exploits0References9Affected Software1

NVD•added 2026/05/26 7:16 a.m.•6 views

CVE-2026-9534

A flaw has been found in Totolink CA750-PoE 6.2c.510. This affects the function setWiFiWpsConfig of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. Executing a manipulation of the argument PIN can lead to os command injection. It is possible to launch the attack remotely. The...

6.5CVSS0.04841EPSS

Exploits0References5

NVD•added 2026/05/26 7:16 a.m.•7 views

CVE-2026-9532

6.5CVSS0.04841EPSS

Exploits0References5

ATTACKERKB•added 2026/05/26 5:15 a.m.•9 views

CVE-2026-9533

A vulnerability was detected in Totolink CA750-PoE 6.2c.510. The impacted element is the function recvUpgradeNewFw of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. Performing a manipulation of the argument fwUrl/magicid results in os command injection. It is possible to initiate...

6.5CVSS6.5AI score0.04841EPSS

Exploits0References5Affected Software1

CVE•added 2026/05/26 5:15 a.m.•10 views

CVE-2026-9533

Technical details about CVE-2026-9533 are not publicly provided in the supplied documents; no affected firmware versions, root cause specifics, or mitigations are listed here. Monitor for updates.

6.5CVSS6.5AI score0.04841EPSS

Exploits0References5

Cvelist•added 2026/05/26 5:0 a.m.•32 views

CVE-2026-9532 Totolink CA750-PoE Setting cstecgi.cgi setUploadUserData os command injection

6.5CVSS0.04841EPSS

Exploits0References5

Vulnrichment•added 2026/05/26 4:45 a.m.•6 views

CVE-2026-9531 Totolink CA750-PoE Setting cstecgi.cgi setUpgradeUboot os command injection

6.5CVSS6.4AI score0.04841EPSS

Exploits0References5

ATTACKERKB•added 2026/05/26 4:45 a.m.•6 views

CVE-2026-9531

6.5CVSS6.4AI score0.04841EPSS

Exploits0References5Affected Software1

CNNVD•added 2026/05/26 12:0 a.m.•7 views

TOTOLINK CA750-PoE 操作系统命令注入漏洞

TOTOLINK CA750-PoE is a wireless network access device produced by TOTOLINK Corporation. Version 6.2c.510 of TOTOLINK CA750-PoE contains a vulnerability related to operating system command injection. This vulnerability arises from improper handling of theFileName parameter in the setUpgradeUboot...

6.5CVSS6.6AI score0.04841EPSS

Exploits0References6

CNNVD•added 2026/05/26 12:0 a.m.•6 views

TOTOLINK CA750-PoE 操作系统命令注入漏洞

6.5CVSS6.6AI score0.04841EPSS

Exploits0References5

Positive Technologies•added 2026/05/26 12:0 a.m.•7 views

PT-2026-43192

6.5CVSS6.3AI score0.04841EPSS

Exploits0References5

NVD•added 2026/05/25 11:16 p.m.•10 views

CVE-2026-9513

A weakness has been identified in Totolink CA750-PoE 6.2c.510. This issue affects the function NTPSyncWithHost of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. Executing a manipulation of the argument hosttime can lead to os command injection. The attack can be launched remotely...

6.5CVSS0.04841EPSS

Exploits0References5

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by