Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

18787 matches found

ATTACKERKB
ATTACKERKBadded 2026/01/28 10:32 p.m.1 views

CVE-2026-1548

A flaw has been found in Totolink A7000R 4.1cu.4154. This impacts the function CloudACMunualUpdateUserdata of the file /cgi-bin/cstecgi.cgi. This manipulation of the argument url causes command injection. The attack can be initiated remotely. The exploit has been published and may be used...

6.5CVSS5.7AI score0.00542EPSS
Exploits1References5Affected Software1
RedhatCVE
RedhatCVEadded 2026/01/28 3:16 a.m.2 views

CVE-2026-1449

A flaw has been found in Hisense TransTech Smart Bus Management System up to 20260113. Affected is the function PageLoad of the file YZSoft/Forms/XForm/BM/BusComManagement/TireMng.aspx. Executing a manipulation of the argument key can lead to sql injection. It is possible to launch the attack...

7.5CVSS5.7AI score0.00016EPSS
Exploits0References1
Snyk
Snykadded 2026/01/27 9:30 a.m.2 views

Arbitrary Code Injection

Overview Affected versions of this package are vulnerable to Arbitrary Code Injection via the PNGImageEncoder process. An attacker can execute arbitrary code by supplying crafted input that is improperly handled during image encoding. Remediation A fix was pushed into the master branch but not ye...

5.4CVSS6.2AI score0.00092EPSS
Exploits0References2
RedhatCVE
RedhatCVEadded 2026/01/27 3:19 a.m.3 views

CVE-2026-1411

A flaw has been found in Beetel 777VR1 up to 01.00.09/01.00.0955. The affected element is an unknown function of the component UART Interface. This manipulation causes improper access controls. It is feasible to perform the attack on the physical device. The complexity of an attack is rather high...

6.1CVSS5.5AI score0.00032EPSS
Exploits1References1
Snyk
Snykadded 2026/01/27 12:0 a.m.1 views

Out-of-bounds Write

Overview Affected versions of this package are vulnerable to Out-of-bounds Write via the gbase64encodeclose function. An attacker can cause memory corruption or application crashes by providing excessively large or untrusted input data. Remediation A fix was pushed into the master branch but not...

8.1CVSS5.9AI score0.00019EPSS
Exploits1References4
EUVD
EUVDadded 2026/01/26 11:32 p.m.2 views

EUVD-2026-4735

A flaw has been found in Hisense TransTech Smart Bus Management System up to 20260113. Affected is the function PageLoad of the file YZSoft/Forms/XForm/BM/BusComManagement/TireMng.aspx. Executing a manipulation of the argument key can lead to sql injection. It is possible to launch the attack...

7.5CVSS5.7AI score0.00016EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2026/01/26 8:2 p.m.5 views

CVE-2026-1443

A flaw has been found in code-projects Online Music Site 1.0. Affected by this issue is some unknown functionality of the file /Administrator/PHP/AdminDeleteUser.php. This manipulation of the argument ID causes sql injection. The attack can be initiated remotely. The exploit has been published an...

7.5CVSS5.7AI score0.00015EPSS
Exploits1References5Affected Software1
EUVD
EUVDadded 2026/01/26 8:2 p.m.4 views

EUVD-2026-4671

A flaw has been found in code-projects Online Music Site 1.0. Affected by this issue is some unknown functionality of the file /Administrator/PHP/AdminDeleteUser.php. This manipulation of the argument ID causes sql injection. The attack can be initiated remotely. The exploit has been published an...

7.5CVSS6.9AI score0.00015EPSS
Exploits1References5
OSV
OSVadded 2026/01/26 6:16 a.m.3 views

CVE-2026-1420

A flaw has been found in Tenda AC23 16.03.07.52. This impacts an unknown function of the file /goform/WifiExtraSet. This manipulation of the argument wpapskcrypto causes buffer overflow. Remote exploitation of the attack is possible. The exploit has been published and may be used...

9.8CVSS6.1AI score0.00054EPSS
Exploits1References6
EUVD
EUVDadded 2026/01/26 5:2 a.m.3 views

EUVD-2026-4691

A flaw has been found in Tenda AC23 16.03.07.52. This impacts an unknown function of the file /goform/WifiExtraSet. This manipulation of the argument wpapskcrypto causes buffer overflow. Remote exploitation of the attack is possible. The exploit has been published and may be used...

9CVSS5.9AI score0.00054EPSS
Exploits1References6
CVE
CVEadded 2026/01/26 5:2 a.m.9 views

CVE-2026-1420

CVE-2026-1420 affects Tenda AC23 routers (Firmware 16.03.07.52). The vulnerability is a buffer overflow in the /goform/WifiExtraSet function caused by manipulation of the wpapsk_crypto argument, enabling remote exploitation. Reports indicate the exploit has been published and may be used in the w...

9.8CVSS8.2AI score0.00054EPSS
Exploits1References6Affected Software1
OSV
OSVadded 2026/01/26 1:15 a.m.2 views

CVE-2026-1411

A flaw has been found in Beetel 777VR1 up to 01.00.09/01.00.0955. The affected element is an unknown function of the component UART Interface. This manipulation causes improper access controls. It is feasible to perform the attack on the physical device. The complexity of an attack is rather high...

6.1CVSS4.9AI score
Exploits0References4
NVD
NVDadded 2026/01/26 1:15 a.m.4 views

CVE-2026-1411

A flaw has been found in Beetel 777VR1 up to 01.00.09/01.00.0955. The affected element is an unknown function of the component UART Interface. This manipulation causes improper access controls. It is feasible to perform the attack on the physical device. The complexity of an attack is rather high...

6.1CVSS0.00032EPSS
Exploits1References4
CVE
CVEadded 2026/01/26 12:32 a.m.12 views

CVE-2026-1411

CVE-2026-1411 affects Beetel 777VR1 (up to 01.00.09/01.00.09_55). The issue is described as an unknown function in the UART Interface that allows improper access controls. Attacks are stated to be feasible on the physical device, with a high attack complexity and high privileges required. Exploit...

6.1CVSS5.2AI score0.00032EPSS
Exploits1References4Affected Software1
Vulnrichment
Vulnrichmentadded 2026/01/26 12:32 a.m.2 views

CVE-2026-1411 Beetel 777VR1 UART access control

A flaw has been found in Beetel 777VR1 up to 01.00.09/01.00.0955. The affected element is an unknown function of the component UART Interface. This manipulation causes improper access controls. It is feasible to perform the attack on the physical device. The complexity of an attack is rather high...

6.1CVSS4.9AI score0.00032EPSS
Exploits1References4
ATTACKERKB
ATTACKERKBadded 2026/01/26 12:32 a.m.2 views

CVE-2026-1411

A flaw has been found in Beetel 777VR1 up to 01.00.09/01.00.0955. The affected element is an unknown function of the component UART Interface. This manipulation causes improper access controls. It is feasible to perform the attack on the physical device. The complexity of an attack is rather high...

6.1CVSS4.9AI score0.00032EPSS
Exploits1References4Affected Software1
Cvelist
Cvelistadded 2026/01/26 12:32 a.m.34 views

CVE-2026-1411 Beetel 777VR1 UART access control

A flaw has been found in Beetel 777VR1 up to 01.00.09/01.00.0955. The affected element is an unknown function of the component UART Interface. This manipulation causes improper access controls. It is feasible to perform the attack on the physical device. The complexity of an attack is rather high...

6.1CVSS0.00032EPSS
Exploits1References4
EUVD
EUVDadded 2026/01/26 12:32 a.m.3 views

EUVD-2026-4685

A flaw has been found in Beetel 777VR1 up to 01.00.09/01.00.0955. The affected element is an unknown function of the component UART Interface. This manipulation causes improper access controls. It is feasible to perform the attack on the physical device. The complexity of an attack is rather high...

6.1CVSS4.9AI score0.00032EPSS
Exploits1References4
Positive Technologies
Positive Technologiesadded 2026/01/26 12:0 a.m.5 views

PT-2026-4815

A flaw has been found in code-projects Online Music Site 1.0. Affected by this issue is some unknown functionality of the file /Administrator/PHP/AdminDeleteUser.php. This manipulation of the argument ID causes sql injection. The attack can be initiated remotely. The exploit has been published an...

7.5CVSS5.7AI score0.00015EPSS
Exploits1References6
Positive Technologies
Positive Technologiesadded 2026/01/26 12:0 a.m.4 views

PT-2026-4836

A flaw has been found in Hisense TransTech Smart Bus Management System up to 20260113. Affected is the function Page Load of the file YZSoft/Forms/XForm/BM/BusComManagement/TireMng.aspx. Executing a manipulation of the argument key can lead to sql injection. It is possible to launch the attack...

7.5CVSS5.7AI score0.00016EPSS
Exploits0References5
Rows per page
Query Builder