CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

18797 matches found

CVE•added 2026/01/26 5:2 a.m.•9 views

CVE-2026-1420

CVE-2026-1420 affects Tenda AC23 routers (Firmware 16.03.07.52). The vulnerability is a buffer overflow in the /goform/WifiExtraSet function caused by manipulation of the wpapsk_crypto argument, enabling remote exploitation. Reports indicate the exploit has been published and may be used in the w...

9.8CVSS8.2AI score0.00054EPSS

Exploits1References6Affected Software1

OSV•added 2026/01/26 1:15 a.m.•2 views

CVE-2026-1411

A flaw has been found in Beetel 777VR1 up to 01.00.09/01.00.0955. The affected element is an unknown function of the component UART Interface. This manipulation causes improper access controls. It is feasible to perform the attack on the physical device. The complexity of an attack is rather high...

6.1CVSS4.9AI score

Exploits0References4

NVD•added 2026/01/26 1:15 a.m.•4 views

CVE-2026-1411

6.1CVSS0.00032EPSS

Exploits1References4

CVE•added 2026/01/26 12:32 a.m.•12 views

CVE-2026-1411

CVE-2026-1411 affects Beetel 777VR1 (up to 01.00.09/01.00.09_55). The issue is described as an unknown function in the UART Interface that allows improper access controls. Attacks are stated to be feasible on the physical device, with a high attack complexity and high privileges required. Exploit...

6.1CVSS5.2AI score0.00032EPSS

Exploits1References4Affected Software1

Vulnrichment•added 2026/01/26 12:32 a.m.•2 views

CVE-2026-1411 Beetel 777VR1 UART access control

6.1CVSS4.9AI score0.00032EPSS

Exploits1References4

ATTACKERKB•added 2026/01/26 12:32 a.m.•2 views

CVE-2026-1411

6.1CVSS4.9AI score0.00032EPSS

Exploits1References4Affected Software1

Cvelist•added 2026/01/26 12:32 a.m.•34 views

CVE-2026-1411 Beetel 777VR1 UART access control

6.1CVSS0.00032EPSS

Exploits1References4

EUVD•added 2026/01/26 12:32 a.m.•3 views

EUVD-2026-4685

6.1CVSS4.9AI score0.00032EPSS

Exploits1References4

Positive Technologies•added 2026/01/26 12:0 a.m.•5 views

PT-2026-4815

A flaw has been found in code-projects Online Music Site 1.0. Affected by this issue is some unknown functionality of the file /Administrator/PHP/AdminDeleteUser.php. This manipulation of the argument ID causes sql injection. The attack can be initiated remotely. The exploit has been published an...

7.5CVSS5.7AI score0.00015EPSS

Exploits1References6

Positive Technologies•added 2026/01/26 12:0 a.m.•4 views

PT-2026-4836

A flaw has been found in Hisense TransTech Smart Bus Management System up to 20260113. Affected is the function Page Load of the file YZSoft/Forms/XForm/BM/BusComManagement/TireMng.aspx. Executing a manipulation of the argument key can lead to sql injection. It is possible to launch the attack...

7.5CVSS5.7AI score0.00016EPSS

Exploits0References5

Positive Technologies•added 2026/01/26 12:0 a.m.•5 views

PT-2026-4723

Name of the Vulnerable Software and Affected Versions Tenda AC23 version 16.03.07.52 Description A buffer overflow flaw exists in the Tenda AC23 router. The issue is due to the manipulation of the wpapsk crypto argument within the /goform/WifiExtraSet file. This allows for remote exploitation. Th...

9.8CVSS7.5AI score0.00054EPSS

Exploits1References15

Positive Technologies•added 2026/01/26 12:0 a.m.•2 views

PT-2026-4681

A flaw has been found in Beetel 777VR1 up to 01.00.09/01.00.09 55. The affected element is an unknown function of the component UART Interface. This manipulation causes improper access controls. It is feasible to perform the attack on the physical device. The complexity of an attack is rather hig...

6.1CVSS5.5AI score0.00032EPSS

Exploits1References5

Snyk•added 2026/01/21 4:13 p.m.•2 views

Improper Verification of Cryptographic Signature

Overview org.webjars.npm:sm-crypto is a sm-crypto Affected versions of this package are vulnerable to Improper Verification of Cryptographic Signature in the SM2 signature verification process. An attacker can bypass signature validation by forging signatures for arbitrary public keys. Remediatio...

8.7CVSS6AI score0.00011EPSS

Exploits0References2

Snyk•added 2026/01/20 9:26 p.m.•1 views

HTTP Response Splitting

Overview Affected versions of this package are vulnerable to HTTP Response Splitting via the wsgiref.headers.Headers. An attacker can manipulate HTTP responses by injecting arbitrary headers through user-controlled input containing newline characters. Remediation A fix was pushed into the master...

6.5CVSS6AI score0.0017EPSS

Exploits0References2

RedhatCVE•added 2026/01/20 7:20 p.m.•3 views

CVE-2026-1171

A flaw has been found in birkir prime up to 0.4.0.beta.0. Impacted is an unknown function of the file /graphql of the component GraphQL Field Handler. Executing a manipulation can lead to denial of service. The attack may be launched remotely. The exploit has been published and may be used. The...

7.5CVSS5.1AI score0.00303EPSS

Exploits1References1

RedhatCVE•added 2026/01/20 5:28 a.m.•5 views

CVE-2026-1138

A flaw has been found in UTT 进取 520W 1.7.7-180627. This affects the function strcpy of the file /goform/ConfigExceptQQ. Executing a manipulation can lead to buffer overflow. The attack may be performed from remote. The exploit has been published and may be used. The vendor was contacted early abo...

9CVSS5.8AI score0.00138EPSS

Exploits1References1

Snyk•added 2026/01/20 12:48 a.m.•2 views

Release of Invalid Pointer or Reference

Overview Affected versions of this package are vulnerable to Release of Invalid Pointer or Reference via the BilateralBlurImage function. An attacker can cause application instability or crashes by providing a specially crafted image that triggers the release of an invalid pointer when memory...

9.8CVSS5.6AI score0.00087EPSS

Exploits0References2

OSV•added 2026/01/19 7:16 p.m.•2 views

CVE-2026-1171

7.5CVSS5.3AI score

Exploits0References5

NVD•added 2026/01/19 7:16 p.m.•2 views

CVE-2026-1171

7.5CVSS0.00303EPSS

Exploits1References5

EUVD•added 2026/01/19 6:32 p.m.•3 views

EUVD-2026-3198