Lucene search
K

41223 matches found

CVE
CVE
added 2026/04/26 6:45 p.m.19 views

CVE-2026-7057

The CVE-2026-7057 affects Tenda F456 (firmware 1.0.0.5). The vulnerability is in the httpd component, specifically the /goform/setcfm handler, where manipulating the arguments funcname/funcpara1 leads to a buffer overflow. This could permit a remote attacker to exploit the flaw, and published exp...

9CVSS8.4AI score0.00632EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2026/04/26 6:30 p.m.34 views

CVE-2026-7056 Tenda F456 httpd SafeUrlFilter fromSafeUrlFilter buffer overflow

A vulnerability was detected in Tenda F456 1.0.0.5. Impacted is the function fromSafeUrlFilter of the file /goform/SafeUrlFilter of the component httpd. The manipulation of the argument page results in buffer overflow. The attack may be performed from remote. The exploit is now public and may be...

9CVSS0.00622EPSS
Exploits1References6
EUVD
EUVD
added 2026/04/26 6:30 p.m.6 views

EUVD-2026-25726

A vulnerability was detected in Tenda F456 1.0.0.5. Impacted is the function fromSafeUrlFilter of the file /goform/SafeUrlFilter of the component httpd. The manipulation of the argument page results in buffer overflow. The attack may be performed from remote. The exploit is now public and may be...

9CVSS8.6AI score0.00622EPSS
Exploits1References6
ATTACKERKB
ATTACKERKB
added 2026/04/26 6:30 p.m.5 views

CVE-2026-7056

A vulnerability was detected in Tenda F456 1.0.0.5. Impacted is the function fromSafeUrlFilter of the file /goform/SafeUrlFilter of the component httpd. The manipulation of the argument page results in buffer overflow. The attack may be performed from remote. The exploit is now public and may be...

9CVSS5.7AI score0.00622EPSS
Exploits1References6Affected Software1
CVE
CVE
added 2026/04/26 6:30 p.m.14 views

CVE-2026-7056

Affected product: Tenda F456 (firmware 1.0.0.5). Vulnerable component: httpd, function fromSafeUrlFilter in /goform/SafeUrlFilter. Issue: manipulation of the argument page leads to a buffer overflow. Exploitability: remote, with public exploit available. Impact: high-severity across confidentiali...

9CVSS8.5AI score0.00622EPSS
Exploits1References6Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/26 6:0 p.m.3 views

CVE-2026-7055 Tenda F456 httpd VirtualSer fromVirtualSer buffer overflow

A security vulnerability has been detected in Tenda F456 1.0.0.5. This issue affects the function fromVirtualSer of the file /goform/VirtualSer of the component httpd. The manipulation of the argument menufacturer/Go leads to buffer overflow. The attack is possible to be carried out remotely. The...

9CVSS8.6AI score0.0065EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/04/26 6:0 p.m.29 views

CVE-2026-7055 Tenda F456 httpd VirtualSer fromVirtualSer buffer overflow

A security vulnerability has been detected in Tenda F456 1.0.0.5. This issue affects the function fromVirtualSer of the file /goform/VirtualSer of the component httpd. The manipulation of the argument menufacturer/Go leads to buffer overflow. The attack is possible to be carried out remotely. The...

9CVSS0.0065EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/04/26 4:45 p.m.5 views

CVE-2026-7054

A weakness has been identified in Tenda F456 1.0.0.5. This vulnerability affects the function fromPptpUserAdd of the file /goform/PPTPDClient of the component httpd. Executing a manipulation of the argument opttype/usernamewith can lead to buffer overflow. The attack can be executed remotely. The...

9CVSS6AI score0.00655EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/26 4:45 p.m.4 views

CVE-2026-7054 Tenda F456 httpd PPTPDClient fromPptpUserAdd buffer overflow

A weakness has been identified in Tenda F456 1.0.0.5. This vulnerability affects the function fromPptpUserAdd of the file /goform/PPTPDClient of the component httpd. Executing a manipulation of the argument opttype/usernamewith can lead to buffer overflow. The attack can be executed remotely. The...

9CVSS8.8AI score0.00655EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/04/26 4:45 p.m.35 views

CVE-2026-7054 Tenda F456 httpd PPTPDClient fromPptpUserAdd buffer overflow

A weakness has been identified in Tenda F456 1.0.0.5. This vulnerability affects the function fromPptpUserAdd of the file /goform/PPTPDClient of the component httpd. Executing a manipulation of the argument opttype/usernamewith can lead to buffer overflow. The attack can be executed remotely. The...

9CVSS0.00655EPSS
Exploits1References5
EUVD
EUVD
added 2026/04/26 4:45 p.m.6 views

EUVD-2026-25724

A weakness has been identified in Tenda F456 1.0.0.5. This vulnerability affects the function fromPptpUserAdd of the file /goform/PPTPDClient of the component httpd. Executing a manipulation of the argument opttype/usernamewith can lead to buffer overflow. The attack can be executed remotely. The...

9CVSS6AI score0.00655EPSS
Exploits1References5
CVE
CVE
added 2026/04/26 4:45 p.m.39 views

CVE-2026-7054

CVE-2026-7054 affects Tenda F456 1.0.0.5. The vulnerability is in httpd, function fromPptpUserAdd of /goform/PPTPDClient, where manipulating the opttype/username argument causes a buffer overflow. It is exploitable remotely and a public exploit exists. Metrics indicate a high-severity impact (CVS...

9CVSS8.7AI score0.00655EPSS
Exploits1References5Affected Software1
EUVD
EUVD
added 2026/04/26 4:0 p.m.4 views

EUVD-2026-25723

A security flaw has been discovered in Tenda F456 1.0.0.5. This affects the function frmL7ProtForm of the file /goform/L7Prot of the component httpd. Performing a manipulation of the argument page results in buffer overflow. Remote exploitation of the attack is possible. The exploit has been...

9CVSS5.7AI score0.00619EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/04/26 1:45 p.m.32 views

CVE-2026-7045 baomidou dynamic-datasource StandardEvaluationContext/SpelExpressionParser DsSpelExpressionProcessor.java DsSpelExpressionProcessor#doDetermineDatasource injection

A vulnerability was determined in baomidou dynamic-datasource 2.5.0. Affected by this vulnerability is the function DsSpelExpressionProcessordoDetermineDatasource of the file dynamic-datasource-spring/src/main/java/com/baomidou/dynamic/datasource/processor/DsSpelExpressionProcessor.java of the...

6.5CVSS0.00237EPSS
Exploits0References7
CVE
CVE
added 2026/04/26 1:30 p.m.19 views

CVE-2026-7044

CVE-2026-7044 affects GreenCMS up to version 2.3. The vulnerability is in the function themeadd of /index.php?m=admin&c=custom&a=themeadd, enabling an unrestricted file upload. It can be exploited remotely, and the exploit has been made public. The entry notes that only products no longer support...

6.5CVSS6.1AI score0.00201EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/04/26 1:30 p.m.6 views

CVE-2026-7044 GreenCMS index.php themeadd unrestricted upload

A vulnerability was found in GreenCMS up to 2.3. Affected is the function themeadd of the file /index.php?m=admin&c=custom&a=themeadd. The manipulation results in unrestricted upload. The attack can be launched remotely. The exploit has been made public and could be used. This vulnerability only...

6.5CVSS6.2AI score0.00201EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/04/26 1:30 p.m.4 views

CVE-2026-7044

A vulnerability was found in GreenCMS up to 2.3. Affected is the function themeadd of the file /index.php?m=admin&c=custom&a=themeadd. The manipulation results in unrestricted upload. The attack can be launched remotely. The exploit has been made public and could be used. This vulnerability only...

6.5CVSS5.2AI score0.00201EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/04/26 1:30 p.m.34 views

CVE-2026-7044 GreenCMS index.php themeadd unrestricted upload

A vulnerability was found in GreenCMS up to 2.3. Affected is the function themeadd of the file /index.php?m=admin&c=custom&a=themeadd. The manipulation results in unrestricted upload. The attack can be launched remotely. The exploit has been made public and could be used. This vulnerability only...

6.5CVSS0.00201EPSS
Exploits0References4
EUVD
EUVD
added 2026/04/26 1:30 p.m.9 views

EUVD-2026-25721

A vulnerability was found in GreenCMS up to 2.3. Affected is the function themeadd of the file /index.php?m=admin&c=custom&a=themeadd. The manipulation results in unrestricted upload. The attack can be launched remotely. The exploit has been made public and could be used. This vulnerability only...

6.5CVSS5.2AI score0.00201EPSS
Exploits0References4
CVE
CVE
added 2026/04/26 1:15 p.m.18 views

CVE-2026-7043

Affected product/versions: GreenCMS up to 2.3. Vulnerability surface: function pluginAddLocal in /index.php?m=admin&c=custom&a=pluginadd enables unrestricted upload. Impact (as stated): unrestricted upload capability; remote initiation possible. Exploit status: exploit has been disclosed to the p...

6.5CVSS6.1AI score0.00201EPSS
Exploits0References4
Rows per page
Query Builder