Lucene search
K

41187 matches found

Cvelist
Cvelist
added 2026/04/06 9:45 p.m.17 views

CVE-2026-5686 Tenda CX12L RouteStatic fromRouteStatic stack-based overflow

A security flaw has been discovered in Tenda CX12L 16.03.53.12. This vulnerability affects the function fromRouteStatic of the file /goform/RouteStatic. The manipulation of the argument page results in stack-based buffer overflow. The attack can be launched remotely. The exploit has been released...

9CVSS0.00669EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/04/06 9:45 p.m.2 views

CVE-2026-5686 Tenda CX12L RouteStatic fromRouteStatic stack-based overflow

A security flaw has been discovered in Tenda CX12L 16.03.53.12. This vulnerability affects the function fromRouteStatic of the file /goform/RouteStatic. The manipulation of the argument page results in stack-based buffer overflow. The attack can be launched remotely. The exploit has been released...

9CVSS6.4AI score0.00669EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/04/06 9:45 p.m.2 views

CVE-2026-5686

A security flaw has been discovered in Tenda CX12L 16.03.53.12. This vulnerability affects the function fromRouteStatic of the file /goform/RouteStatic. The manipulation of the argument page results in stack-based buffer overflow. The attack can be launched remotely. The exploit has been released...

9CVSS7.8AI score0.00669EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2026/04/06 9:45 p.m.10 views

CVE-2026-5686

Summary: CVE-2026-5686 affects Tenda CX12L 16.03.53.12. The vulnerability targets the function fromRouteStatic in the file /goform/RouteStatic, where manipulating the argument page causes a stack-based buffer overflow. Exploitation can be performed remotely, and a public exploit has been released...

9CVSS7.8AI score0.00669EPSS
Exploits1References5Affected Software1
EUVD
EUVD
added 2026/04/06 9:31 p.m.10 views

EUVD-2026-19466

A flaw has been found in itsourcecode sanitize or validate this input 1.0. This impacts an unknown function of the file /borrowedequip.php of the component Parameter Handler. This manipulation of the argument empid causes sql injection. The attack is possible to be carried out remotely. The explo...

6.5CVSS6.4AI score0.00192EPSS
Exploits0References6
EUVD
EUVD
added 2026/04/06 9:31 p.m.9 views

EUVD-2026-19462

A weakness has been identified in Totolink A7100RU 7.4cu.2313b20191024. The affected element is the function setScheduleCfg of the file /cgi-bin/cstecgi.cgi. Executing a manipulation of the argument mode can lead to os command injection. The attack may be launched remotely. The exploit has been...

7.5CVSS6.8AI score0.0114EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/04/06 9:30 p.m.2 views

CVE-2026-5685 Tenda CX12L addressNat fromAddressNat stack-based overflow

A vulnerability was identified in Tenda CX12L 16.03.53.12. This affects the function fromAddressNat of the file /goform/addressNat. The manipulation of the argument page leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit is publicly available and might be used...

9CVSS6.4AI score0.00694EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/04/06 9:30 p.m.6 views

CVE-2026-5685

A vulnerability was identified in Tenda CX12L 16.03.53.12. This affects the function fromAddressNat of the file /goform/addressNat. The manipulation of the argument page leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit is publicly available and might be used...

9CVSS7.9AI score0.00694EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/06 7:45 p.m.3 views

CVE-2026-5682 Meesho Online Shopping App com.meesho.supply endpoint risky encryption

A vulnerability has been found in Meesho Online Shopping App up to 27.3 on Android. Affected is an unknown function of the file /api/endpoint of the component com.meesho.supply. Such manipulation leads to risky cryptographic algorithm. The attack may be performed from remote. The attack requires ...

6.3CVSS5.1AI score0.00188EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/04/06 7:45 p.m.3 views

CVE-2026-5682

A vulnerability has been found in Meesho Online Shopping App up to 27.3 on Android. Affected is an unknown function of the file /api/endpoint of the component com.meesho.supply. Such manipulation leads to risky cryptographic algorithm. The attack may be performed from remote. The attack requires ...

6.3CVSS5.1AI score0.00188EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/06 7:15 p.m.1 views

CVE-2026-5681 itsourcecode sanitize or validate this input Parameter borrowedequip.php sql injection

A flaw has been found in itsourcecode sanitize or validate this input 1.0. This impacts an unknown function of the file /borrowedequip.php of the component Parameter Handler. This manipulation of the argument empid causes sql injection. The attack is possible to be carried out remotely. The explo...

6.5CVSS5.7AI score0.00192EPSS
Exploits0References5
CVE
CVE
added 2026/04/06 7:15 p.m.11 views

CVE-2026-5681

CVE-2026-5681 affects the itsourcecode component’s Parameter Handler, specifically the /borrowedequip.php file where the emp_id input is not properly sanitized/validated, enabling a remote SQL injection. Exploits have been published and may be used. CVSS data indicates MEDIUM severity (CVSS 4.0 b...

6.5CVSS6.4AI score0.00192EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/04/06 6:57 p.m.4 views

ImageMagick: ImageMagick: Denial of Service via uninitialized pointer dereference in JBIG decoder

A flaw was found in ImageMagick. This vulnerability, an uninitialized pointer dereference, exists in the JBIG decoder due to a missing check. A remote attacker could exploit this by providing a specially crafted image file, leading to a denial of service. This could make the ImageMagick applicati...

7.5CVSS5.9AI score0.00353EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/04/06 6:45 p.m.3 views

CVE-2026-5678 Totolink A7100RU cstecgi.cgi setScheduleCfg os command injection

A weakness has been identified in Totolink A7100RU 7.4cu.2313b20191024. The affected element is the function setScheduleCfg of the file /cgi-bin/cstecgi.cgi. Executing a manipulation of the argument mode can lead to os command injection. The attack may be launched remotely. The exploit has been...

7.5CVSS6.8AI score0.0114EPSS
Exploits0References5
EUVD
EUVD
added 2026/04/06 6:33 p.m.5 views

EUVD-2026-19396

A vulnerability has been found in Cyber-III Student-Management-System up to 1a938fa61e9f735078e9b291d2e6215b4942af3f. This vulnerability affects unknown code of the file /login.php of the component Parameter Handler. Such manipulation of the argument Password leads to sql injection. It is possibl...

7.5CVSS6.8AI score0.00259EPSS
Exploits0References6
EUVD
EUVD
added 2026/04/06 6:33 p.m.2 views

EUVD-2026-19365

A flaw has been found in Cyber-III Student-Management-System up to 1a938fa61e9f735078e9b291d2e6215b4942af3f. This affects an unknown part of the file /admin/Add%20notice/add%20notice.php. This manipulation of the argument $SERVER'PHPSELF' causes cross site scripting. It is possible to initiate th...

4.8CVSS4.5AI score0.00206EPSS
Exploits0References6
EUVD
EUVD
added 2026/04/06 6:33 p.m.9 views

EUVD-2026-19432

A vulnerability was found in itsourcecode Construction Management System 1.0. This affects an unknown part of the file /borrowedtool.php of the component Parameter Handler. The manipulation of the argument emp results in sql injection. It is possible to launch the attack remotely. The exploit has...

6.5CVSS6.4AI score0.00192EPSS
Exploits0References6
EUVD
EUVD
added 2026/04/06 6:33 p.m.2 views

EUVD-2026-19364

A vulnerability was detected in code-projects Online FIR System 1.0. Affected by this issue is some unknown functionality of the file /complaints.sql of the component SQL Database Backup File Handler. The manipulation results in insecure storage of sensitive information. The attack may be perform...

6.9CVSS5.8AI score0.00302EPSS
Exploits0References6
EUVD
EUVD
added 2026/04/06 6:33 p.m.4 views

EUVD-2026-19315

A security vulnerability has been detected in code-projects Online FIR System 1.0. Affected by this vulnerability is an unknown functionality of the file /Login/checklogin.php of the component Login. The manipulation of the argument email/password leads to sql injection. The attack is possible to...

7.5CVSS6.8AI score0.00319EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/04/06 6:30 p.m.3 views

CVE-2026-5677 Totolink A7100RU cstecgi.cgi CsteSystem os command injection

A security flaw has been discovered in Totolink A7100RU 7.4cu.2313b20191024. Impacted is the function CsteSystem of the file /cgi-bin/cstecgi.cgi. Performing a manipulation of the argument resetFlags results in os command injection. The attack may be initiated remotely. The exploit has been...

7.5CVSS5.7AI score0.0114EPSS
Exploits0References5
Rows per page
Query Builder