Lucene search
K

485 matches found

EUVD
EUVD
added 2026/04/28 8:0 p.m.6 views

EUVD-2026-26152

A flaw has been found in eiceblue spire-pdf-mcp-server 0.1.1. This impacts the function getpdfpath of the file src/spirepdfmcp/server.py of the component PDF File Handler. Executing a manipulation of the argument filepath can lead to path traversal. The attack can be launched remotely. The exploi...

7.5CVSS7.1AI score0.0041EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/04/28 7:6 a.m.4 views

CVE-2024-54013 Authentication Bypass

Penetration Testing engineers at Amazon have identified a security flaw related to request handling in the web server component that could, under certain conditions, lead to unintended access to protected functions. The manufacturer has released patch firmware for the flaw, please refer to the...

8.7CVSS5.3AI score0.00193EPSS
Exploits0References1
CVE
CVE
added 2026/04/28 7:6 a.m.13 views

CVE-2024-54013

CVE-2024-54013 affects the web server component of Hanwha Vision products, where a flaw in request handling could allow unauthorized access to protected functions. The issue is supported by a manufacturer-reported patch/firmware update; the CVSS 4.0 base score is 8.7 (HIGH), with adjacent attack ...

8.8CVSS5.4AI score0.00193EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2026/04/27 1:22 p.m.7 views

CVE-2026-7035

A vulnerability was determined in Tenda FH1202 1.2.0.14. This affects the function fromWrlclientSet of the file /goform/WrlclientSet of the component httpd. Executing a manipulation of the argument Go can lead to stack-based buffer overflow. The attack may be launched remotely. The exploit has be...

9CVSS8.9AI score0.00619EPSS
Exploits1References1
NVD
NVD
added 2026/04/27 9:16 a.m.6 views

CVE-2026-7102

A vulnerability was found in Tenda F456 1.0.0.5. This impacts the function FromWriteFacMac of the file /goform/WriteFacMac of the component httpd. The manipulation of the argument mac results in command injection. The attack can be executed remotely. The exploit has been made public and could be...

8.8CVSS0.03024EPSS
Exploits1References5
EUVD
EUVD
added 2026/04/27 7:45 a.m.6 views

EUVD-2026-25800

A flaw has been found in Tenda F456 1.0.0.5. The impacted element is the function fromNatlimitof of the file /goform/Natlimit of the component httpd. Executing a manipulation can lead to buffer overflow. The attack may be launched remotely. The exploit has been published and may be used...

9CVSS5.9AI score0.00619EPSS
Exploits1References5
EUVD
EUVD
added 2026/04/27 3:0 a.m.4 views

EUVD-2026-25764

A vulnerability was detected in Tenda F456 1.0.0.5. Affected is the function fromGstDhcpSetSer of the file /goform/GstDhcpSetSer of the component httpd. Performing a manipulation of the argument dips results in buffer overflow. Remote exploitation of the attack is possible. The exploit is now...

9CVSS5.7AI score0.00619EPSS
Exploits1References5
EUVD
EUVD
added 2026/04/27 2:30 a.m.7 views

EUVD-2026-25762

A weakness has been identified in Tenda F456 1.0.0.5. This affects the function fromAdvSetWan of the file /goform/AdvSetWan of the component httpd. This manipulation of the argument wanmode causes buffer overflow. The attack may be initiated remotely. The exploit has been made available to the...

9CVSS5.9AI score0.00632EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/04/27 12:0 a.m.7 views

PT-2026-35347

A vulnerability was detected in Tenda F456 1.0.0.5. Affected is the function fromGstDhcpSetSer of the file /goform/GstDhcpSetSer of the component httpd. Performing a manipulation of the argument dips results in buffer overflow. Remote exploitation of the attack is possible. The exploit is now...

9CVSS8.5AI score0.00619EPSS
Exploits1References6
CNNVD
CNNVD
added 2026/04/27 12:0 a.m.8 views

Tenda F456 缓冲区错误漏洞

The Tenda F456 is a wireless router produced by the Chinese company Tenda. Version 1.0.0.5 of the Tenda F456 contains a buffer error vulnerability. This vulnerability stems from a buffer overflow in the fromWrlclientSet function within the httpd component or goform/WrlclientSet file, which could...

9CVSS7.6AI score0.00641EPSS
Exploits1References1
NVD
NVD
added 2026/04/26 12:16 p.m.9 views

CVE-2026-7035

A vulnerability was determined in Tenda FH1202 1.2.0.14. This affects the function fromWrlclientSet of the file /goform/WrlclientSet of the component httpd. Executing a manipulation of the argument Go can lead to stack-based buffer overflow. The attack may be launched remotely. The exploit has be...

9CVSS0.00619EPSS
Exploits1References5
NVD
NVD
added 2026/04/20 11:16 a.m.5 views

CVE-2026-6632

A vulnerability was identified in Tenda F451 1.0.0.7cnsvn7958. The affected element is the function fromSafeClientFilter of the file /goform/SafeClientFilter of the component httpd. The manipulation of the argument menufacturer/Go leads to buffer overflow. Remote exploitation of the attack is...

9CVSS0.00447EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/04/15 7:23 p.m.6 views

CVE-2026-33096

Out-of-bounds read in Windows HTTP.sys allows an unauthorized attacker to deny service over a network...

7.5CVSS5.8AI score0.01248EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/14 4:57 p.m.11 views

CVE-2026-33096 HTTP.sys Denial of Service Vulnerability

...

7.5CVSS5.8AI score0.01248EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/12 12:0 a.m.5 views

Tenda F451 安全漏洞

The Tenda F451 is a wireless router produced by the Chinese company Tenda. Version 1.0.0.7 of the Tenda F451 contains a security vulnerability. This vulnerability stems from the improper handling of the parameter entrys in the fromAddressNat function within the httpd component, potentially leadin...

9CVSS7.7AI score0.00518EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/03/29 12:0 a.m.13 views

Tenda F453 安全漏洞

The Tenda F453 is a wireless router produced by the Chinese company Tenda. Version 1.0.0.3 of the Tenda F453 contains a security vulnerability. This vulnerability stems from improper handling of the parameter “delno” in the function “fromPPTPUserSetting” within the httpd component, which may lead...

9CVSS7.7AI score0.00632EPSS
Exploits1References5
CVE
CVE
added 2026/03/20 12:0 a.m.13 views

CVE-2025-67260

CVE-2025-67260 concerns a file upload vulnerability in Terrapack software from ASTER TEC/ASTER S.p.A. The affected components/versions listed are Terrapack TkWebCoreNG 1.0.20200914, Terrapack TKServerCGI 2.5.4.150, and Terrapack TpkWebGIS Client 1.0.0. The vulnerability allows attackers to upload...

8.8CVSS6AI score0.00396EPSS
Exploits0References5Affected Software3
OSV
OSV
added 2026/03/10 6:18 p.m.4 views

CVE-2026-25572

A vulnerability has been identified in SICAM SIAPP SDK All versions V2.1.7. The SICAM SIAPP SDK server component does not enforce maximum length checks on certain variables before use. This could allow an attacker to send an oversized input that could trigger a stack overflow crashing the process...

5.5CVSS5.8AI score0.00119EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/10 12:0 a.m.5 views

PT-2026-24222

A vulnerability has been identified in SICAM SIAPP SDK All versions V2.1.7. The SICAM SIAPP SDK server component does not enforce maximum length checks on certain variables before use. This could allow an attacker to send an oversized input that could trigger a stack overflow crashing the process...

5.9CVSS5.8AI score0.00119EPSS
Exploits0References4
CVE
CVE
added 2026/03/09 10:31 p.m.11 views

CVE-2026-30870

CVE-2026-30870 affects PowerSync Service (server-side of the PowerSync sync engine). In version 1.20.0, using new sync streams with config.edition: 3, certain subquery filters could be ignored when deciding which data to sync to users, potentially allowing authenticated users to receive data that...

6.5CVSS5.8AI score0.00201EPSS
Exploits0References1
Rows per page
Query Builder