Lucene search
K

485 matches found

OSV
OSV
added 2026/02/27 2:16 a.m.4 views

CVE-2026-3275

A weakness has been identified in Tenda F453 1.0.0.3. This affects the function fromAddressNat of the file /goform/addressNat of the component httpd. Executing a manipulation of the argument entrys can lead to buffer overflow. The attack may be performed from remote. The exploit has been made...

8.8CVSS6.2AI score0.00773EPSS
Exploits1References5
NVD
NVD
added 2026/02/27 12:16 a.m.6 views

CVE-2026-3272

A vulnerability was determined in Tenda F453 1.0.0.3. Affected is the function fromDhcpListClient of the file /goform/DhcpListClient of the component httpd. This manipulation of the argument page causes buffer overflow. Remote exploitation of the attack is possible. The exploit has been publicly...

9CVSS0.00746EPSS
Exploits1References5
EUVD
EUVD
added 2026/02/25 9:30 a.m.6 views

EUVD-2026-8627

A security vulnerability has been detected in Tenda F453 1.0.0.3. This impacts the function fromSafeEmailFilter of the file /goform/SafeEmailFilter of the component httpd. The manipulation of the argument page leads to buffer overflow. Remote exploitation of the attack is possible. The exploit ha...

9CVSS5.8AI score0.00632EPSS
Exploits2References6
OSV
OSV
added 2026/02/25 8:16 a.m.5 views

CVE-2026-3169

A security vulnerability has been detected in Tenda F453 1.0.0.3. This impacts the function fromSafeEmailFilter of the file /goform/SafeEmailFilter of the component httpd. The manipulation of the argument page leads to buffer overflow. Remote exploitation of the attack is possible. The exploit ha...

8.8CVSS6.1AI score0.00632EPSS
Exploits2References5
NVD
NVD
added 2026/02/25 7:16 a.m.8 views

CVE-2026-3168

A weakness has been identified in Tenda F453 1.0.0.3. This affects the function fromNatStaticSetting of the file /goform/NatStaticSetting of the component httpd. Executing a manipulation of the argument page can lead to buffer overflow. The attack may be launched remotely. The exploit has been ma...

9CVSS0.03248EPSS
Exploits2References5
CNNVD
CNNVD
added 2026/01/19 12:0 a.m.5 views

B&R Automation Runtime security vulnerabilities

B&R Automation Runtime is an automation runtime provided by B&R Automation Inc. Versions prior to B&R Automation Runtime 6.5 and R4.93 contained security vulnerabilities. These vulnerabilities stemmed from unlimited resource allocation or throttling in the ANSL-server component, which could allow...

8.9CVSS5.8AI score0.00313EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/01/09 8:52 a.m.5 views

CVE-2021-2248

Vulnerability in the Oracle Secure Global Desktop product of Oracle Virtualization component: Server. The supported version that is affected is 5.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Secure Global...

10CVSS7AI score0.02497EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:44 a.m.10 views

CVE-2022-23650

Netmaker is a platform for creating and managing virtual overlay networks using WireGuard. Prior to versions 0.8.5, 0.9.4, and 010.0, there is a hard-coded cryptographic key in the code base which can be exploited to run admin commands on a remote server if the exploiter know the address and...

9CVSS7.1AI score0.0152EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/08 3:14 a.m.3 views

CVE-2025-15472

A flaw has been found in TRENDnet TEW-811DRU 1.0.2.0. This affects the function setDeviceURL of the file uapply.cgi of the component httpd . This manipulation of the argument DeviceURL causes os command injection. The attack can be initiated remotely. The exploit has been published and may be use...

8.6CVSS6.6AI score0.20097EPSS
Exploits1References1
NVD
NVD
added 2026/01/07 12:16 p.m.4 views

CVE-2025-15472

A flaw has been found in TRENDnet TEW-811DRU 1.0.2.0. This affects the function setDeviceURL of the file uapply.cgi of the component httpd . This manipulation of the argument DeviceURL causes os command injection. The attack can be initiated remotely. The exploit has been published and may be...

8.6CVSS0.20097EPSS
Exploits1References4
GithubExploit
GithubExploit
added 2026/01/06 8:5 p.m.147 views

Exploit for Deserialization of Untrusted Data in Facebook React

CVE-202...

10CVSS7AI score0.99562EPSS
Exploits372
NVD
NVD
added 2025/12/30 4:15 p.m.8 views

CVE-2025-15255

A vulnerability was determined in Tenda W6-S 1.0.0.4510. This impacts an unknown function of the file /bin/httpd of the component R7websSsecurityHandler. Executing a manipulation of the argument Cookie can lead to stack-based buffer overflow. The attack may be launched remotely. The exploit has...

10CVSS0.03923EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/12/30 12:0 a.m.4 views

Tenda W6-S 安全漏洞

Tenda W6-S is a wireless access point device from Tenda China. A security vulnerability exists in Tenda W6-S version 1.0.0.4, which originates from an incorrect manipulation of the file /bin/httpd parameter cookie in the component R7websSecurityHandler, which could result in a stack buffer overfl...

10CVSS7.6AI score0.03923EPSS
Exploits1References5
NVD
NVD
added 2025/12/13 7:15 p.m.5 views

CVE-2025-14636

A security flaw has been discovered in Tenda AX9 22.03.01.46. This affects the function imagecheck of the component httpd. The manipulation results in use of weak hash. It is possible to launch the attack remotely. A high complexity level is associated with this attack. It is indicated that the...

6.3CVSS0.00249EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2025/12/13 7:2 p.m.3 views

CVE-2025-14636

A security flaw has been discovered in Tenda AX9 22.03.01.46. This affects the function imagecheck of the component httpd. The manipulation results in use of weak hash. It is possible to launch the attack remotely. A high complexity level is associated with this attack. It is indicated that the...

6.3CVSS4.8AI score0.00249EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichment
added 2025/12/11 2:21 p.m.5 views

CVE-2025-14265 Improper server-side validation in ScreenConnect extension framework

In versions of ScreenConnect™ prior to 25.8, server-side validation and integrity checks within the extension subsystem could allow the installation and execution of untrusted or arbitrary extensions by authorized or administrative users. Abuse of this behavior could result in the execution of...

9.1CVSS6.9AI score0.00324EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/10/22 12:0 a.m.5 views

PT-2025-43381

Name of the Vulnerable Software and Affected Versions Devolutions Server versions 2025.2.15.0 and earlier Description An improper input validation exists in the Security Dashboard's ignored-tasks API. An authenticated user can send a crafted request to cause a denial of service to the Security...

5.1CVSS6.3AI score0.00406EPSS
Exploits0References8
OSV
OSV
added 2025/10/21 8:20 p.m.6 views

CVE-2025-62287

Vulnerability in the Oracle Life Sciences InForm product of Oracle Health Sciences Applications component: Web Server. The supported version that is affected is 7.0.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Life Science...

6.1CVSS5.8AI score0.00175EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2013-0378

Malware in sbrugna...

4CVSS6.1AI score0.02547EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-29310

Malware in sbrugna...

9.8CVSS9AI score0.02489EPSS
Exploits2References5
Rows per page
Query Builder