CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

11 matches found

Vulnrichment•added 2026/05/27 12:0 a.m.•5 views

CVE-2026-38422

Buffer Overflow vulnerability in arendst Tasmota v.15.3.0.3 and before allows a remote attacker to execute arbitrary code via the tasmota/tasmotaxdrvdriver/xdrv10scripter.ino, fetchjpg function...

6.2AI score0.00709EPSS

Exploits1References3

CNNVD•added 2026/05/27 12:0 a.m.•6 views

Tasmota 安全漏洞

Tasmota is an IoT device firmware and automation control platform developed by Theo Arends. Versions of Tasmota prior to 15.3.0.3 contained security vulnerabilities. These vulnerabilities were caused by a buffer overflow in the fetchjpg function found in the...

7.3CVSS6.3AI score0.00709EPSS

Exploits1References3

EUVD•added 2025/10/07 12:30 a.m.•3 views

EUVD-2021-23200

Malware in sbrugna...

6.1CVSS6.3AI score0.0054EPSS

Exploits1References2

RedhatCVE•added 2025/05/22 7:59 p.m.•14 views

CVE-2021-36603

Cross Site Scripting XSS in Tasmota firmware 6.5.0 allows remote attackers to inject JavaScript code via a crafted string in the field "Friendly Name 1"...

6.1CVSS6.2AI score0.0054EPSS

OSV•added 2023/01/09 9:15 p.m.•2 views

CVE-2021-36603

Cross Site Scripting XSS in Tasmota firmware 6.5.0 allows remote attackers to inject JavaScript code via a crafted string in the field "Friendly Name 1"...

6.1CVSS5.9AI score0.0054EPSS

Exploits1References1

NVD•added 2023/01/09 9:15 p.m.•13 views

CVE-2021-36603

Cross Site Scripting XSS in Tasmota firmware 6.5.0 allows remote attackers to inject JavaScript code via a crafted string in the field "Friendly Name 1"...

6.1CVSS6AI score0.0054EPSS

Exploits1References1

Prion•added 2023/01/09 9:15 p.m.•17 views

Cross site scripting

Cross Site Scripting XSS in Tasmota firmware 6.5.0 allows remote attackers to inject JavaScript code via a crafted string in the field "Friendly Name 1"...

5.8CVSS6AI score0.0054EPSS

Exploits1References1Affected Software1

Vulnrichment•added 2023/01/09 12:0 a.m.•9 views

CVE-2021-36603

Cross Site Scripting XSS in Tasmota firmware 6.5.0 allows remote attackers to inject JavaScript code via a crafted string in the field "Friendly Name 1"...

6AI score0.0054EPSS

Exploits1References1

Cvelist•added 2023/01/09 12:0 a.m.•11 views

CVE-2021-36603

Cross Site Scripting XSS in Tasmota firmware 6.5.0 allows remote attackers to inject JavaScript code via a crafted string in the field "Friendly Name 1"...

6.1AI score0.0054EPSS

Exploits1References1

Positive Technologies•added 2023/01/09 12:0 a.m.•4 views

PT-2023-12293 · Tasmota · Tasmota

Name of the Vulnerable Software and Affected Versions: Tasmota firmware version 6.5.0 Description: The issue allows remote attackers to inject JavaScript code via a crafted string in the Friendly Name 1 field. This enables Cross Site Scripting XSS attacks. Recommendations: For Tasmota firmware...

6.1CVSS6AI score0.0054EPSS

Exploits1References3

CVE•added 2023/01/09 12:0 a.m.•44 views

CVE-2021-36603

CVE-2021-36603 affects Tasmota firmware 6.5.0. An XSS flaw in the Friendly Name 1 field allows remote attackers to inject JavaScript via a crafted value, potentially compromising user browsers. Root cause: unsafe handling of user-supplied input in that field. Impact: described as XSS; no exploita...

6.1CVSS5.9AI score0.0054EPSS

Exploits1References1Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by