Lucene search
K

110 matches found

CVE
CVE
added 2026/06/29 3:45 p.m.16 views

CVE-2026-13583

Edimax EW-7478APC (firmware 1.04) contains a buffer overflow in the POST handler: formUSBFolder (/goform/formUSBFolder) via manipulation of ShareName/SelectName. The issue is exploitable remotely, with exploit disclosed publicly; no remediation details are provided in the supplied documents.

9CVSS7.6AI score0.00445EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/29 3:30 p.m.6 views

EUVD-2026-40128

A flaw has been found in Edimax EW-7478APC 1.04. This issue affects the function formUSBAccount of the file /goform/formUSBAccount of the component POST Request Handler. This manipulation of the argument UserName/Password causes buffer overflow. The attack is possible to be carried out remotely...

9CVSS7.7AI score0.00455EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.12 views

Linux Distros Unpatched Vulnerability : CVE-2026-13500

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A weakness has been identified in antlr ANTLR4 up to 4.13.2. Affected is an unknown function of the file tool/src/org/antlr/v4/codegen/model/OutputFile.java of...

7.5CVSS6.7AI score0.00311EPSS
Exploits0References3
NVD
NVD
added 2026/06/21 10:16 p.m.14 views

CVE-2026-12810

A security flaw has been discovered in Edimax BR-6478AC V2 1.23. Affected by this vulnerability is the function mp of the file /goform/mp of the component POST Request Handler. Performing a manipulation of the argument command results in command injection. The attack may be initiated remotely. Th...

6.5CVSS0.01158EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/06/21 5:15 a.m.37 views

CVE-2026-12779 AOMEI Dynamic Disk Manager Kernel Driver ddmdrv.sys access control

A vulnerability was found in AOMEI Dynamic Disk Manager up to 10.10.1. This issue affects some unknown processing in the library ddmdrv.sys of the component Kernel Driver. Performing a manipulation results in improper access controls. The attack must be initiated from a local position. The exploi...

8.5CVSS0.00113EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/15 12:31 a.m.15 views

EUVD-2026-36668

A flaw has been found in Moovit Bus & Public Transit App 1.18 on Android. This affects an unknown part of the component com.tranzmate. Executing a manipulation can lead to improper authorization in handler for custom url scheme. The attack can only be executed locally. The exploit has been...

5.3CVSS5.4AI score0.00105EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/15 12:0 a.m.15 views

PT-2026-49167

A security flaw has been discovered in medkey-org medkey up to fc09b7ba9441ff590b72d428d5380834216b09ed. Impacted is the function actionGetPatientById of the file appmodulesmedicalportrestcontrollersPatientController.php of the component HTTP REST API. The manipulation of the argument ID results ...

5.3CVSS5.1AI score0.00226EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/06/06 3:15 p.m.11 views

CVE-2026-11435 Jinher OA nextselectplan.aspx sql injection

A security vulnerability has been detected in Jinher OA 1.0. This affects an unknown function of the file nextselectplan.aspx. Such manipulation of the argument httpOID leads to sql injection. The attack may be launched remotely. The exploit has been disclosed publicly and may be used. The vendor...

7.5CVSS7AI score0.00259EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/01 4:15 a.m.32 views

EUVD-2026-33556

A weakness has been identified in NousResearch hermes-agent up to 2026.4.30. This affects the function scanmemorycontent of the file tools/memorytool.py. This manipulation causes injection. The attack can be initiated remotely. The exploit has been made available to the public and could be used f...

6.5CVSS5.6AI score0.00228EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/05/26 2:13 p.m.17 views

CVE-2026-9367

A vulnerability was determined in NousResearch hermes-agent up to 5157f5427f19488b31c6fdebbacd15d798ce7f63. This affects the function detectdangerouscommand of the file tools/approval.py of the component terminaltool. This manipulation causes os command injection. It is possible to initiate the...

7.5CVSS6.8AI score0.01657EPSS
Exploits0References1
NVD
NVD
added 2026/05/24 5:16 a.m.18 views

CVE-2026-9354

A vulnerability was detected in NousResearch hermes-agent up to 2026.4.16. The affected element is an unknown function of the component Slack Agent/Mattermost Agent. The manipulation of the argument formatmessage results in escaping of output. The attack can be executed remotely. The exploit is n...

6.9CVSS0.00336EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/18 12:15 a.m.9 views

CVE-2026-8774

A vulnerability was detected in Edimax BR-6228NC 1.22. Affected by this issue is the function mp of the file /goform/mp of the component POST Request Handler. The manipulation of the argument command results in command injection. The attack may be performed from remote. The exploit is now public...

6.5CVSS5.6AI score0.01182EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/09 12:0 a.m.31 views

PT-2026-39415

Name of the Vulnerable Software and Affected Versions JeecgBoot version 3.9.1 Description A flaw in the 'mLogin' endpoint within the LoginController.java file of the jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/system/controller/ component allows for remote authorization...

6.3CVSS5.8AI score0.00463EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/05/03 6:45 a.m.7 views

CVE-2026-7684

A security vulnerability has been detected in Edimax BR-6428nC up to 1.16. This impacts an unknown function of the file /goform/setWAN. Such manipulation of the argument pptpDfGateway leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed publicly and may be...

9CVSS7.7AI score0.00481EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/05/02 12:0 a.m.9 views

PT-2026-36552

A flaw has been found in ArtMin96 yii2-mcp-server 1.0.2. This impacts the function yii command help/yii execute command of the file src/index.ts of the component MCP Interface. Executing a manipulation can lead to os command injection. The attack can be executed remotely. The exploit has been...

6.5CVSS6.3AI score0.0111EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2026/04/27 1:22 p.m.4 views

CVE-2026-7025

A vulnerability was found in Typecho up to 1.3.0. This vulnerability affects the function Service::sendPingHandle of the file var/Widget/Service.php of the component Ping Back Service Endpoint. The manipulation of the argument X-Pingback/link results in server-side request forgery. The attack may...

7.5CVSS7AI score0.00278EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/20 12:32 p.m.5 views

EUVD-2026-23824

A vulnerability has been found in Metasoft 美特软件 MetaCRM up to 6.4.0. This vulnerability affects the function Statement.executeUpdate of the file sql.jsp of the component Interface. Such manipulation of the argument sql leads to sql injection. The attack can be launched remotely. The exploit has...

7.5CVSS6.7AI score0.00259EPSS
Exploits0References5
NVD
NVD
added 2026/04/20 10:16 a.m.6 views

CVE-2026-6624

A weakness has been identified in BichitroGan ISP Billing Software 2025.3.20. Affected is an unknown function of the file /?\route=pool/add of the component Pool List Interface. Executing a manipulation can lead to cross site scripting. The attack may be performed from remote. The exploit has bee...

4.8CVSS0.00206EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/04/20 8:45 a.m.36 views

CVE-2026-6622 BichitroGan ISP Billing Software Customer edit cross site scripting

A vulnerability was identified in BichitroGan ISP Billing Software 2025.3.20. This affects an unknown function of the file /?\route=customers/edit/ of the component Customer Handler. Such manipulation leads to cross site scripting. The attack can be executed remotely. The exploit is publicly...

4.8CVSS0.00206EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/04/17 12:0 a.m.4 views

PT-2026-33449

Name of the Vulnerable Software and Affected Versions QueryMine sms versions up to 7ab5a9ea196209611134525ffc18de25c57d9593 Description Remote SQL injection is possible via the GET Request Parameter Handler in the 'admin/editcourse.php' file. The issue occurs when the ID argument is manipulated,...

6.5CVSS6.9AI score0.00196EPSS
Exploits0References7
Rows per page
Query Builder