Lucene search
+L

2515 matches found

GithubExploit
GithubExploit
added 2026/06/13 6:51 p.m.174 views

Exploit for Deserialization of Untrusted Data in Facebook React

CVE-2025-55182 - React2Shell Pre-authentication RCE in Reac...

10CVSS8.6AI score0.99562EPSS
Exploits376
OSV
OSV
added 2026/06/10 2:16 p.m.2 views

CVE-2026-53435

In Jenkins 2.567 and earlier, LTS 2.555.2 and earlier, it is possible for attackers to have Jenkins deserialize arbitrary types defined in Jenkins core or plugins from an attacker-controlled config.xml submission in a way that allows them to handle HTTP requests afterwards. This can be used to...

8.8CVSS7.3AI score0.14907EPSS
Exploits2References4
NVD
NVD
added 2026/06/10 2:16 p.m.13 views

CVE-2026-53435

In Jenkins 2.567 and earlier, LTS 2.555.2 and earlier, it is possible for attackers to have Jenkins deserialize arbitrary types defined in Jenkins core or plugins from an attacker-controlled config.xml submission in a way that allows them to handle HTTP requests afterwards. This can be used to...

8.8CVSS0.14907EPSS
Exploits2References4
AlpineLinux
AlpineLinux
added 2026/06/10 1:5 p.m.10 views

CVE-2026-53435

In Jenkins 2.567 and earlier, LTS 2.555.2 and earlier, it is possible for attackers to have Jenkins deserialize arbitrary types defined in Jenkins core or plugins from an attacker-controlled config.xml submission in a way that allows them to handle HTTP requests afterwards. This can be used to...

8.8CVSS5.6AI score0.14907EPSS
Exploits2References4
RedhatCVE
RedhatCVE
added 2026/06/10 3:0 a.m.9 views

CVE-2026-36819

Shenzhen Tenda Technology Co., Ltd Tenda W20E v15.11.0.6 was discovered to contain a buffer overflow in the bindMACAddr parameter of the fromSetDhcpRules function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted HTTP request...

7.5CVSS5.9AI score0.00309EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/09 6:30 p.m.19 views

EUVD-2026-35443

A improper neutralization of special elements used in an os command 'os command injection' vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox 4.2 all versions, FortiSandbox Cloud 5.0.4 through 5.0.5, FortiSandbox PaaS 5.0.4 through 5.0.5 may...

9.8CVSS5.7AI score0.36135EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/09 2:27 p.m.10 views

CVE-2026-25089

A improper neutralization of special elements used in an os command 'os command injection' vulnerability in Fortinet FortiSandbox 5.0.0 through 5.0.5, FortiSandbox 4.4.0 through 4.4.8, FortiSandbox 4.2 all versions, FortiSandbox Cloud 5.0.4 through 5.0.5, FortiSandbox PaaS 5.0.4 through 5.0.5 may...

9.8CVSS5.7AI score0.36135EPSS
Exploits0References1
CVE
CVE
added 2026/06/09 2:27 p.m.169 views

CVE-2026-25089

CVE-2026-25089 is an OS command injection affecting FortiSandbox family (FortiSandbox 5.0.0–5.0.5, 4.4.0–4.4.8, 4.2.x; Cloud 5.0.4–5.0.5; PaaS 5.0.4–5.0.5) via unauthenticated crafted HTTP requests. Root cause: improper neutralization of special elements in OS commands. Impact: remote command exe...

9.8CVSS5.7AI score0.36135EPSS
In wildExploits0References2Affected Software3
EUVD
EUVD
added 2026/06/09 3:47 a.m.19 views

EUVD-2026-35320

In Micrometer, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service DoS condition. Affected versions: micrometer-core 1.16.0 through 1.16.5; 1.15.0 through 1.15.11; 1.14.0 through 1.14.15; 1.13.0 through 1.13.18; 1.9.0 through 1.9.17...

7.5CVSS5.4AI score0.00623EPSS
Exploits0References1
CVE
CVE
added 2026/06/09 3:47 a.m.116 views

CVE-2026-40984

CVE-2026-40984 details (from provided sources): Affects Micrometer HTTP server instrumentations across micrometer-core and micrometer-jetty variants (various versions listed in the initial entry). The vulnerability is a DoS triggered by specially crafted HTTP requests. The CVSS v3.1 base score is...

7.5CVSS5.4AI score0.00623EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/09 12:0 a.m.35 views

CVE-2026-36796

Shenzhen Tenda Technology Co., Ltd Tenda G0 v15.11.0.5 was discovered to contain a stack overflow in the picCropName parameter of the formCropAndSetWewifiPic function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted HTTP request...

0.00397EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.17 views

PT-2026-48181

Shenzhen Tenda Technology Co., Ltd Tenda O3 Wireless Router v1.0.0.54180 was discovered to contain multiple stack overflows in the fromVirtualSer function via the puVar2, puVar1, s2, s1 00, and puVar3 parameters. These vulnerabilities allow attackers to cause a Denial of Service DoS via a crafted...

5.5AI score0.00397EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.18 views

PT-2026-48190

Shenzhen Tenda Technology Co., Ltd Tenda G0 v15.11.0.5 was discovered to contain multiple stack overflows in the formSetDebugCfgr function via the enable, level, and module parameters. These vulnerabilities allow attackers to cause a Denial of Service DoS via a crafted HTTP request...

5.5AI score0.00301EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/09 12:0 a.m.9 views

CVE-2026-36779

Shenzhen Tenda Technology Co., Ltd Tenda O3 Wireless Router v1.0.0.54180 was discovered to contain multiple stack overflows in the fromVirtualSer function via the puVar2, puVar1, s2, s100, and puVar3 parameters. These vulnerabilities allow attackers to cause a Denial of Service DoS via a crafted...

5.5AI score0.00397EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.14 views

PT-2026-48204

Shenzhen Tenda Technology Co., Ltd Tenda W15E v15.11.0.10 was discovered to contain a buffer overflow in the hostname parameter of the formSetNetCheckTools function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted HTTP request...

5.9AI score0.00309EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.19 views

PT-2026-47643

Name of the Vulnerable Software and Affected Versions micrometer-core versions 1.16.0 through 1.16.5 micrometer-core versions 1.15.0 through 1.15.11 micrometer-core versions 1.14.0 through 1.14.15 micrometer-core versions 1.13.0 through 1.13.18 micrometer-core versions 1.9.0 through 1.9.17...

7.5CVSS5.8AI score0.00623EPSS
Exploits0References10
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.16 views

Tenda W20E 安全漏洞

The Tenda W20E is a router produced by the Chinese company Tenda. The version 15.11.0.6 of the Tenda W20E contains a security vulnerability. This vulnerability stems from a buffer overflow in the macAddr parameter of the formDelStaState function, which could allow attackers to cause...

7.5CVSS5.8AI score0.00309EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.14 views

Tenda W15E 安全漏洞

The Tenda W15E is a wireless router produced by the Chinese company Tenda. The version 15.11.0.10 of the Tenda W15E contains a security vulnerability. This vulnerability stems from a buffer overflow in the hostname parameter of the formSetNetCheckTools function, which could allow attackers to cau...

7.5CVSS5.8AI score0.00309EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.11 views

Tenda W15E 安全漏洞

The Tenda W15E is a wireless router produced by the Chinese company Tenda. The version 15.11.0.10 of the Tenda W15E contains a security vulnerability. This vulnerability stems from a buffer overflow in the wewifiWhiteUserInfo parameter within the formAddWewifiWhiteUser function. It may allow...

7.5CVSS5.8AI score0.00309EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.13 views

Tenda G0 安全漏洞

Tenda G0 is a router produced by the Chinese company Tenda. The version 15.11.0.5 of Tenda G0 contains a security vulnerability. This vulnerability stems from a buffer overflow in the IPMacBindRule parameter within the formIPMacBindAdd function. It could allow attackers to cause denial-of-service...

7.5CVSS5.8AI score0.00309EPSS
Exploits0References1
Rows per page
Query Builder