Lucene search
+L

848 matches found

Cvelist
Cvelist
added 2026/05/04 4:43 p.m.44 views

CVE-2025-47401 Buffer Over-read in WLAN HAL

Transient DOS when processing target power rate tables during channel configuration...

6.5CVSS0.00216EPSS
Exploits0References1
CVE
CVE
added 2026/05/04 4:43 p.m.15 views

CVE-2025-47401

CVE-2025-47401 indicates a transient denial of service caused by a buffer over-read in the WLAN HAL during channel configuration while processing target power rate tables. The description across sources confirms the issue and impact to availability, but no concrete exploitation details, affected ...

7.5CVSS5.8AI score0.00216EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2026/04/27 7:23 p.m.5 views

CVE-2026-7027

A vulnerability was identified in D-Link DSL-2740R EU01.15. Impacted is an unknown function of the component Wireless Setup Section. Such manipulation of the argument Wireless Network Name leads to cross site scripting. The attack can be executed remotely. The exploit is publicly available and...

4.8CVSS2.9AI score0.00433EPSS
Exploits0References1
NVD
NVD
added 2026/04/26 9:16 a.m.11 views

CVE-2026-7027

A vulnerability was identified in D-Link DSL-2740R EU01.15. Impacted is an unknown function of the component Wireless Setup Section. Such manipulation of the argument Wireless Network Name leads to cross site scripting. The attack can be executed remotely. The exploit is publicly available and...

4.8CVSS0.00433EPSS
Exploits0References4
EUVD
EUVD
added 2026/04/26 8:15 a.m.6 views

EUVD-2026-25702

A vulnerability was identified in D-Link DSL-2740R EU01.15. Impacted is an unknown function of the component Wireless Setup Section. Such manipulation of the argument Wireless Network Name leads to cross site scripting. The attack can be executed remotely. The exploit is publicly available and...

4.8CVSS2.9AI score0.00433EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/04/26 8:15 a.m.47 views

CVE-2026-7027 D-Link DSL-2740R Wireless Setup Section cross site scripting

A vulnerability was identified in D-Link DSL-2740R EU01.15. Impacted is an unknown function of the component Wireless Setup Section. Such manipulation of the argument Wireless Network Name leads to cross site scripting. The attack can be executed remotely. The exploit is publicly available and...

4.8CVSS0.00433EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/04/26 8:15 a.m.4 views

CVE-2026-7027

A vulnerability was identified in D-Link DSL-2740R EU01.15. Impacted is an unknown function of the component Wireless Setup Section. Such manipulation of the argument Wireless Network Name leads to cross site scripting. The attack can be executed remotely. The exploit is publicly available and...

4.8CVSS3AI score0.00433EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/04/26 12:0 a.m.12 views

PT-2026-35208

A vulnerability was identified in D-Link DSL-2740R EU 01.15. Impacted is an unknown function of the component Wireless Setup Section. Such manipulation of the argument Wireless Network Name leads to cross site scripting. The attack can be executed remotely. The exploit is publicly available and...

4.8CVSS3AI score0.00433EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/04/26 12:0 a.m.9 views

D-Link DSL-2740R 跨站脚本漏洞

The D-Link DSL-2740R is a high-performance ADSL router from D-Link Corporation. The D-Link DSL-2740R EU01.15 version has a cross-site scripting vulnerability. This vulnerability stems from improper handling of the Wireless Network Name parameter by the Wireless Setup Section component, which may...

4.8CVSS5.6AI score0.00433EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/24 12:0 a.m.8 views

PT-2026-37167

Name of the Vulnerable Software and Affected Versions wlc versions prior to 2.0.0 Description The HTML output format embeds API response data into HTML without proper escaping. This allows for cross-site scripting XSS, a technique where malicious scripts are injected into trusted websites, when t...

5.1CVSS5.6AI score0.00174EPSS
Exploits0References13
Hewlett-Packard
Hewlett-Packard
added 2026/04/22 12:0 a.m.12 views

MediaTek Wireless LAN Security Update

Potential vulnerabilities have been identified in MediaTek Wireless LAN Drivers for some HP PC products, which might allow escalation of privilege or denial of service. MediaTek has released driver updates to mitigate the potential vulnerabilities. MediaTek has released updates to mitigate the...

7.8CVSS5.8AI score0.00733EPSS
Exploits0Affected Software68
RedhatCVE
RedhatCVE
added 2026/04/16 7:22 p.m.9 views

CVE-2026-6168

A flaw has been found in TOTOLINK A7000R up to 9.1.0u.6115. The affected element is the function setWiFiEasyGuestCfg of the file /cgi-bin/cstecgi.cgi. This manipulation of the argument ssid5g causes stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been...

9CVSS6.1AI score0.00575EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/06 3:33 p.m.32 views

CVE-2026-21367 Buffer Over-read in WLAN Firmware

Transient DOS when processing nonstandard FILS Discovery Frames with out-of-range action sizes during initial scans...

7.6CVSS0.00203EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/03/28 12:0 a.m.17 views

Wavlink WL-WN579X3-C 安全漏洞

Wavlink WL-WN579X3-C is a wireless network extender produced by Wavlink Corporation. The Wavlink WL-WN579X3-C 231124 version contains a security vulnerability. This vulnerability stems from incorrect handling of the UpnpEnabled parameter, which may lead to a stack-based buffer overflow attack...

9CVSS7.6AI score0.00687EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/03/27 12:0 a.m.6 views

PT-2026-28701

Name of the Vulnerable Software and Affected Versions Totolink LR350 version 9.3.5u.6369 B20220309 Description A buffer overflow issue exists in the setWiFiGuestCfg function of the /cgi-bin/cstecgi.cgi file. The issue is triggered by manipulating the ssid argument. The exploit for this issue has...

9CVSS6AI score0.00655EPSS
Exploits1References10
Cvelist
Cvelist
added 2026/03/26 9:16 p.m.25 views

CVE-2026-4346 Cleartext Storage of Administrative and Wi-Fi Credentials via Accessible Serial Interface in TP Link's TL-WR850N

The vulnerability affecting TL-WR850N v3 allows cleartext storage of administrative and Wi-Fi credentials in a region of the device’s flash memory while the serial interface remains enabled and protected by weak authentication. An attacker with physical access and the ability to connect to the...

5.1CVSS0.00124EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/03/26 9:16 p.m.2 views

CVE-2026-4346

The vulnerability affecting TL-WR850N v3 allows cleartext storage of administrative and Wi-Fi credentials in a region of the device’s flash memory while the serial interface remains enabled and protected by weak authentication. An attacker with physical access and the ability to connect to the...

5.1CVSS5.8AI score0.00124EPSS
Exploits0References3
CVE
CVE
added 2026/03/26 9:16 p.m.13 views

CVE-2026-4346

The CVE concerns TP-Link TL-WR850N v3 where credentials (administrative and Wi‑Fi) are stored in cleartext in a region of the device’s flash while the serial interface is enabled and protected by weak authentication. A physical attacker who can access the serial port can recover sensitive data, i...

6.8CVSS5.8AI score0.00124EPSS
Exploits0References2Affected Software1
SUSE Linux
SUSE Linux
added 2026/03/20 1:41 p.m.9 views

Security update for

This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.7.3 fixes various security issues The following security issues were fixed: CVE-2025-38159: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds bsc1257629. CVE-2025-38488: smb: client: fix use-after-free in...

8.7CVSS6.8AI score0.00278EPSS
Exploits0References36
Vulnrichment
Vulnrichment
added 2026/03/19 10:46 p.m.2 views

CVE-2026-32721 LuCI luci-mod-network: Possible XSS attack in WiFi scan on Joining Wireless Client modal

LuCI is the OpenWrt Configuration Interface. Versions prior to both 24.10.5 and 25.12.0, contain a stored XSS vulnerability in the wireless scan modal, where SSID values from scan results are rendered as raw HTML without any sanitization. The wireless.js file in the luci-mod-network package passe...

8.6CVSS5.8AI score0.00239EPSS
Exploits0References3
Rows per page
Query Builder