Lucene search
K

1454 matches found

Positive Technologies
Positive Technologies
added 2026/03/30 12:0 a.m.5 views

PT-2026-29045

Name of the Vulnerable Software and Affected Versions ZTE ZXHN H188A versions V6.0.10P2 TE through V6.0.10P3N3 TE Description An issue exists that allows unauthenticated attackers on the local network to retrieve sensitive credentials from the router's web management interface. These credentials...

7.1CVSS5.8AI score0.08943EPSS
Exploits3References8
Vulnrichment
Vulnrichment
added 2026/03/30 12:0 a.m.4 views

CVE-2026-34472

Unauthenticated credential disclosure in the wizard interface in ZTE ZXHN H188A V6.0.10P2TE and V6.0.10P3N3TE allows unauthenticated attackers on the local network to retrieve sensitive credentials from the router's web management interface, including the default administrator password, WLAN PSK,...

5.9AI score0.08943EPSS
Exploits3References2
RedhatCVE
RedhatCVE
added 2026/03/28 4:59 p.m.4 views

CVE-2026-4960

A vulnerability was determined in Tenda AC6 15.03.05.16. Affected is the function fromWizardHandle of the file /goform/WizardHandle of the component POST Request Handler. Executing a manipulation of the argument WANT/WANS can lead to stack-based buffer overflow. The attack can be executed remotel...

9CVSS8AI score0.00773EPSS
Exploits1References1
NVD
NVD
added 2026/03/27 5:16 p.m.5 views

CVE-2026-4960

A vulnerability was determined in Tenda AC6 15.03.05.16. Affected is the function fromWizardHandle of the file /goform/WizardHandle of the component POST Request Handler. Executing a manipulation of the argument WANT/WANS can lead to stack-based buffer overflow. The attack can be executed remotel...

9CVSS0.00773EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/03/27 4:9 p.m.7 views

CVE-2026-4960 Tenda AC6 POST Request WizardHandle fromWizardHandle stack-based overflow

A vulnerability was determined in Tenda AC6 15.03.05.16. Affected is the function fromWizardHandle of the file /goform/WizardHandle of the component POST Request Handler. Executing a manipulation of the argument WANT/WANS can lead to stack-based buffer overflow. The attack can be executed remotel...

9CVSS8AI score0.00773EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/03/27 4:9 p.m.21 views

CVE-2026-4960 Tenda AC6 POST Request WizardHandle fromWizardHandle stack-based overflow

A vulnerability was determined in Tenda AC6 15.03.05.16. Affected is the function fromWizardHandle of the file /goform/WizardHandle of the component POST Request Handler. Executing a manipulation of the argument WANT/WANS can lead to stack-based buffer overflow. The attack can be executed remotel...

9CVSS0.00773EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/03/27 12:53 a.m.2 views

CVE-2026-4906

A vulnerability was determined in Tenda AC5 15.03.06.47. The affected element is the function decodePwd of the file /goform/WizardHandle of the component POST Request Handler. Executing a manipulation of the argument WANT/WANS can lead to stack-based buffer overflow. The attack can be executed...

9CVSS8.1AI score0.02604EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2026/03/27 12:53 a.m.30 views

CVE-2026-4906 Tenda AC5 POST Request WizardHandle decodePwd stack-based overflow

A vulnerability was determined in Tenda AC5 15.03.06.47. The affected element is the function decodePwd of the file /goform/WizardHandle of the component POST Request Handler. Executing a manipulation of the argument WANT/WANS can lead to stack-based buffer overflow. The attack can be executed...

9CVSS0.02604EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/03/27 12:0 a.m.10 views

Tenda AC5 安全漏洞

Tenda AC5 is a wireless router produced by the Chinese company Tenda. Version 15.03.06.47 of Tenda AC5 contains a security vulnerability. This vulnerability stems from improper handling of parameters WANT/WANS in files located at goform/WizardHandle, which may lead to a stack buffer overflow...

9CVSS7.7AI score0.02604EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/03/27 12:0 a.m.8 views

Tenda AC6 安全漏洞

Tenda AC6 is a wireless router produced by the Chinese company Tenda. Version 15.03.05.16 of Tenda AC6 contains a security vulnerability. This vulnerability stems from incorrect handling of parameters WANT/WANS in files or the goform/WizardHandle module, which may lead to a stack-based buffer...

9CVSS7.6AI score0.00773EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2026/03/26 3:15 p.m.4 views

CVE-2026-4195

A flaw has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This affects an unknown function of the file...

9.8CVSS6.3AI score0.03499EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/03/26 2:59 p.m.4 views

CVE-2026-2992

The KiviCare – Clinic & Patient Management System EHR plugin for WordPress is vulnerable to Privilege Escalation due to missing authorization on the /wp-json/kivicare/v1/setup-wizard/clinic REST API endpoint in all versions up to, and including, 4.1.2. This makes it possible for unauthenticated...

8.2CVSS5.8AI score0.00248EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 2:57 p.m.6 views

CVE-2019-25633

AIDA64 Extreme 5.99.4900 contains a structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying malicious input through the email preferences and report wizard interfaces. Attackers can inject crafted payloads into the Display nam...

8.6CVSS6.4AI score0.00257EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/03/25 12:45 p.m.5 views

CVE-2026-4761 Unnecessary permissions on private keys of certificates installed by Network and Security Wizard

When a certificate and its private key are installed in the Windows machine certificate store using Network and Security tool, access rights to the private key are unnecessarily granted to the operator group. Installations based on Panorama Suite 2025 25.00.004 are vulnerable unless update...

6.8CVSS5.8AI score0.00122EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/24 12:30 p.m.7 views

EUVD-2019-20006

AIDA64 Extreme 5.99.4900 contains a structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying malicious input through the email preferences and report wizard interfaces. Attackers can inject crafted payloads into the Display nam...

8.6CVSS6.4AI score0.00257EPSS
Exploits1References5
EUVD
EUVD
added 2026/03/24 12:30 p.m.4 views

EUVD-2019-20002

AIDA64 Business 5.99.4900 contains a structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by overwriting SEH pointers with malicious shellcode. Attackers can inject egg hunter shellcode through the SMTP display name field in preferences...

8.6CVSS6.4AI score0.00257EPSS
Exploits1References5
NVD
NVD
added 2026/03/24 12:16 p.m.3 views

CVE-2019-25631

AIDA64 Business 5.99.4900 contains a structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by overwriting SEH pointers with malicious shellcode. Attackers can inject egg hunter shellcode through the SMTP display name field in preferences...

8.6CVSS0.00257EPSS
Exploits1References4
NVD
NVD
added 2026/03/24 12:16 p.m.5 views

CVE-2019-25633

AIDA64 Extreme 5.99.4900 contains a structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying malicious input through the email preferences and report wizard interfaces. Attackers can inject crafted payloads into the Display nam...

8.6CVSS0.00257EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/03/24 11:27 a.m.5 views

CVE-2019-25633 AIDA64 Extreme 5.99.4900 SEH Buffer Overflow via EggHunter

AIDA64 Extreme 5.99.4900 contains a structured exception handling buffer overflow vulnerability that allows local attackers to execute arbitrary code by supplying malicious input through the email preferences and report wizard interfaces. Attackers can inject crafted payloads into the Display nam...

8.6CVSS6.4AI score0.00257EPSS
Exploits1References4
CVE
CVE
added 2026/03/24 11:27 a.m.18 views

CVE-2019-25633

CVE-2019-25633 affects AIDA64 Extreme 5.99.4900. A structured exception handling buffer overflow via the email preferences and report wizard interfaces allows a local attacker to execute arbitrary code by supplying crafted input. Specifically, payloads injected into the Display name field and via...

8.6CVSS6.4AI score0.00257EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder