2337 matches found
Aruba Instant Access Point (IAP) - Cross-Site Scripting
A remote cross-site scripting xss vulnerability was discovered in some Aruba Instant Access Point IAP products in versions: Aruba Instant 6.4.x: 6.4.4.8-4.2.4.17 and below; Aruba Instant 6.5.x: 6.5.4.18 and below; Aruba Instant 8.3.x: 8.3.0.14 and below; Aruba Instant 8.5.x: 8.5.0.11 and below;...
CVE-2026-58374
In hostapd before 2.12, a missing bounds check in AP-mode Wi-Fi 7 IEEE 802.11be Multi-Link Operation MLO association request processing allows an unauthenticated attacker within wireless range to send a crafted management frame containing a malformed Multi-Link Element or Per-STA Profile...
CVE-UNASSIGNED-2020-SAMSUNG-WLAN-AP-RCE-01
creationtimestamp| type| source ---|---|--- 2026-06-30 09:59:18+00:00| exploited| https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/38da8f85-bb02-4be1-85fb-378e980285c8...
DEBIAN-CVE-2026-53317
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921: Place upper limit on station AID Any station configured with an AID over 20 causes a firmware crash. This situation occurred in our testing using an AP interface on 7922 hardware, with a modified hostapd,...
CVE-2026-53317
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921: Place upper limit on station AID Any station configured with an AID over 20 causes a firmware crash. This situation occurred in our testing using an AP interface on 7922 hardware, with a modified hostapd,...
UBUNTU-CVE-2026-53317
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921: Place upper limit on station AID Any station configured with an AID over 20 causes a firmware crash. This situation occurred in our testing using an AP interface on 7922 hardware, with a modified hostapd,...
CVE-2026-53317
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921: Place upper limit on station AID Any station configured with an AID over 20 causes a firmware crash. This situation occurred in our testing using an AP interface on 7922 hardware, with a modified hostapd,...
CVE-2026-53317
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921: Place upper limit on station AID Any station configured with an AID over 20 causes a firmware crash. This situation occurred in our testing using an AP interface on 7922 hardware, with a modified hostapd,...
CVE-2026-38065
Tenda 5G03 V05.03.02.04 Version 1.0 is vulnerable to Command injection in the function actionimsonwithapn via the imsapn parameter...
PT-2026-49294
Name of the Vulnerable Software and Affected Versions Tenda 5G03 version V05.03.02.04 Version 1.0 Description Command injection is possible in the action radio on with ia apn function through the ia parameter. Command injection is a flaw that allows an attacker to execute arbitrary operating syst...
CVE-2026-45160
ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.2.7, 5.3.5, 5.4.4, 5.5.4, and 6.0.1, an out-of-bounds read flaw exists in the DHCP server option parser parseoptions in components/lwip/apps/dhcpserver/dhcpserver.c shipped with ESP-IDF's lwIP component. The pars...
Exploit for Heap-based Buffer Overflow in Mediatek Mt6890_Firmware
CVE-2026-20452 — MediaTek WLAN AP Heap Overflow PoC Proof of...
CVE-2026-42961
ELECOM wireless LAN access point devices implement CSRF protection mechanism, but with inadequate handling of CSRF tokens. If a user views a malicious page while logged in, the user may be tricked to do unintended operations...
CVE-2026-10259
A security vulnerability has been detected in H3C Magic B0 up to 100R002. The affected element is the function SetMobileAPInfoById of the file /goform/aspForm. Such manipulation of the argument param leads to stack-based buffer overflow. The attack may be performed from remote. The exploit has be...
CVE-2026-42062
ELECOM wireless LAN access point devices contain an OS command injection in processing of username parameter. If processing a crafted request, an arbitrary OS command may be executed. No authentication is required...
CVE-2026-40621
ELECOM wireless LAN access point devices do not require authentication to access some specific URLs. The affected product may be operated without authentication...
CVE-2026-46248
A flaw was found in the Linux kernel's ath12k Wi-Fi driver. When an arvif Access Point Virtual Interface is initialized in non-AP STA mode and a Multi-Link Operation MLO connection fails before the arvif is fully created, a stale link mapping can persist. This can lead to a kernel warning WARNON...
CVE-2019-25719
Dräger Infinity Acute Care System and Standalone Infinity M540 patient monitors running software versions VG4.1.1, VG4.0.3, and lower contain network message handling vulnerabilities that allow network-adjacent attackers to spoof or tamper with data and cause denial-of-service conditions. Attacke...
CVE-2026-20452
In wlan AP driver, there is a possible memory corruption due to a heap buffer overflow. This could lead to remote proximal/adjacent code execution with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00480138; Issue ID: MSV-6295...
CVE-2026-20452
In wlan AP driver, there is a possible memory corruption due to a heap buffer overflow. This could lead to remote proximal/adjacent code execution with User execution privileges needed. User interaction is not needed for exploitation. Patch ID: WCNCR00480138; Issue ID: MSV-6295...