Lucene search
+L

1028 matches found

EUVD
EUVD
added 2026/05/12 9:31 p.m.11 views

EUVD-2026-29738

A vulnerability in the XML handling component of AOS-8 DHCP services could allow an unauthenticated remote attacker to trigger a denial-of-service condition. Successful exploitation could allow an attacker to cause excessive resource consumption upon user interaction, leading to service disruptio...

5.3CVSS5.8AI score0.00263EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/12 9:31 p.m.10 views

EUVD-2026-29737

A vulnerability in the configuration processing logic of Access Points running AOS-10 could allow an authenticated remote attacker to execute system commands under certain pre-existing conditions. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying...

7.2CVSS6.1AI score0.00616EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/12 9:31 p.m.14 views

EUVD-2026-29739

A vulnerability in the command line interface of Access Points running AOS-10 could allow an authenticated remote attacker to perform command injection. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system. NOTE: This vulnerability only...

7.2CVSS6.2AI score0.00957EPSS
Exploits0References2
EUVD
EUVD
added 2026/05/12 9:31 p.m.11 views

EUVD-2026-29734

A vulnerability in the web-based management interface of Access Points running AOS-10 and AOS-8 Instant could allow an unauthenticated remote attacker to execute arbitrary JavaScript code in a victim's browser within the same local network. Successful exploitation could allow an attacker to...

8.8CVSS6.2AI score0.0027EPSS
Exploits0References2
NVD
NVD
added 2026/05/12 7:16 p.m.10 views

CVE-2026-23819

A vulnerability in the web-based management interface of Access Points running AOS-10 and AOS-8 Instant could allow an unauthenticated remote attacker to execute arbitrary JavaScript code in a victim's browser within the same local network. Successful exploitation could allow an attacker to...

8.8CVSS0.0027EPSS
Exploits0References1
NVD
NVD
added 2026/05/12 7:16 p.m.10 views

CVE-2026-23822

A vulnerability in the XML handling component of AOS-8 DHCP services could allow an unauthenticated remote attacker to trigger a denial-of-service condition. Successful exploitation could allow an attacker to cause excessive resource consumption upon user interaction, leading to service disruptio...

5.3CVSS0.00263EPSS
Exploits0References1
CVE
CVE
added 2026/05/12 6:38 p.m.23 views

CVE-2026-23823

Summary: CVE-2026-23823 describes a vulnerability in the command line interface of Access Points running AOS-10, enabling an authenticated remote attacker to perform command injection and potentially execute arbitrary commands on the underlying operating system. Affected products/versions: Access...

7.2CVSS6.2AI score0.00957EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/12 6:37 p.m.9 views

CVE-2026-23822 Unauthenticated XML External Entity Injection in AOS-8 Instant allows Denial of Service

A vulnerability in the XML handling component of AOS-8 DHCP services could allow an unauthenticated remote attacker to trigger a denial-of-service condition. Successful exploitation could allow an attacker to cause excessive resource consumption upon user interaction, leading to service disruptio...

5.3CVSS5.8AI score0.00263EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/12 6:35 p.m.32 views

CVE-2026-23821 Inconsistent input filtering allows Authenticated Command Injection in AOS-10 CLI

A vulnerability in the configuration processing logic of Access Points running AOS-10 could allow an authenticated remote attacker to execute system commands under certain pre-existing conditions. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying...

7.2CVSS0.00616EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/12 6:35 p.m.7 views

CVE-2026-23821 Inconsistent input filtering allows Authenticated Command Injection in AOS-10 CLI

A vulnerability in the configuration processing logic of Access Points running AOS-10 could allow an authenticated remote attacker to execute system commands under certain pre-existing conditions. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying...

7.2CVSS6.1AI score0.00616EPSS
Exploits0References1
CVE
CVE
added 2026/05/12 6:31 p.m.30 views

CVE-2026-23819

CVE-2026-23819 affects Access Points running AOS-10 and AOS-8 Instant, targeting the web-based management interface. The vulnerability arises from SSID processing in the web UI, enabling an unauthenticated remote attacker to inject and execute arbitrary JavaScript in a victim’s browser within the...

8.8CVSS6.2AI score0.0027EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/05/12 6:31 p.m.34 views

CVE-2026-23819 Error in SSID Processing allows Stored XSS in Web Management Interface

A vulnerability in the web-based management interface of Access Points running AOS-10 and AOS-8 Instant could allow an unauthenticated remote attacker to execute arbitrary JavaScript code in a victim's browser within the same local network. Successful exploitation could allow an attacker to...

8.8CVSS0.0027EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/12 6:31 p.m.9 views

CVE-2026-23819 Error in SSID Processing allows Stored XSS in Web Management Interface

A vulnerability in the web-based management interface of Access Points running AOS-10 and AOS-8 Instant could allow an unauthenticated remote attacker to execute arbitrary JavaScript code in a victim's browser within the same local network. Successful exploitation could allow an attacker to...

8.8CVSS6.2AI score0.0027EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.13 views

PT-2026-40337

A vulnerability in the command line interface of Access Points running AOS-10 and AOS-8 Instant could allow an authenticated remote attacker to execute system commands in a restricted shell environment. Successful exploitation could allow an attacker to execute arbitrary commands on the underlyin...

7.2CVSS6.1AI score0.00555EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.15 views

PT-2026-40339

A vulnerability in the XML handling component of AOS-8 DHCP services could allow an unauthenticated remote attacker to trigger a denial-of-service condition. Successful exploitation could allow an attacker to cause excessive resource consumption upon user interaction, leading to service disruptio...

5.3CVSS5.8AI score0.00263EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.11 views

PT-2026-40338

A vulnerability in the configuration processing logic of Access Points running AOS-10 could allow an authenticated remote attacker to execute system commands under certain pre-existing conditions. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying...

7.2CVSS6.1AI score0.00616EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.13 views

PT-2026-40336

A vulnerability in the web-based management interface of Access Points running AOS-10 and AOS-8 Instant could allow an unauthenticated remote attacker to execute arbitrary JavaScript code in a victim's browser within the same local network. Successful exploitation could allow an attacker to...

8.8CVSS6.2AI score0.0027EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.15 views

PT-2026-40340

A vulnerability in the command line interface of Access Points running AOS-10 could allow an authenticated remote attacker to perform command injection. Successful exploitation could allow an attacker to execute arbitrary commands on the underlying operating system. NOTE: This vulnerability only...

7.2CVSS6.2AI score0.00957EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/06 12:0 a.m.13 views

PT-2026-37466

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A Use-After-Free UAF issue exists in the ALSA OSS mixer layer. The mixer layer calls kcontrol operations individually, which may result in pending calls not being caught when a device is...

9.8CVSS5.7AI score0.03663EPSS
Exploits28References473
CNNVD
CNNVD
added 2026/04/23 12:0 a.m.10 views

Tenable Nessus 后置链接漏洞

Tenable Nessus is a vulnerability scanning software developed by the American company Tenable. Tenable Nessus has a backlink vulnerability, which allows attackers to create connection points, enabling them to delete any file with SYSTEM privileges. This vulnerability could potentially be exploite...

8.6CVSS5.9AI score0.00146EPSS
Exploits0References1
Rows per page
Query Builder