Lucene search
+L

1282 matches found

nuclei
nuclei
added 9 hours ago256 views

PrestaShop AP Pagebuilder <= 2.4.4 - SQL Injection

A SQL injection vulnerability in the productalloneimg and imageproduct parameters of the ApolloTheme AP PageBuilder component through 2.4.4 for PrestaShop allows unauthenticated attackers to exfiltrate database data. id: CVE-2022-22897 info: name: PrestaShop AP Pagebuilder = 2.4.4 - SQL Injection...

9.8CVSS7AI score0.10814EPSS
Exploits3References3
nuclei
nuclei
added 9 hours ago70 views

AP Pricing Tables Lite <= 1.1.6 - SQL Injection

The plugin does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high-privilege users such as admins. id: CVE-2023-0900 info: name: AP Pricing Tables Lite = 1.1.6 - SQL Injection author: r3Y3r53 severity: high description: ...

7.2CVSS7AI score0.03229EPSS
Exploits2References3
nuclei
nuclei
added 9 hours ago169 views

ZyXel USG - Hardcoded Credentials

A hardcoded credential vulnerability was identified in the 'zyfwp' user account in some Zyxel firewalls and AP controllers. The account was designed to deliver automatic firmware updates to connected access points through FTP. id: CVE-2020-29583 info: name: ZyXel USG - Hardcoded Credentials autho...

10CVSS7.1AI score0.90049EPSS
Exploits2References5
nuclei
nuclei
added 9 hours ago99 views

Wavlink Multiple AP - Remote Command Injection

Wavlink products are affected by a vulnerability that may allow remote unauthenticated users to execute arbitrary commands as root on Wavlink devices. The user input is not properly sanitized which allows command injection via the "key" parameter in a login request. It has been tested on Wavlink...

10CVSS7.2AI score0.68794EPSS
Exploits1References5
susecve
susecve
added 2026/06/28 1:8 a.m.7 views

SUSE CVE-2026-53317

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921: Place upper limit on station AID Any station configured with an AID over 20 causes a firmware crash. This situation occurred in our testing using an AP interface on 7922 hardware, with a modified hostapd,...

5.8AI score0.00114EPSS
Exploits0References3
nessus
nessus
added 2026/06/28 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-53317

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wifi: mt76: mt7921: Place upper limit on station AID Any station configured with an AID over 20 causes a firmware crash. This situation occurred in our testing...

5.5CVSS6.2AI score0.00114EPSS
Exploits0References4
nessus
nessus
added 2026/06/28 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-53116

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - s390/ap: use generic driveroverride infrastructure When the AP masks are updated via apmaskstore or aqmaskstore, apbusrevisebindings is called after apattrmutex...

5.9AI score0.00145EPSS
Exploits0References3
euvd
euvd
added 2026/06/26 7:41 p.m.7 views

EUVD-2026-39852

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921: Place upper limit on station AID Any station configured with an AID over 20 causes a firmware crash. This situation occurred in our testing using an AP interface on 7922 hardware, with a modified hostapd,...

5.8AI score0.00114EPSS
Exploits0References4
cve
cve
added 2026/06/26 7:41 p.m.14 views

CVE-2026-53317

CVE-2026-53317 concerns the Linux kernel wifi driver stack (mt76/mt7921). A station AID value greater than 20 could trigger a firmware crash on AP interfaces (IFTYPE_AP) when a modified hostapd allocates AIDs starting at a high value (65 in testing). The issue is mitigated by a fix that imposes a...

5.5CVSS5.8AI score0.00114EPSS
Exploits0References4Affected Software1
ptsecurity
ptsecurity
added 2026/06/26 12:0 a.m.12 views

PT-2026-52956

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A firmware crash occurs in the mt7921 wifi driver when a station is configured with an Association Identifier AID greater than 20. This issue specifically affects IFTYPE AP interfaces an...

5.5CVSS5.8AI score0.00114EPSS
Exploits0References18
nvd
nvd
added 2026/06/25 9:16 p.m.6 views

CVE-2026-37452

Insecure Permissions vulnerability in MSI NBFoundation Service v.2.0.2506.1201 allows a remote attacker to obtain sensitive information via the MSIAPService.exe component...

7.5CVSS0.00398EPSS
Exploits1References2
redhatcve
redhatcve
added 2026/06/25 6:1 p.m.5 views

CVE-2026-53116

A flaw was found in the Linux kernel's s390/ap driver. A race condition occurs when AP masks are updated, leading to aprevisereserved accessing the driveroverride field without proper locking. This can result in a Use-After-Free UAF vulnerability, where memory is accessed after it has been freed...

5.5CVSS5.9AI score0.00145EPSS
Exploits0References4
nvd
nvd
added 2026/06/24 5:17 p.m.9 views

CVE-2026-53116

In the Linux kernel, the following vulnerability has been resolved: s390/ap: use generic driveroverride infrastructure When the AP masks are updated via apmaskstore or aqmaskstore, apbusrevisebindings is called after apattrmutex has been released. This calls aprevisereserved, which accesses the...

0.00145EPSS
Exploits0References2
osv
osv
added 2026/06/24 4:30 p.m.3 views

CVE-2026-53116 s390/ap: use generic driver_override infrastructure

In the Linux kernel, the following vulnerability has been resolved: s390/ap: use generic driveroverride infrastructure When the AP masks are updated via apmaskstore or aqmaskstore, apbusrevisebindings is called after apattrmutex has been released. This calls aprevisereserved, which accesses the...

5.8AI score0.00145EPSS
Exploits0References5
attackerkb
attackerkb
added 2026/06/24 4:30 p.m.6 views

CVE-2026-53116

In the Linux kernel, the following vulnerability has been resolved: s390/ap: use generic driveroverride infrastructure When the AP masks are updated via apmaskstore or aqmaskstore, apbusrevisebindings is called after apattrmutex has been released. This calls aprevisereserved, which accesses the...

5.7AI score0.00145EPSS
Exploits0References3Affected Software1
euvd
euvd
added 2026/06/24 4:30 p.m.6 views

EUVD-2026-38984

In the Linux kernel, the following vulnerability has been resolved: s390/ap: use generic driveroverride infrastructure When the AP masks are updated via apmaskstore or aqmaskstore, apbusrevisebindings is called after apattrmutex has been released. This calls aprevisereserved, which accesses the...

5.7AI score0.00145EPSS
Exploits0References2
cve
cve
added 2026/06/24 4:30 p.m.15 views

CVE-2026-53116

CVE-2026-53116 affects the Linux kernel s390/ap subsystem. The vulnerability arises when AP masks are updated via apmask_store() or aqmask_store(): ap_bus_revise_bindings() runs after ap_attr_mutex is released and __ap_revise_reserved() accesses driver_override without a lock, racing with driver_...

5.7AI score0.00145EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2026/06/10 12:26 a.m.9 views

CVE-2026-45160 ESF-IDF: Out-of-bounds Read in lwIP DHCP Server Option Parser

ESF-IDF is the Espressif Internet of Things IOT Development Framework. In versions 5.2.7, 5.3.5, 5.4.4, 5.5.4, and 6.0.1, an out-of-bounds read flaw exists in the DHCP server option parser parseoptions in components/lwip/apps/dhcpserver/dhcpserver.c shipped with ESP-IDF's lwIP component. The pars...

6.5CVSS5.6AI score0.00246EPSS
Exploits0References7
githubexploit
githubexploit
added 2026/06/06 7:25 a.m.112 views

Exploit for Heap-based Buffer Overflow in Mediatek Mt6890_Firmware

CVE-2026-20452 — MediaTek WLAN AP Heap Overflow PoC Proof of...

8CVSS5.8AI score0.00435EPSS
Exploits1
redhatcve
redhatcve
added 2026/06/05 7:43 p.m.11 views

CVE-2026-8264

A weakness has been identified in Tenda AC6 15.03.06.23. Affected by this vulnerability is the function formWifiApScan of the file /goform/WifiApScan of the component httpd. Executing a manipulation of the argument wl2g.public.country/wl5g.public.country can lead to os command injection. It is...

8.8CVSS6.3AI score0.02891EPSS
Exploits1References1
Rows per page
Query Builder