Lucene search
K

1279 matches found

NVD
NVD
added 2026/03/10 9:16 p.m.6 views

CVE-2026-0123

In EfwApTransport::ProcessRxRing of efwaptransport.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

8.4CVSS0.00073EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/10 8:46 p.m.4 views

CVE-2026-0123

In EfwApTransport::ProcessRxRing of efwaptransport.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

5.9AI score0.00073EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/10 8:46 p.m.3 views

CVE-2026-0123

In EfwApTransport::ProcessRxRing of efwaptransport.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

8.4CVSS5.9AI score0.00073EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/03/10 12:0 a.m.14 views

PT-2026-24452

In EfwApTransport::ProcessRxRing of efw ap transport.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

8.4CVSS5.9AI score0.00073EPSS
Exploits0References3
EUVD
EUVD
added 2026/03/09 6:31 p.m.6 views

EUVD-2025-208431

A command injection vulnerability was identified in the web module of Archer AXE75 v1.6/v1.0 router. An authenticated attacker with adjacent-network access may be able to perform remote code execution RCE when the router is configured with sysmode=ap. Successful exploitation results in root-level...

8.5CVSS6.3AI score0.01441EPSS
Exploits0References5
EUVD
EUVD
added 2026/03/09 6:31 p.m.4 views

EUVD-2025-208430

A command injection vulnerability was identified in the web module of Archer AXE75 v1.6/v1.0 router. An authenticated attacker with adjacent-network access may be able to perform remote code execution RCE when the router is configured with sysmode=ap. Successful exploitation results in root-level...

8.5CVSS6.3AI score0.01441EPSS
Exploits0References5
NVD
NVD
added 2026/03/09 5:16 p.m.6 views

CVE-2025-15568

A command injection vulnerability was identified in the web module of Archer AXE75 v1.6/v1.0 router. An authenticated attacker with adjacent-network access may be able to perform remote code execution RCE when the router is configured with sysmode=ap. Successful exploitation results in root-level...

8.5CVSS0.01441EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/03/09 4:19 p.m.32 views

CVE-2025-15568 Command Injection Vulnerability on TP-Link Archer AXE75

A command injection vulnerability was identified in the web module of Archer AXE75 v1.6/v1.0 router. An authenticated attacker with adjacent-network access may be able to perform remote code execution RCE when the router is configured with sysmode=ap. Successful exploitation results in root-level...

8.5CVSS0.01441EPSS
Exploits0References4
Vulnrichment
Vulnrichment
added 2026/03/09 4:19 p.m.3 views

CVE-2025-15568 Command Injection Vulnerability on TP-Link Archer AXE75

A command injection vulnerability was identified in the web module of Archer AXE75 v1.6/v1.0 router. An authenticated attacker with adjacent-network access may be able to perform remote code execution RCE when the router is configured with sysmode=ap. Successful exploitation results in root-level...

8.5CVSS6.3AI score0.01441EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/03/09 12:0 a.m.6 views

PT-2026-24082

Name of the Vulnerable Software and Affected Versions Archer AXE75 versions 1.0 through 1.3.2 Build 20250107 Description A command injection issue exists in the web module of the Archer AXE75 router. An authenticated attacker with adjacent-network access may be able to execute remote code RCE whe...

8.5CVSS6.1AI score0.01441EPSS
Exploits0References8
OSV
OSV
added 2026/03/01 12:0 a.m.13 views

PUB-A-430693465

In EfwApTransport::ProcessRxRing of efwaptransport.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

8.4CVSS6.1AI score0.00073EPSS
Exploits0References1
CVE
CVE
added 2026/02/23 9:2 a.m.22 views

CVE-2026-2981

CVE-2026-2981 affects UTT HiPER 810G versions up to 1.7.7-1711. The vulnerability is a buffer overflow in strcpy in /goform/formTaskEdit_ap caused by manipulating the txtMin2 argument, enabling remote exploitation. The exploit is public. Remediation: update to a fixed version (versions beyond 1.7...

9CVSS8.5AI score0.00677EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/08 1:32 a.m.3 views

CVE-2026-2129 D-Link DIR-823X set_ac_status os command injection

A vulnerability was found in D-Link DIR-823X 250416. Affected by this issue is some unknown functionality of the file /goform/setacstatus. Performing a manipulation of the argument acipaddr/acipstatus/aprandtime results in os command injection. The attack may be initiated remotely. The exploit ha...

8.6CVSS6.8AI score0.04317EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/02/08 1:32 a.m.43 views

CVE-2026-2129 D-Link DIR-823X set_ac_status os command injection

A vulnerability was found in D-Link DIR-823X 250416. Affected by this issue is some unknown functionality of the file /goform/setacstatus. Performing a manipulation of the argument acipaddr/acipstatus/aprandtime results in os command injection. The attack may be initiated remotely. The exploit ha...

8.6CVSS0.04317EPSS
Exploits1References5
CNNVD
CNNVD
added 2026/02/08 12:0 a.m.6 views

D-Link DIR-823X 操作系统命令注入漏洞

The D-Link DIR-823X is a wireless router produced by D-Link Corporation. The D-Link DIR-823X 250416 version has a vulnerability related to operating system command injection. This vulnerability stems from incorrect operations on parameters such as acipaddr, acipstatus, and aprandtime in the...

8.6CVSS7.1AI score0.04317EPSS
Exploits1References6
EUVD
EUVD
added 2026/02/04 11:15 p.m.6 views

EUVD-2019-19385

Alps Pointing-device Controller 8.1202.1711.04 contains an unquoted service path vulnerability in the ApHidMonitorService that allows local attackers to execute code with elevated privileges. Attackers can place a malicious executable in the service path and gain system-level access when the...

8.5CVSS5.8AI score0.00161EPSS
Exploits0References3
OSV
OSV
added 2026/02/04 1:57 p.m.12 views

CLSA-2026-1770213436 Update of microcode_ctl

Update Intel CPU microcode to 20251111: - Addition of cpuid:806F8/0x10 SPR-HBM B3 microcode in microcode.dat at revision 0x2c000410; - Addition of cpuid:806F8/0x87 SPR-SP E5/S3 microcode in microcode.dat at revision 0x2b000650; - Addition of cpuid:90672/0x07 ADL-HX/S 8+8 C0 microcode in...

5.7AI score
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/04 3:15 a.m.4 views

CVE-2025-58345

An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, 1580, W920, W930 and W1000. There is unbounded memory allocation via a large buffer in a /proc/driver/unifi0/apcertif11axmode write operation, leading to...

5.5CVSS5.6AI score0.00107EPSS
Exploits0References1
NVD
NVD
added 2026/02/03 6:16 p.m.7 views

CVE-2025-58345

An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, 1580, W920, W930 and W1000. There is unbounded memory allocation via a large buffer in a /proc/driver/unifi0/apcertif11axmode write operation, leading to...

5.5CVSS0.00107EPSS
Exploits0References2
NVD
NVD
added 2026/02/03 6:16 p.m.5 views

CVE-2025-58341

An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, 1580, W920, W930 and W1000. There is unbounded memory allocation via a large buffer in a /proc/driver/unifi0/apcertdisablehtvht write operation, leading to...

6.2CVSS0.00152EPSS
Exploits0References2
Rows per page
Query Builder