Lucene search
K

4664 matches found

Vulnrichment
Vulnrichment
added 2026/04/22 7:7 a.m.5 views

CVE-2026-6022 Uncontrolled Resource Consumption Vulnerability in Telerik UI for ASP.NET AJAX

In Progress® Telerik® UI for AJAX prior to 2026.1.421, RadAsyncUpload contains an uncontrolled resource consumption vulnerability that allows file uploads to exceed the configured maximum size due to missing cumulative size enforcement during chunk reassembly, leading to disk space exhaustion...

7.5CVSS5.8AI score0.00288EPSS
Exploits0References1
CVE
CVE
added 2026/04/22 7:7 a.m.20 views

CVE-2026-6022

CVE-2026-6022 affects Progress Telerik UI for ASP.NET AJAX (RadAsyncUpload). Before 2026.1.421, RadAsyncUpload allows file uploads to exceed the configured maximum size due to missing cumulative size enforcement during chunk reassembly, causing disk space exhaustion. Affected: RadAsyncUpload in T...

7.5CVSS5.8AI score0.00288EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/04/21 7:20 p.m.72 views

CVE-2026-40372

ASP.NET Core has a elevation-of-privilege vulnerability (CVE-2026-40372) due to improper verification of a cryptographic signature. The issue affects ASP.NET Core components where signature verification is required, enabling a remote attacker to elevate privileges over a network without user inte...

9.1CVSS5.8AI score0.11205EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2026/04/21 12:0 a.m.4 views

UBUNTU-CVE-2026-40372

Improper verification of cryptographic signature in ASP.NET Core allows an unauthorized attacker to elevate privileges over a network...

9.1CVSS5.6AI score0.11205EPSS
Exploits0References7
Packet Storm
Packet Storm
added 2026/04/21 12:0 a.m.143 views

📄 ASP.net 8.0.10 Core Kestrel HTTP Request Smuggling

This Metasploit auxiliary module targets a critical HTTP request smuggling vulnerability in ASP.NET Core Kestrel caused by improper parsing of malformed chunked transfer encoding notably LF-only line handling and case-variant headers like chUnKEd...

9.9CVSS5.8AI score0.65838EPSS
Exploits5
RedhatCVE
RedhatCVE
added 2026/04/20 7:22 p.m.7 views

CVE-2026-6560

A security vulnerability has been detected in H3C Magic B0 up to 100R002. This vulnerability affects the function EditBasicSSID of the file /goform/aspForm. Such manipulation of the argument param leads to buffer overflow. The attack can be executed remotely. The exploit has been disclosed public...

9CVSS7.8AI score0.00481EPSS
Exploits0References1
NVD
NVD
added 2026/04/19 11:16 p.m.14 views

CVE-2026-6581

A vulnerability was detected in H3C Magic B1 up to 100R004. Affected by this vulnerability is the function SetMobileAPInfoById of the file /goform/aspForm. Performing a manipulation of the argument param results in buffer overflow. Remote exploitation of the attack is possible. The exploit is now...

9CVSS0.00445EPSS
Exploits0References4
EUVD
EUVD
added 2026/04/19 9:30 a.m.5 views

EUVD-2026-23690

A vulnerability has been found in H3C Magic B1 up to 100R004. The affected element is the function SetAPWifiorLedInfoById of the file /goform/aspForm. The manipulation of the argument param leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to...

9CVSS7.7AI score0.00481EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/04/19 12:0 a.m.10 views

H3C Magic B0 安全漏洞

H3C Magic B0 is a small wireless router produced by H3C Corporation. Versions of H3C Magic B0 including the 100R002 model had security vulnerabilities. These vulnerabilities stemmed from improper handling of parameters in the file/goform/aspForm, which could lead to buffer overflows...

9CVSS7.5AI score0.00481EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/19 12:0 a.m.6 views

PT-2026-37048

Name of the Vulnerable Software and Affected Versions D-Link DI-8100 version 16.07.26A1 Description A buffer overflow can be triggered remotely via the POST Parameter Handler component. The issue exists within the url rule asp function of the '/url rule.asp' endpoint. Recommendations At the momen...

10CVSS7.5AI score0.0586EPSS
Exploits1References16
CNNVD
CNNVD
added 2026/04/17 12:0 a.m.10 views

DNN 安全漏洞

DNN also known as DotNetNuke is an open-source content management system CMS developed by the American company DNN, supported by Microsoft and based on the ASP.NET platform. This system features easy installation, scalability, and rich functionality. Versions of DNN prior to 10.2.2 contained...

8CVSS5.7AI score0.07598EPSS
Exploits0References2
CNVD
CNVD
added 2026/04/16 12:0 a.m.4 views

D-Link DI-8003 Buffer Overflow Vulnerability (CNVD-2026-17632)

The D-Link DI-8003 is a wireless router from China-based AUO D-Link. The D-Link DI-8003 suffers from a buffer overflow vulnerability caused by incorrect boundary checking in the tggl.asp script, which can be exploited by an attacker to cause a denial of service...

7.5CVSS6.1AI score0.00516EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/04/10 7:22 p.m.9 views

CVE-2025-50647

A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1, specifically in the handling of the wans parameter in the qos.asp endpoint...

7.5CVSS6AI score0.00516EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/10 7:22 p.m.4 views

CVE-2025-50648

A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to inadequate input validation in the /tggl.asp endpoint...

7.5CVSS6AI score0.00516EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/04/10 1:22 a.m.9 views

CVE-2025-45058

D-Link DI-8300 v16.07.26A1 was discovered to contain a buffer overflow via the fx parameter in the jingxasp function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input...

7.5CVSS6.2AI score0.00395EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/08 9:33 p.m.7 views

EUVD-2025-209325

A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to insufficient input validation on the name parameter in the /qostypeasp.asp endpoint...

6.2AI score0.00516EPSS
Exploits0References3
EUVD
EUVD
added 2026/04/08 9:33 p.m.11 views

EUVD-2025-209337

A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the name parameter in the /thdgroup.asp endpoint...

6.2AI score0.00516EPSS
Exploits0References3
NVD
NVD
added 2026/04/08 7:24 p.m.9 views

CVE-2025-50673

A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the httplanport parameter in the /webgl.asp endpoint...

7.5CVSS0.00408EPSS
Exploits0References2
NVD
NVD
added 2026/04/08 7:24 p.m.4 views

CVE-2025-50672

A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of parameters in the /yyxzdlink.asp endpoint...

7.5CVSS0.00412EPSS
Exploits0References2
NVD
NVD
added 2026/04/08 7:24 p.m.5 views

CVE-2025-50660

A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the name parameter in the /urlmember.asp endpoint...

7.5CVSS0.00516EPSS
Exploits0References3
Rows per page
Query Builder