Lucene search
K

192445 matches found

Vulnrichment
Vulnrichment
added 2026/03/09 7:2 a.m.4 views

CVE-2026-3808 Tenda FH1202 webtypelibrary formWebTypeLibrary stack-based overflow

A vulnerability was detected in Tenda FH1202 1.2.0.14408. The affected element is the function formWebTypeLibrary of the file /goform/webtypelibrary. Performing a manipulation of the argument webSiteId results in stack-based buffer overflow. The attack may be initiated remotely. The exploit is no...

9CVSS6.5AI score0.02551EPSS
Exploits1References5
NVD
NVD
added 2026/03/09 6:16 a.m.5 views

CVE-2026-3804

A security flaw has been discovered in Tenda i3 1.0.0.62204. This vulnerability affects the function formWifiMacFilterSet of the file /goform/WifiMacFilterSet. The manipulation of the argument index results in stack-based buffer overflow. It is possible to launch the attack remotely. The exploit...

9CVSS0.00654EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/03/09 5:32 a.m.2 views

CVE-2026-3804 Tenda i3 WifiMacFilterSet formWifiMacFilterSet stack-based overflow

A security flaw has been discovered in Tenda i3 1.0.0.62204. This vulnerability affects the function formWifiMacFilterSet of the file /goform/WifiMacFilterSet. The manipulation of the argument index results in stack-based buffer overflow. It is possible to launch the attack remotely. The exploit...

9CVSS6.3AI score0.00654EPSS
Exploits1References5
OSV
OSV
added 2026/03/09 5:15 a.m.4 views

CVE-2026-3802

A vulnerability was determined in Tenda i3 1.0.0.62204. Affected by this issue is the function formexeCommand of the file /goform/exeCommand. Executing a manipulation of the argument cmdinput can lead to stack-based buffer overflow. The attack may be performed from remote. The exploit has been...

8.8CVSS6.4AI score0.00632EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/03/09 4:32 a.m.27 views

CVE-2026-3802 Tenda i3 exeCommand formexeCommand stack-based overflow

A vulnerability was determined in Tenda i3 1.0.0.62204. Affected by this issue is the function formexeCommand of the file /goform/exeCommand. Executing a manipulation of the argument cmdinput can lead to stack-based buffer overflow. The attack may be performed from remote. The exploit has been...

9CVSS0.00632EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/03/09 3:38 a.m.31 views

CVE-2026-3822 Taipower|Taipower APP(Android) - Improper Certificate Validation

Taipower APP for Andorid developed by Taipower has an Improper Certificate Validation vulnerability. When establishing an HTTPS connection with the server, the application fails to verify the server-side TLS/SSL certificate. This flaw allows an unauthenticated remote attackers to exploit the...

8.3CVSS0.00152EPSS
Exploits0References2
EUVD
EUVD
added 2026/03/09 3:30 a.m.5 views

EUVD-2026-10284

A vulnerability was identified in doramart DoraCMS 3.0.x. This issue affects some unknown processing of the file /api/v1/mail/send of the component Email API. Such manipulation leads to improper authentication. It is possible to launch the attack remotely. The exploit is publicly available and...

7.5CVSS5.4AI score0.00653EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/03/09 3:2 a.m.3 views

CVE-2026-3798 Comfast CF-AC100 Request Path mbox-config sub_44AC14 command injection

A vulnerability was detected in Comfast CF-AC100 2.6.0.8. This affects the function sub44AC14 of the file /cgi-bin/mbox-config?method=SET&section=pingconfig of the component Request Path Handler. The manipulation results in command injection. The attack may be launched remotely. The exploit is no...

5.8CVSS5.6AI score0.13485EPSS
Exploits1References4
RedhatCVE
RedhatCVE
added 2026/03/09 1:42 a.m.5 views

CVE-2026-3679

A vulnerability was identified in Tenda FH451 1.0.0.9. Affected by this vulnerability is the function formQuickIndex of the file /goform/QuickIndex. Such manipulation of the argument mitlinktype/PPPOEPassword leads to stack-based buffer overflow. It is possible to launch the attack remotely. The...

9CVSS8AI score0.00594EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/03/09 1:32 a.m.4 views

CVE-2026-3793

A vulnerability was determined in SourceCodester Sales and Inventory System 1.0. This vulnerability affects unknown code of the file salesinvoice1.php of the component GET Parameter Handler. This manipulation of the argument sellid causes sql injection. It is possible to initiate the attack...

6.5CVSS6.5AI score0.00368EPSS
Exploits1References5Affected Software1
EUVD
EUVD
added 2026/03/09 12:30 a.m.4 views

EUVD-2026-10276

A security flaw has been discovered in EasyCMS up to 1.6. The impacted element is an unknown function of the file /RbacuserAction.class.php of the component Request Parameter Handler. The manipulation of the argument order results in sql injection. The attack can be launched remotely. The exploit...

8.8CVSS6.4AI score0.00276EPSS
Exploits2References5
EUVD
EUVD
added 2026/03/09 12:30 a.m.8 views

EUVD-2026-10274

A vulnerability has been found in SourceCodester/janobe Resort Reservation System 1.0. This vulnerability affects unknown code of the file /accomodation.php. Such manipulation of the argument q leads to sql injection. The attack may be performed from remote. The exploit has been disclosed to the...

8.8CVSS5.7AI score0.00295EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/03/09 12:0 a.m.9 views

PT-2026-24053

Name of the Vulnerable Software and Affected Versions UTT HiPER 810G versions up to 1.7.7-1711 Description A security flaw exists in UTT HiPER 810G up to version 1.7.7-1711. The issue is related to a buffer overflow in the strcpy function located in the /goform/getOneApConfTempEntry file. Remote...

9CVSS7.5AI score0.00772EPSS
Exploits1References10
CNVD
CNVD
added 2026/03/09 12:0 a.m.5 views

Apache Airflow Log Message Disclosure Vulnerability

Apache Airflow is the United States Apache Apache Foundation's set of open source platform with the creation, management and monitoring of workflow functions. The platform is scalable and dynamic monitoring and other features. Apache Airflow has a log information disclosure vulnerability. An...

6.5CVSS5.8AI score0.00363EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2026/03/09 12:0 a.m.2 views

SoK: Harmonizing Attack Graphs and Intrusion Detection Systems

Detecting and responding to cyber attacks is increasingly difficult as high-volume, complex network traffic allows threats to remain concealed. While Intrusion Detection Systems IDSs identify anomalous behavior, Attack Graphs AGs serve as the primary threat model for analyzing attacker strategies...

5.8AI score
Exploits0
CNNVD
CNNVD
added 2026/03/09 12:0 a.m.12 views

Taipower APP 信任管理问题漏洞

Taipower APP is an application developed by Taipower Company in Taiwan, China, used for handling electricity-related services. The Taipower APP has a vulnerability related to trust management, which stems from improper certificate verification. This vulnerability may lead to man-in-the-middle...

8.3CVSS5.8AI score0.00152EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/09 12:0 a.m.8 views

Atop EHG2408 安全漏洞

Atop EHG2408 is a series of Ethernet switches produced by the Chinese company Atop. There is a security vulnerability present in Atop EHG2408; this vulnerability stems from improper input validation in the nr modem, which can lead to system crashes and may allow for remote denial-of-service attac...

9.8CVSS5.8AI score0.00679EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2026/03/09 12:0 a.m.5 views

SlowBA: An Efficiency Backdoor Attack Towards VLM-Based GUI Agents

Modern vision-language-model VLM based graphical user interface GUI agents are expected not only to execute actions accurately but also to respond to user instructions with low latency. While existing research on GUI-agent security mainly focuses on manipulating action correctness, the security...

5.8AI score
Exploits0
Positive Technologies
Positive Technologies
added 2026/03/09 12:0 a.m.5 views

PT-2026-24109

A security vulnerability has been detected in open-webui up to 0.6.16. Affected is an unknown function of the file backend/start windows.bat of the component JWT Key Handler. Such manipulation of the argument WEBUI SECRET KEY leads to insufficiently random values. It is possible to launch the...

6.3CVSS5.3AI score0.00289EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/03/09 12:0 a.m.5 views

PT-2026-24025

A low-privileged remote attacker can exploit the ubr-logread method in wwwubr.cgi to read arbitrary files on the system. The endpoint accepts a parameter specifying the log file to open e.g., /tmp/weblogsome number, but this parameter is not properly validated, allowing an attacker to modify it t...

6.5CVSS5.9AI score0.00498EPSS
Exploits0References2
Rows per page
Query Builder