Lucene search
K

192444 matches found

Vulnrichment
Vulnrichment
added 2026/02/08 12:32 p.m.5 views

CVE-2026-2152 D-Link DIR-615 Web Configuration adv_routing.php os command injection

A vulnerability was found in D-Link DIR-615 4.10. This vulnerability affects unknown code of the file advrouting.php of the component Web Configuration Interface. Performing a manipulation of the argument destip/ submask/ gw results in os command injection. The attack may be initiated remotely. T...

8.6CVSS5.3AI score0.04545EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/02/08 10:32 a.m.7 views

CVE-2026-2148

A security vulnerability has been detected in Tenda AC21 16.03.08.16. Affected is an unknown function of the file /cgi-bin/DownloadFlash of the component Web Management Interface. The manipulation leads to information disclosure. It is possible to initiate the attack remotely. The exploit has bee...

6.9CVSS5.5AI score0.00544EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichment
added 2026/02/08 10:32 a.m.4 views

CVE-2026-2148 Tenda AC21 Web Management DownloadFlash information disclosure

A security vulnerability has been detected in Tenda AC21 16.03.08.16. Affected is an unknown function of the file /cgi-bin/DownloadFlash of the component Web Management Interface. The manipulation leads to information disclosure. It is possible to initiate the attack remotely. The exploit has bee...

6.9CVSS5.4AI score0.00544EPSS
Exploits1References5
CVE
CVE
added 2026/02/08 10:32 a.m.17 views

CVE-2026-2148

CVE-2026-2148 affects the Tenda AC21 Web Management Interface, specifically the unknown function in file /cgi-bin/DownloadFlash. The issue allows remote information disclosure through manipulation of that function. Multiple sources confirm the device is vulnerable on version 16.03.08.16, with the...

7.5CVSS5.5AI score0.00544EPSS
Exploits1References5Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/02/08 10:2 a.m.5 views

CVE-2026-2147

A weakness has been identified in Tenda AC21 16.03.08.16. This impacts an unknown function of the file /cgi-bin/DownloadLog of the component Web Management Interface. Executing a manipulation can lead to information disclosure. The attack may be performed from remote. The exploit has been made...

6.9CVSS5.5AI score0.00521EPSS
Exploits1References5Affected Software1
EUVD
EUVD
added 2026/02/08 10:2 a.m.8 views

EUVD-2026-5802

A weakness has been identified in Tenda AC21 16.03.08.16. This impacts an unknown function of the file /cgi-bin/DownloadLog of the component Web Management Interface. Executing a manipulation can lead to information disclosure. The attack may be performed from remote. The exploit has been made...

6.9CVSS5.4AI score0.00521EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/02/08 8:32 a.m.4 views

CVE-2026-2143

A security vulnerability has been detected in D-Link DIR-823X 250416. This issue affects some unknown processing of the file /goform/setddns of the component DDNS Service. The manipulation of the argument ddnsType/ddnsDomainName/ddnsUserName/ddnsPwd leads to os command injection. The attack is...

8.6CVSS6.7AI score0.04317EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2026/02/08 5:32 a.m.16 views

CVE-2026-2137

This CVE refers to a buffer overflow in Tenda TX3 (up to version 16.03.13.11_multi) involving the /goform/SetIpMacBind function. The vulnerability arises from manipulation of the argument list, enabling a remotely initiated attack. Public disclosure of the exploit is indicated. Affected product i...

9CVSS8.5AI score0.00733EPSS
Exploits1References6Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/02/08 4:2 a.m.11 views

CVE-2026-2134

A security vulnerability has been detected in PHPGurukul Hospital Management System 4.0. The affected element is an unknown function of the file /hms/admin/manage-doctors.php. Such manipulation of the argument ID leads to sql injection. The attack may be performed from remote. The exploit has bee...

5.8CVSS5.1AI score0.00306EPSS
Exploits1References5Affected Software1
NVD
NVD
added 2026/02/08 2:15 a.m.10 views

CVE-2026-2205

A vulnerability was identified in WeKan up to 8.20. This affects an unknown part of the file server/publications/cards.js of the component Meteor Publication Handler. Such manipulation leads to information disclosure. The attack may be performed from remote. Upgrading to version 8.21 is able to...

5.3CVSS0.00235EPSS
Exploits0References6
OSV
OSV
added 2026/02/08 2:15 a.m.6 views

CVE-2026-2206

A security flaw has been discovered in WeKan up to 8.20. This vulnerability affects unknown code of the file server/methods/fixDuplicateLists.js of the component Administrative Repair Handler. Performing a manipulation results in improper access controls. It is possible to initiate the attack...

8.8CVSS6.1AI score
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/02/08 1:21 a.m.6 views

CVE-2020-37107

Core FTP LE 2.2 contains a denial of service vulnerability that allows attackers to crash the application by overwriting the account field with a large buffer. Attackers can create a text file with 20,000 repeated characters and paste it into the account field to cause the application to become...

7.5CVSS5.3AI score0.00373EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/08 1:21 a.m.7 views

CVE-2025-68621

Trilium Notes is an open-source, cross-platform hierarchical note taking application with focus on building large personal knowledge bases. Prior to 0.101.0, a critical timing attack vulnerability in Trilium's sync authentication endpoint allows unauthenticated remote attackers to recover HMAC...

7.4CVSS5.5AI score0.00509EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2026/02/08 1:21 a.m.5 views

CVE-2026-2067

A security vulnerability has been detected in UTT 进取 520W 1.7.7-180627. This vulnerability affects the function strcpy of the file /goform/formTimeGroupConfig. The manipulation of the argument year1 leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed...

9CVSS8.5AI score0.00837EPSS
Exploits1References1
OSV
OSV
added 2026/02/08 1:16 a.m.4 views

CVE-2026-2122

A security flaw has been discovered in Xiaopi Panel up to 20260126. This impacts an unknown function of the file /demo.php of the component WAF Firewall. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit has been released to the public...

9.8CVSS5.6AI score0.00267EPSS
Exploits0References4
CVE
CVE
added 2026/02/08 1:9 a.m.12 views

CVE-2026-2208

WeKan up to version 8.20 contains a vulnerability in the Rules Handler, specifically an unknown function within server/publications/rules.js that allows missing authorization. The issue can be exploited remotely, enabling an attacker to access without proper authorization. It is mitigated by upda...

6.5CVSS4.6AI score0.00244EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2026/02/08 1:9 a.m.30 views

CVE-2026-2207 WeKan Activity Publication activities.js LinkedBoardActivitiesBleed information disclosure

A weakness has been identified in WeKan up to 8.20. This issue affects some unknown processing of the file server/publications/activities.js of the component Activity Publication Handler. Executing a manipulation can lead to information disclosure. It is possible to launch the attack remotely...

6.9CVSS0.00342EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/02/08 1:9 a.m.8 views

CVE-2026-2207

A weakness has been identified in WeKan up to 8.20. This issue affects some unknown processing of the file server/publications/activities.js of the component Activity Publication Handler. Executing a manipulation can lead to information disclosure. It is possible to launch the attack remotely...

6.9CVSS5.3AI score0.00342EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/02/08 1:9 a.m.8 views

CVE-2026-2206

A security flaw has been discovered in WeKan up to 8.20. This vulnerability affects unknown code of the file server/methods/fixDuplicateLists.js of the component Administrative Repair Handler. Performing a manipulation results in improper access controls. It is possible to initiate the attack...

6.5CVSS6.1AI score0.00239EPSS
Exploits0References7
EUVD
EUVD
added 2026/02/08 1:9 a.m.20 views

EUVD-2026-5823

A security flaw has been discovered in WeKan up to 8.20. This vulnerability affects unknown code of the file server/methods/fixDuplicateLists.js of the component Administrative Repair Handler. Performing a manipulation results in improper access controls. It is possible to initiate the attack...

8.8CVSS6.1AI score0.00239EPSS
Exploits0References6
Rows per page
Query Builder