Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6597 matches found

Positive Technologies
Positive Technologiesadded 2025/05/01 12:0 a.m.11 views

PT-2025-18524 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A memory leak issue has been identified in the Linux kernel, specifically in the nvmet auth set key function. This issue occurs when changing dhchap secrets, and it fails to release th...

8.8CVSS7.4AI score0.0129EPSS
Exploits2References427
OSSF Malicious Packages
OSSF Malicious Packagesadded 2025/04/28 6:41 a.m.0 views

Malicious code in auth-help3r (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 4fcb399ae4d0f936194424a6a54364f75f3fc4728a9bcb599e3ac9082a380c46 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
RedhatCVE
RedhatCVEadded 2025/04/26 5:26 a.m.6 views

CVE-2025-28035

TOTOLINK A830R V4.1.2cu.5182B20201102 was found to contain a pre-auth remote command execution vulnerability in the setNoticeCfg function through the NoticeUrl parameter...

9.8CVSS7.4AI score0.01052EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/04/26 5:16 a.m.15 views

CVE-2025-28033

TOTOLINK A800R V4.1.2cu.5137B20200730, A810R V4.1.2cu.5182B20201026, A830R V4.1.2cu.5182B20201102, A950RG V4.1.2cu.5161B20200903, A3000RU V5.9c.5185B20201128, and A3100R V4.1.2cu.5247B20211129 were found to contain a pre-auth buffer overflow vulnerability in the setNoticeCfg function through the...

7.3CVSS7.6AI score0.00331EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/04/26 5:13 a.m.9 views

CVE-2025-28038

TOTOLINK EX1200T V4.1.2cu.5232B20210713 was found to contain a pre-auth remote command execution vulnerability in the setWebWlanIdx function through the webWlanIdx parameter...

9.8CVSS7.4AI score0.00919EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/04/26 5:9 a.m.20 views

CVE-2025-28036

TOTOLINK A950RG V4.1.2cu.5161B20200903 was found to contain a pre-auth remote command execution vulnerability in the setNoticeCfg function through the NoticeUrl parameter...

9.8CVSS7.4AI score0.01052EPSS
Exploits1References1
vulnersOsv
vulnersOsvadded 2025/04/25 3:14 p.m.9 views

@cedarjs/api-server (>=0.0.4 <=9.0.0-canary.1784), @cedarjs/cli (>=0.0.4 <=9.0.0-canary.1784) +65 more potentially affected by unknown CVE via @escape.tech/graphql-armor-cost-limit (>=1.7.0 <=2.4.1)

@escape.tech/graphql-armor-cost-limit NPM version =1.7.0, =0.0.4, =0.0.4, =0.0.4, =0.0.4, =0.0.4, =0.0.4, =0.0.4, =0.0.4, =0.9.1-next.19, =0.0.4, =0.0.4, =0.0.2, =1.0.6, =2.0.6, =2.2.2, =2.19.6 and more Source cves: unknown CVE Source advisory: OSV:GHSA-733V-P3H5-QPQ7...

5.8AI score
Exploits0
NVD
NVDadded 2025/04/22 6:15 p.m.32 views

CVE-2025-28038

TOTOLINK EX1200T V4.1.2cu.5232B20210713 was found to contain a pre-auth remote command execution vulnerability in the setWebWlanIdx function through the webWlanIdx parameter...

9.8CVSS0.00919EPSS
Exploits1References1
NVD
NVDadded 2025/04/22 6:15 p.m.8 views

CVE-2025-28035

TOTOLINK A830R V4.1.2cu.5182B20201102 was found to contain a pre-auth remote command execution vulnerability in the setNoticeCfg function through the NoticeUrl parameter...

9.8CVSS0.01052EPSS
Exploits1References2
NVD
NVDadded 2025/04/22 6:15 p.m.9 views

CVE-2025-28036

TOTOLINK A950RG V4.1.2cu.5161B20200903 was found to contain a pre-auth remote command execution vulnerability in the setNoticeCfg function through the NoticeUrl parameter...

9.8CVSS0.01052EPSS
Exploits1References2
NVD
NVDadded 2025/04/22 6:15 p.m.26 views

CVE-2025-28039

TOTOLINK EX1200T V4.1.2cu.5232B20210713 was found to contain a pre-auth remote command execution vulnerability in the setUpgradeFW function through the FileName parameter...

9.8CVSS0.00919EPSS
Exploits1References1
OSV
OSVadded 2025/04/22 6:15 p.m.3 views

CVE-2025-28039

TOTOLINK EX1200T V4.1.2cu.5232B20210713 was found to contain a pre-auth remote command execution vulnerability in the setUpgradeFW function through the FileName parameter...

9.8CVSS5.9AI score
Exploits0References1
NVD
NVDadded 2025/04/22 2:15 p.m.16 views

CVE-2025-28032

TOTOLINK A800R V4.1.2cu.5137B20200730, A810R V4.1.2cu.5182B20201026, A830R V4.1.2cu.5182B20201102, A950RG V4.1.2cu.5161B20200903, A3000RU V5.9c.5185B20201128, and A3100R V4.1.2cu.5247B20211129 contain a pre-auth buffer overflow vulnerability in the setNoticeCfg function through the IpForm paramet...

7.3CVSS0.00277EPSS
Exploits1References1
Cvelist
Cvelistadded 2025/04/22 12:0 a.m.10 views

CVE-2025-28036

TOTOLINK A950RG V4.1.2cu.5161B20200903 was found to contain a pre-auth remote command execution vulnerability in the setNoticeCfg function through the NoticeUrl parameter...

0.01052EPSS
Exploits1References1
CVE
CVEadded 2025/04/22 12:0 a.m.61 views

CVE-2025-28033

TOTOLINK A800R, A810R, A830R, A950RG, A3000RU, and A3100R are affected by a pre-auth buffer overflow in the setNoticeCfg function via the IpTo parameter. Affected firmware versions are: A800R 4.1.2cu.5137_B20200730; A810R 4.1.2cu.5182_B20201026; A830R 4.1.2cu.5182_B20201102; A950RG 4.1.2cu.5161_B...

7.3CVSS7.6AI score0.00331EPSS
Exploits1References2Affected Software1
Cvelist
Cvelistadded 2025/04/22 12:0 a.m.14 views

CVE-2025-28039

TOTOLINK EX1200T V4.1.2cu.5232B20210713 was found to contain a pre-auth remote command execution vulnerability in the setUpgradeFW function through the FileName parameter...

0.00919EPSS
Exploits1References1
Positive Technologies
Positive Technologiesadded 2025/04/22 12:0 a.m.5 views

PT-2025-17542 · Totolink · Totolink A3100R +5

Name of the Vulnerable Software and Affected Versions: TOTOLINK A800R version 4.1.2cu.5137 B20200730 TOTOLINK A810R version 4.1.2cu.5182 B20201026 TOTOLINK A830R version 4.1.2cu.5182 B20201102 TOTOLINK A950RG version 4.1.2cu.5161 B20200903 TOTOLINK A3000RU version 5.9c.5185 B20201128 TOTOLINK...

7.3CVSS6.6AI score0.00331EPSS
Exploits1References7
Positive Technologies
Positive Technologiesadded 2025/04/22 12:0 a.m.5 views

PT-2025-17572 · Totolink · Totolink Ex1200T

Name of the Vulnerable Software and Affected Versions: TOTOLINK EX1200T version 4.1.2cu.5232 B20210713 Description: The issue concerns a pre-auth remote command execution vulnerability in the setUpgradeFW function through the FileName parameter. This allows for remote command execution without...

9.8CVSS6.5AI score0.00919EPSS
Exploits1References8
Vulnrichment
Vulnrichmentadded 2025/04/22 12:0 a.m.8 views

CVE-2025-28038

TOTOLINK EX1200T V4.1.2cu.5232B20210713 was found to contain a pre-auth remote command execution vulnerability in the setWebWlanIdx function through the webWlanIdx parameter...

7.3AI score0.00919EPSS
Exploits1References1
Cvelist
Cvelistadded 2025/04/22 12:0 a.m.24 views

CVE-2025-28038

TOTOLINK EX1200T V4.1.2cu.5232B20210713 was found to contain a pre-auth remote command execution vulnerability in the setWebWlanIdx function through the webWlanIdx parameter...

0.00919EPSS
Exploits1References1
Rows per page
Query Builder