Lucene search
K

35 matches found

CNNVD
CNNVD
added 2026/06/09 12:0 a.m.9 views

Tenda W15E 安全漏洞

The Tenda W15E is a wireless router produced by the Chinese company Tenda. The version 15.11.0.10 of the Tenda W15E contains a security vulnerability. This vulnerability stems from a buffer overflow in the webAuthUserPwd parameter within the formModifyWebAuthUser function, which could allow...

7.5CVSS5.8AI score0.00309EPSS
Exploits0References1
OSV
OSV
added 2026/03/18 6:16 p.m.10 views

UBUNTU-CVE-2026-32633

Glances is an open-source system cross-platform monitoring tool. Prior to version 4.5.2, in Central Browser mode, the /api/4/serverslist endpoint returns raw server objects from GlancesServersList.getserverslist. Those objects are mutated in-place during background polling and can contain a uri...

9.1CVSS5.8AI score0.00472EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/02/27 7:49 p.m.18 views

CVE-2026-27832 Group-Office Has Authenticated SQL Injection in advancedQueryData.comparator

Group-Office is an enterprise customer relationship management and groupware tool. Versions prior to 26.0.8, 25.0.87, and 6.8.153 have a SQL Injection SQLi vulnerability, exploitable through the advancedQueryData parameter comparator field on an authenticated endpoint. The endpoint...

7.1CVSS0.00244EPSS
Exploits0References1
CVE
CVE
added 2026/02/27 7:49 p.m.11 views

CVE-2026-27832

Group-Office (enterprise CRM/groupware) is affected by an authenticated SQL Injection in the advancedQueryData parameter (comparator) on index.php?r=email/template/emailSelection. Pre-fix versions 26.0.8, 25.0.87, and 6.8.153 process advancedQueryData with a weak allowlist, enabling blind boolean...

8.8CVSS6AI score0.00244EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-17925

Malware in sbrugna...

7.5CVSS7.9AI score0.01147EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2020-28019

Malware in sbrugna...

8.8CVSS8.6AI score0.01014EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2005-4128

Malware in sbrugna...

2.1CVSS6.4AI score0.00354EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-18210

Malicious code in bioql PyPI...

8.3CVSS6.7AI score0.00415EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/07/03 12:23 a.m.13 views

CVE-2025-52101

linjiashop =0.9 is vulnerable to Incorrect Access Control. When using the default-generated JWT authentication, attackers can bypass the authentication and retrieve the encrypted "password" and "salt". The password can then be obtained through brute-force cracking...

9.8CVSS7.7AI score0.00421EPSS
Exploits0References1
CVE
CVE
added 2025/06/09 6:0 a.m.53 views

CVE-2025-5864

The CVE-2025-5864 entry affects Tenda TDSEE App versions up to 1.7.12, targeting the file /app/ConfirmSmsCode in the Password Reset Confirmation Code Handler. The root cause is improper restriction of excessive authentication attempts, with the attack described as executable remotely and of high ...

6.3CVSS4.5AI score0.0042EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2025/05/22 3:41 p.m.6 views

CVE-2020-6877

A ZTE product is impacted by an information leak vulnerability. An attacker could use this vulnerability to obtain the authentication password of the handheld terminal and access the device illegally for operation. This affects: ZXA10 eODN V2.3P2T1...

8.8CVSS6.9AI score0.01014EPSS
Exploits0References1
Packet Storm News
Packet Storm News
added 2025/05/14 12:0 a.m.3 views

Triple-Identity Authentication: the Future of Secure Access

In a typical authentication process, the local system verifies the user's identity using a stored hash value generated by a cross-system hash algorithm. This article shifts the research focus from traditional password encryption to the establishment of gatekeeping mechanisms for effective...

7AI score
Exploits0
CNVD
CNVD
added 2024/07/12 12:0 a.m.3 views

D-Link DAP-2622 Stack Buffer Overflow Remote Code Execution Vulnerability (CNVD-2025-29682)

D-Link DAP-2622 is a wireless access point AP from AUO D-Link that supports POE power supply and is mainly used for wireless network coverage in enterprise or commercial scenarios. The D-Link DAP-2622 suffers from a stack buffer overflow remote code execution vulnerability, which stems from a...

8.8CVSS8.9AI score0.00637EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/06/14 12:0 a.m.3 views

Toshiba e-STUDIO Security Vulnerability

Toshiba e-STUDIO is a series of high-end office multifunction printers from Toshiba Japan. A security vulnerability exists in Toshiba e-STUDIO that originates from the authentication password between programs within the multifunction device is partially written directly into the program, so that...

7.1CVSS6.8AI score0.00253EPSS
Exploits1References4
CNNVD
CNNVD
added 2024/05/03 12:0 a.m.4 views

D-Link DAP-2622 安全漏洞

The D-Link DAP-2622 is a wireless access point Access Point device from China's AUO D-Link. A security vulnerability exists in the D-Link DAP-2622 that stems from a stack-based buffer overflow remote code execution vulnerability in the DDP Set Wireless Message Authentication Password...

8.8CVSS9.3AI score0.00637EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/05/03 12:0 a.m.8 views

D-Link DAP-2622 安全漏洞

D-Link DAP-2622 is a wireless access point AP from AUO D-Link that supports POE power supply and is mainly used for wireless network coverage in enterprise or commercial scenarios. The D-Link DAP-2622 suffers from a stack buffer overflow remote code execution vulnerability, which stems from a sta...

8.8CVSS8.9AI score0.00855EPSS
Exploits0References3
CNVD
CNVD
added 2023/10/07 12:0 a.m.1 views

D-Link DAP-2622 Stack Buffer Overflow Remote Code Execution Vulnerability

The D-Link DAP-2622 is a wireless access point AP from D-Link designed for wireless network coverage in an enterprise or commercial environment. The D-Link DAP-2622 suffers from a stack buffer overflow remote code execution vulnerability that stems from a stack-based buffer overflow remote code...

8.8CVSS8.9AI score0.0075EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/02/15 12:0 a.m.5 views

PT-2023-19644 · Switch · Switch

Name of the Vulnerable Software and Affected Versions: Switch affected versions not specified Description: The issue concerns an unspecified endpoint in the switch's web server that fails to properly authenticate user identity. This may allow an attacker to download a configuration page containin...

7.5CVSS7.5AI score0.00577EPSS
Exploits0References3
OSV
OSV
added 2023/01/17 6:15 p.m.1 views

UBUNTU-CVE-2022-41859

In freeradius, the EAP-PWD function computepasswordelement leaks information about the password which allows an attacker to substantially reduce the size of an offline dictionary attack...

7.5CVSS5.8AI score0.0086EPSS
Exploits0References5
BDU FSTEC
BDU FSTEC
added 2022/12/22 12:0 a.m.7 views

The vulnerability of the EAP-pwd client implementation for Wi-Fi WPA Supplicant allows information disclosure due to incompatibility, enabling attackers to expose sensitive information.

The vulnerability of the EAP-pwd client implementation for Wi-Fi WPA Supplicant is related to the disclosure of information due to incompatibility. This vulnerability allows a malicious actor to disclose the protected information remotely...

10CVSS7.4AI score0.01903EPSS
Exploits0References16Affected Software11
Rows per page
Query Builder