Lucene search
K

253660 matches found

EUVD
EUVD
added 2026/05/05 9:31 p.m.12 views

EUVD-2026-27488

A vulnerability has been found in D-Link DI-8100 16.07.26A1. This vulnerability affects the function sprintf of the file /usergroup.asp of the component CGI Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and m...

8.6CVSS7.3AI score0.04164EPSS
Exploits1References6
EUVD
EUVD
added 2026/05/05 9:31 p.m.9 views

EUVD-2026-27432

A vulnerability was detected in D-Link DI-8100 16.07.26A1. Affected by this issue is the function tgglasp of the file /tggl.asp of the component HTTP Request Handler. Performing a manipulation of the argument Name results in buffer overflow. The attack can be initiated remotely. The exploit is no...

9CVSS7.8AI score0.01057EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2026/05/05 9:29 p.m.6 views

CVE-2026-28780 Apache HTTP Server: buffer overflow in mod_proxy_ajp via ajp_msg_check_header()

Heap-based Buffer Overflow vulnerability in modproxyajp of Apache HTTP Server. If modproxyajp connects to a malicious AJP server this AJP server can send a malicious AJP message back to modproxyajp and cause it to write 4 attacker controlled bytes after the end of a heap based buffer. This issue...

5.8AI score0.01325EPSS
Exploits0References1
CVE
CVE
added 2026/05/05 9:29 p.m.509 views

CVE-2026-28780

CVE-2026-28780 is a heap-based buffer overflow in Apache HTTP Server’s mod_proxy_ajp (via ajp_msg_check_header()). Reports across Debian, FreeBSD/vuxml, Alpine, and NC SC advisories confirm impact on versions up to 2.4.66 and a fix in 2.4.67 . The issue allows memory corruption and can contribute...

9.8CVSS5.8AI score0.01325EPSS
Exploits0References10Affected Software1
Cvelist
Cvelist
added 2026/05/05 9:29 p.m.96 views

CVE-2026-28780 Apache HTTP Server: buffer overflow in mod_proxy_ajp via ajp_msg_check_header()

Heap-based Buffer Overflow vulnerability in modproxyajp of Apache HTTP Server. If modproxyajp connects to a malicious AJP server this AJP server can send a malicious AJP message back to modproxyajp and cause it to write 4 attacker controlled bytes after the end of a heap based buffer. This issue...

0.01325EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/05 8:21 p.m.5 views

CVE-2026-7719

A security flaw has been discovered in Totolink WA300 5.2cu.7112B20190227. The affected element is the function loginauth of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument httphost results in buffer overflow. The attack may be launched...

10CVSS7.8AI score0.00619EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/05 8:21 p.m.8 views

CVE-2026-7750

A vulnerability was detected in Totolink N300RH 3.2.4-B20220812. This vulnerability affects the function setMacFilterRules of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument macaddress results in buffer overflow. The attack may be launched...

9CVSS7.8AI score0.00463EPSS
Exploits0References1
NVD
NVD
added 2026/05/05 8:16 p.m.10 views

CVE-2026-7857

A vulnerability has been found in D-Link DI-8100 16.07.26A1. This vulnerability affects the function sprintf of the file /usergroup.asp of the component CGI Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and m...

8.6CVSS0.04164EPSS
Exploits1References5
NVD
NVD
added 2026/05/05 8:16 p.m.10 views

CVE-2026-7856

A flaw has been found in D-Link DI-8100 16.07.26A1. This affects an unknown part of the file /urlmember.asp of the component Web Management Interface. Executing a manipulation of the argument Name can lead to buffer overflow. The attack can be launched remotely. The exploit has been published and...

8.6CVSS0.04589EPSS
Exploits1References5
NVD
NVD
added 2026/05/05 8:16 p.m.6 views

CVE-2026-34462

Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, several ProcessServer handlers KillAllHandler, SuspendAllHandler, and RunSandboxedHandler copy a WCHAR boxname34 field from request structures into WCHAR40 stack buffers using wcscpy...

7.8CVSS0.00174EPSS
Exploits1References1
RedHat Linux
RedHat Linux
added 2026/05/05 7:56 p.m.8 views

Important: Red Hat Security Advisory: LibRaw security update

An update for LibRaw is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

9.8CVSS6.6AI score0.00746EPSS
Exploits2References3
ATTACKERKB
ATTACKERKB
added 2026/05/05 7:31 p.m.5 views

CVE-2026-34464

Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, NamedPipeServer::OpenHandler copies the server field from NAMEDPIPEOPENREQ into a fixed WCHAR pipename160 stack buffer using wcscat without verifying null termination. The handler only...

8.8CVSS6.2AI score0.00174EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/05 7:30 p.m.4 views

CVE-2026-34462

Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, several ProcessServer handlers KillAllHandler, SuspendAllHandler, and RunSandboxedHandler copy a WCHAR boxname34 field from request structures into WCHAR40 stack buffers using wcscpy...

7.3CVSS6.2AI score0.00174EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/05 7:28 p.m.2 views

CVE-2026-34461

Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, the SbieIniServer RunSbieCtrl handler contains a stack buffer overflow. The MSGIDSBIEINIRUNSBIECTRL message is handled before normal sandbox and impersonation checks, and for non-sandbox...

7.3CVSS6.5AI score0.00172EPSS
Exploits1References2Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/05 7:27 p.m.4 views

CVE-2026-34459

Sandboxie-Plus is an open source sandbox-based isolation software for Windows. In versions 1.17.2 and earlier, the SbieSvc proxy service's GetRawInputDeviceInfoSlave handler contains two vulnerabilities that can be chained for sandbox escape. First, when a sandboxed process sends an IPC request...

8.8CVSS6.1AI score0.00139EPSS
Exploits1References2Affected Software1
NVD
NVD
added 2026/05/05 7:16 p.m.7 views

CVE-2026-7855

A vulnerability was detected in D-Link DI-8100 16.07.26A1. Affected by this issue is the function tgglasp of the file /tggl.asp of the component HTTP Request Handler. Performing a manipulation of the argument Name results in buffer overflow. The attack can be initiated remotely. The exploit is no...

9CVSS0.01057EPSS
Exploits1References5
NVD
NVD
added 2026/05/05 7:16 p.m.11 views

CVE-2026-7854

A security vulnerability has been detected in D-Link DI-8100 16.07.26A1. Affected by this vulnerability is the function urlruleasp of the file /urlrule.asp of the component POST Parameter Handler. Such manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploi...

10CVSS0.0586EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/05/05 7:15 p.m.3 views

CVE-2026-7857

A vulnerability has been found in D-Link DI-8100 16.07.26A1. This vulnerability affects the function sprintf of the file /usergroup.asp of the component CGI Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and m...

8.6CVSS7.3AI score0.04164EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2026/05/05 7:15 p.m.25 views

CVE-2026-7857

CVE-2026-7857 concerns D-Link DI-8100 (firmware 16.07.26A1) where the CGI Handler’s function sprintf in the /user_group.asp file is vulnerable to a buffer overflow. The affected component is the CGI/Scripting interface; the underlying root cause is unsafe handling in sprintf, enabling overflow th...

8.6CVSS7.3AI score0.04164EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/05 7:15 p.m.8 views

CVE-2026-7857 D-Link DI-8100 CGI user_group.asp sprintf buffer overflow

A vulnerability has been found in D-Link DI-8100 16.07.26A1. This vulnerability affects the function sprintf of the file /usergroup.asp of the component CGI Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and m...

8.6CVSS7.3AI score0.04164EPSS
Exploits1References5
Rows per page
Query Builder