Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

38 matches found

Vulnrichment
Vulnrichmentadded 6 days ago5 views

CVE-2026-10159 TRENDnet TEW-432BRP formSysLog stack-based overflow

A weakness has been identified in TRENDnet TEW-432BRP 3.10B20. Affected by this vulnerability is the function formSysLog of the file /goform/formSysLog. This manipulation of the argument currentpage causes stack-based buffer overflow. The attack can be initiated remotely. The exploit has been mad...

9CVSS7.9AI score0.00041EPSS
Exploits0References4
CNNVD
CNNVDadded 6 days ago7 views

TRENDnet TEW-432BRP 安全漏洞

TRENDnet TEW-432BRP is a dual-band wireless router produced by TRENDnet Corporation. Version 3.10B20 of TRENDnet TEW-432BRP has a security vulnerability. This vulnerability stems from an operation on the currentpage parameter in the formSysLog function located in the file/goform/formSysLog,...

9CVSS7.7AI score0.00041EPSS
Exploits0References4
NVD
NVDadded 2026/05/17 1:16 p.m.5 views

CVE-2018-25331

Zenar Content Management System contains a cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating form parameters in POST requests. Attackers can inject script tags through the currentpage parameter sent to the ajax.php endpoint, which...

6.1CVSS0.00095EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2026/05/17 12:11 p.m.3 views

CVE-2018-25331

Zenar Content Management System contains a cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating form parameters in POST requests. Attackers can inject script tags through the currentpage parameter sent to the ajax.php endpoint, which...

6.1CVSS5.9AI score0.00095EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichmentadded 2026/05/17 12:11 p.m.4 views

CVE-2018-25331 Zenar Content Management System Cross-Site Scripting via ajax.php

Zenar Content Management System contains a cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating form parameters in POST requests. Attackers can inject script tags through the currentpage parameter sent to the ajax.php endpoint, which...

6.1CVSS5.9AI score0.00095EPSS
Exploits0References4
Cvelist
Cvelistadded 2026/05/17 12:11 p.m.33 views

CVE-2018-25331 Zenar Content Management System Cross-Site Scripting via ajax.php

Zenar Content Management System contains a cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating form parameters in POST requests. Attackers can inject script tags through the currentpage parameter sent to the ajax.php endpoint, which...

6.1CVSS0.00095EPSS
Exploits0References4
CVE
CVEadded 2026/05/17 12:11 p.m.8 views

CVE-2018-25331

CVE-2018-25331 affects Zenar Content Management System. The vulnerability is a Cross-Site Scripting (XSS) in the ajax.php endpoint, where unsanitized user input is reflected in the response. Exploitation is possible via POST parameters (notably the current_page parameter), enabling unauthenticate...

6.1CVSS5.9AI score0.00095EPSS
Exploits0References4
EUVD
EUVDadded 2026/05/17 12:11 p.m.6 views

EUVD-2018-21854

Zenar Content Management System contains a cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by manipulating form parameters in POST requests. Attackers can inject script tags through the currentpage parameter sent to the ajax.php endpoint, which...

6.1CVSS5.9AI score0.00095EPSS
Exploits0References4
RedHat Linux
RedHat Linuxadded 2026/04/06 4:24 p.m.1 views

kernel: svcrdma: use rc_pageoff for memcpy byte offset

In the Linux kernel, the following vulnerability has been resolved: svcrdma: use rcpageoff for memcpy byte offset svcrdmacopyinlinerange added rccurpage page index to the page base instead of the byte offset rcpageoff. Use rcpageoff so copies land within the current page. Found by ZeroPath...

5.9AI score0.00032EPSS
Exploits0References5
CNNVD
CNNVDadded 2026/03/27 12:0 a.m.3 views

happy-dom 安全漏洞

Happy-Dom is a JavaScript implementation of a web browser without a graphical interface, developed by David Ortner. Versions of Happy-Dom prior to 20.8.9 contained a security vulnerability. This vulnerability stemmed from the fetch function, which might attach cookies originating from the current...

7.5CVSS5.8AI score0.00054EPSS
Exploits1References5
RedHat Linux
RedHat Linuxadded 2026/02/16 12:28 p.m.2 views

kernel: svcrdma: use rc_pageoff for memcpy byte offset

In the Linux kernel, the following vulnerability has been resolved: svcrdma: use rcpageoff for memcpy byte offset svcrdmacopyinlinerange added rccurpage page index to the page base instead of the byte offset rcpageoff. Use rcpageoff so copies land within the current page. Found by ZeroPath...

5.7AI score0.00032EPSS
Exploits0References5
RedHat Linux
RedHat Linuxadded 2026/02/09 9:51 a.m.1 views

kernel: svcrdma: use rc_pageoff for memcpy byte offset

In the Linux kernel, the following vulnerability has been resolved: svcrdma: use rcpageoff for memcpy byte offset svcrdmacopyinlinerange added rccurpage page index to the page base instead of the byte offset rcpageoff. Use rcpageoff so copies land within the current page. Found by ZeroPath...

5.7AI score0.00032EPSS
Exploits0References5
SUSE CVE
SUSE CVEadded 2026/01/15 12:25 a.m.2 views

SUSE CVE-2025-68811

In the Linux kernel, the following vulnerability has been resolved: svcrdma: use rcpageoff for memcpy byte offset svcrdmacopyinlinerange added rccurpage page index to the page base instead of the byte offset rcpageoff. Use rcpageoff so copies land within the current page. Found by ZeroPath...

5.5CVSS6.5AI score0.00032EPSS
Exploits0References9
OSV
OSVadded 2026/01/13 4:16 p.m.0 views

UBUNTU-CVE-2025-71068

In the Linux kernel, the following vulnerability has been resolved: svcrdma: bound check rqpages index in inline path svcrdmacopyinlinerange indexed rqstp-rqpagesrccurpage without verifying rccurpage stays within the allocated page array. Add guards before the first use and after advancing to a n...

7.8CVSS5.7AI score0.00023EPSS
Exploits0References36
UbuntuCve
UbuntuCveadded 2026/01/13 4:16 p.m.1 views

CVE-2025-68811

In the Linux kernel, the following vulnerability has been resolved: svcrdma: use rcpageoff for memcpy byte offset svcrdmacopyinlinerange added rccurpage page index to the page base instead of the byte offset rcpageoff. Use rcpageoff so copies land within the current page. Found by ZeroPath...

5.9AI score0.00032EPSS
Exploits0References24
CVE
CVEadded 2026/01/13 3:29 p.m.9 views

CVE-2025-68811

This CVE-2025-68811 concerns the Linux kernel svcrdma path. The root cause is in svc_rdma_copy_inline_range where rc_curpage (page index) was used in the page base instead of the byte offset rc_pageoff, causing memcpy operations to land incorrectly within a page. The advisory/entries in Red Hat, ...

6.2AI score0.00032EPSS
Exploits0References3
OSV
OSVadded 2026/01/13 3:29 p.m.1 views

CVE-2025-68811 svcrdma: use rc_pageoff for memcpy byte offset

In the Linux kernel, the following vulnerability has been resolved: svcrdma: use rcpageoff for memcpy byte offset svcrdmacopyinlinerange added rccurpage page index to the page base instead of the byte offset rcpageoff. Use rcpageoff so copies land within the current page. Found by ZeroPath...

6.4AI score0.00032EPSS
Exploits0References6
EUVD
EUVDadded 2025/10/07 12:30 a.m.2 views

EUVD-2014-2947

Malware in sbrugna...

4.3CVSS6.4AI score0.0034EPSS
Exploits1References7
NVD
NVDadded 2024/04/17 9:15 p.m.8 views

CVE-2024-32338

A cross-site scripting XSS vulnerability in the Settings section of WonderCMS v3.4.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the PAGE TITLE parameter under the Current Page module...

5.4CVSS5.6AI score0.00197EPSS
Exploits1References1
NVD
NVDadded 2024/04/17 9:15 p.m.8 views

CVE-2024-32744

A cross-site scripting XSS vulnerability in the Settings section of WonderCMS v3.4.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the PAGE KEYWORDS parameter under the CURRENT PAGE module...

4.6CVSS5.6AI score0.00142EPSS
Exploits1References1
Rows per page
Query Builder