Lucene search
K

28 matches found

NVD
NVD
added 2026/06/26 8:17 p.m.9 views

CVE-2026-53283

In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Bounds-check devid in rlookupamdiommu iommudeviceregister walks every device on the PCI bus via busforeachdev and calls amdiommuprobedevice for each. The inlined checkdevice path computes the device's sbdf, calls...

0.00166EPSS
Exploits0References3
NVD
NVD
added 2026/06/24 5:17 p.m.5 views

CVE-2026-53053

In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Fix clonealias to use the original device's devid Currently clonealias assumes first argument pdev is always the original device pointer. This function is called by pciforeachdmaalias which based on topology decides to...

8.8CVSS0.00128EPSS
Exploits0References4
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.7 views

Astra Linux – Vulnerability found in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerability has been resolved: btrfs: fixed an incorrect match in devargsmatchdevice. Syzkaller discovered a failed assertion: “Assertion failed: args-devid != u64-1 || args-missing”, in fs/btrfs/volumes.c:6921. This issue can occur when we set devid to u64-1...

5.5CVSS5.4AI score0.00167EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/23 1:31 p.m.7 views

CVE-2026-2944

A security flaw has been discovered in Tosei Online Store Management System ネット店舗管理システム 1.01. Affected is the function system of the file /cgi-bin/monitor.php of the component HTTP POST Request Handler. Performing a manipulation of the argument DevId results in os command injection. The attack ma...

9.8CVSS7.3AI score0.04471EPSS
Exploits1References1
OSV
OSV
added 2026/02/22 11:16 a.m.5 views

CVE-2026-2944

A security flaw has been discovered in Tosei Online Store Management System ネット店舗管理システム 1.01. Affected is the function system of the file /cgi-bin/monitor.php of the component HTTP POST Request Handler. Performing a manipulation of the argument DevId results in os command injection. The attack ma...

9.8CVSS5.8AI score0.04471EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/02/22 11:2 a.m.3 views

CVE-2026-2944

A security flaw has been discovered in Tosei Online Store Management System ネット店舗管理システム 1.01. Affected is the function system of the file /cgi-bin/monitor.php of the component HTTP POST Request Handler. Performing a manipulation of the argument DevId results in os command injection. The attack ma...

7.5CVSS7.2AI score0.04471EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2026/02/22 11:2 a.m.23 views

CVE-2026-2944

The CVE-2026-2944 affects Tosei Online Store Management System v1.01. The vulnerability resides in the /cgi-bin/monitor.php component of the HTTP POST Request Handler; manipulating the DevId argument enables OS command injection. It is exploitable remotely, and public PoCs/exploits exist. No vend...

9.8CVSS5.6AI score0.04471EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2026/02/22 12:0 a.m.10 views

PT-2026-21429

Name of the Vulnerable Software and Affected Versions Tosei Online Store Management System version 1.01 Description A security flaw exists in the function system of the /cgi-bin/monitor.php file within the HTTP POST Request Handler component. Manipulation of the DevId argument results in operatin...

7.5CVSS7.3AI score0.04471EPSS
Exploits1References8
OSV
OSV
added 2026/01/19 11:16 p.m.3 views

CVE-2026-1192

A vulnerability was determined in Tosei Online Store Management System ネット店舗管理システム 1.01. The affected element is an unknown function of the file /cgi-bin/imodealldata.php. Executing a manipulation of the argument DevId can lead to command injection. The attack can be executed remotely. The exploi...

7.3CVSS5.7AI score0.06123EPSS
Exploits1References4
NVD
NVD
added 2026/01/19 11:16 p.m.6 views

CVE-2026-1192

A vulnerability was determined in Tosei Online Store Management System ネット店舗管理システム 1.01. The affected element is an unknown function of the file /cgi-bin/imodealldata.php. Executing a manipulation of the argument DevId can lead to command injection. The attack can be executed remotely. The exploi...

7.5CVSS0.06123EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/01/19 11:2 p.m.3 views

CVE-2026-1192 Tosei Online Store Management System ネット店舗管理システム imode_alldata.php command injection

A vulnerability was determined in Tosei Online Store Management System ネット店舗管理システム 1.01. The affected element is an unknown function of the file /cgi-bin/imodealldata.php. Executing a manipulation of the argument DevId can lead to command injection. The attack can be executed remotely. The exploi...

7.5CVSS5.4AI score0.06123EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2026/01/19 11:2 p.m.3 views

CVE-2026-1192

A vulnerability was determined in Tosei Online Store Management System ネット店舗管理システム 1.01. The affected element is an unknown function of the file /cgi-bin/imodealldata.php. Executing a manipulation of the argument DevId can lead to command injection. The attack can be executed remotely. The exploi...

7.5CVSS5.3AI score0.06123EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2026/01/19 11:2 p.m.19 views

CVE-2026-1192 Tosei Online Store Management System ネット店舗管理システム imode_alldata.php command injection

A vulnerability was determined in Tosei Online Store Management System ネット店舗管理システム 1.01. The affected element is an unknown function of the file /cgi-bin/imodealldata.php. Executing a manipulation of the argument DevId can lead to command injection. The attack can be executed remotely. The exploi...

7.5CVSS0.06123EPSS
Exploits1References4
CVE
CVE
added 2026/01/19 11:2 p.m.16 views

CVE-2026-1192

CVE-2026-1192 affects Tosei Online Store Management System 1.01. The vulnerability is in an unknown function within /cgi-bin/imode_alldata.php where manipulating the DevId argument can cause remote command injection. Public exploit details exist; vendor was contacted but did not respond. Descript...

7.5CVSS5.4AI score0.06123EPSS
Exploits1References4Affected Software1
CNNVD
CNNVD
added 2026/01/19 12:0 a.m.5 views

Tosei Online Store Management System Command Injection Vulnerability

Tosei Online Store Management System is an online store management system developed by Tosei Corporation. Version 1.01 of the Tosei Online Store Management System contains a command injection vulnerability. This vulnerability arises from incorrect handling of the parameter DevId in the...

7.5CVSS7.1AI score0.06123EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2025/06/06 3:29 p.m.6 views

CVE-2025-5750 WOLFBOX Level 2 EV Charger tuya_svc_devos_activate_result_parse Heap-based Buffer Overflow Remote Code Execution Vulnerability

WOLFBOX Level 2 EV Charger tuyasvcdevosactivateresultparse Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of WOLFBOX Level 2 EV Charger. Authentication is not required to...

8.8CVSS9.2AI score0.00333EPSS
Exploits0References1
OSV
OSV
added 2025/05/01 3:16 p.m.5 views

UBUNTU-CVE-2022-49849

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix match incorrectly in devargsmatchdevice syzkaller found a failed assertion: assertion failed: args-devid != u64-1 || args-missing, in fs/btrfs/volumes.c:6921 This can be triggered when we set devid to u64-1 by ioctl. I...

5.5CVSS5.7AI score0.00167EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2024/04/04 5:15 p.m.34 views

CVE-2024-26791

A vulnerability was found in the Linux kernel's btrfs filesystem related to the dev-replace feature. The issue stems from inadequate validation of device names. This flaw could allow an attacker unauthorized access or manipulation of devices, impacting the system's security. Mitigation Mitigation...

5.5CVSS6.8AI score0.00247EPSS
Exploits0References4
OSV
OSV
added 2024/04/04 9:15 a.m.5 views

UBUNTU-CVE-2024-26791

In the Linux kernel, the following vulnerability has been resolved: btrfs: dev-replace: properly validate device names There's a syzbot report that device name buffers passed to device replace are not properly checked for string termination which could lead to a read out of bounds in getnamekerne...

7.1CVSS6.3AI score0.00247EPSS
Exploits0References22
Cvelist
Cvelist
added 2024/04/04 8:20 a.m.24 views

CVE-2024-26791 btrfs: dev-replace: properly validate device names

In the Linux kernel, the following vulnerability has been resolved: btrfs: dev-replace: properly validate device names There's a syzbot report that device name buffers passed to device replace are not properly checked for string termination which could lead to a read out of bounds in getnamekerne...

7.7AI score0.00247EPSS
Exploits0References8
Rows per page
Query Builder