Lucene search
K

8349 matches found

Nuclei
Nuclei
added yesterday15 views

D-Link DIR-803 - Authentication Bypass

An authentication bypass vulnerability exists in D-Link DIR-803 routers firmware A1 1.04 and earlier. By manipulating the AUTHORIZEDGROUP parameter in /getcfg.php via newline injection, an attacker can retrieve XML configuration containing administrator credentials without authentication. id:...

7.5CVSS6.2AI score0.03559EPSS
Exploits1References3
Nuclei
Nuclei
added yesterday57 views

D-Link DIR-605 - Information Disclosure

An informtion disclosure issue exists in D-LINK-DIR-605 B2 Firmware Version - 2.01MT. An attacker can obtain a user name and password by forging a post request to the / getcfg.php page id: CVE-2021-40655 info: name: D-Link DIR-605 - Information Disclosure author: DhiyaneshDK severity: high...

7.5CVSS7.1AI score0.87039EPSS
Exploits1References2
Nuclei
Nuclei
added yesterday66 views

D-LINK DIR-845L bsc_sms_inbox.php file - Information Disclosure

D-LINK DIR-845L DEVICE.ACCOUNT" - "" condition: and - type: status status: - 200 digest: 490a00463044022067cde8a1122a201227d6f72ae97d9b5b0739eb6a20b6b3f82b8000194ab1a5f7022...

5.3CVSS6.1AI score0.03419EPSS
Exploits1References2
Nuclei
Nuclei
added yesterday66 views

D-Link DIR-610 Devices - Information Disclosure

D-Link DIR-610 devices allow information disclosure via SERVICES=DEVICE.ACCOUNT%0AAUTHORIZEDGROUP=1 to getcfg.php. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. id: CVE-2020-9376 info: name: D-Link DIR-610 Devices - Information Disclosure author:...

7.5CVSS7AI score0.16586EPSS
Exploits1References5
EUVD
EUVD
added yesterday5 views

EUVD-2026-43609

An issue in D-Link DIR-1253 v.1.0.1.250923.142435 allows an attacker to escalate privileges via the etc/shadow component file...

9.8CVSS6.1AI score
Exploits0References4
NVD
NVD
added 2 days ago5 views

CVE-2026-52533

An issue in D-Link DIR-1253 v.1.0.1.250923.142435 allows an attacker to escalate privileges via the etc/shadow component file...

9.8CVSS
Exploits0References3
Nuclei
Nuclei
added 2 days ago68 views

D-Link DIR-615 - Unauthorized Access

D-Link DIR-615 devices with firmware 20.06 are susceptible to unauthorized access. An attacker can access the WAN configuration page wan.htm without authentication, which can lead to disclosure of WAN settings, data modification, and/or other unauthorized operations. id: CVE-2021-42627 info: name...

9.8CVSS7.1AI score0.6307EPSS
Exploits0References5
Nuclei
Nuclei
added 2 days ago75 views

D-Link DIR-816L - Improper Access Control

D-Link DIR-816LFW206b01 is susceptible to improper access control. An attacker can access folders folderview.php and categoryview.php and thereby possibly obtain sensitive information, modify data, and/or execute unauthorized operations. id: CVE-2022-28955 info: name: D-Link DIR-816L - Improper...

7.5CVSS6.8AI score0.38289EPSS
Exploits1References5
Cvelist
Cvelist
added 2 days ago28 views

CVE-2026-52533

An issue in D-Link DIR-1253 v.1.0.1.250923.142435 allows an attacker to escalate privileges via the etc/shadow component file...

Exploits0References3
CVE
CVE
added 2 days ago7 views

CVE-2026-52533

An issue in D-Link DIR-1253 v.1.0.1.250923.142435 allows an attacker to escalate privileges via the etc/shadow component file...

9.8CVSS6.1AI score
Exploits0References3
NVD
NVD
added 6 days ago6 views

CVE-2026-15270

A weakness has been identified in D-link DIR-823G 1.0.2B0520181207. Affected by this vulnerability is an unknown functionality of the file /etc/boa/boa.conf of the component Web Interface. Executing a manipulation can lead to least privilege violation. The attack can be launched remotely. The...

7.7CVSS0.00368EPSS
Exploits0References6
EUVD
EUVD
added 6 days ago8 views

EUVD-2026-42692

A weakness has been identified in D-link DIR-823G 1.0.2B0520181207. Affected by this vulnerability is an unknown functionality of the file /etc/boa/boa.conf of the component Web Interface. Executing a manipulation can lead to least privilege violation. The attack can be launched remotely. The...

7.7CVSS6.4AI score0.00368EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 6 days ago9 views

CVE-2026-15270

A weakness has been identified in D-link DIR-823G 1.0.2B0520181207. Affected by this vulnerability is an unknown functionality of the file /etc/boa/boa.conf of the component Web Interface. Executing a manipulation can lead to least privilege violation. The attack can be launched remotely. The...

7.7CVSS6.4AI score0.00368EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 6 days ago35 views

CVE-2026-15270 D-link DIR-823G Web boa.conf least privilege violation

A weakness has been identified in D-link DIR-823G 1.0.2B0520181207. Affected by this vulnerability is an unknown functionality of the file /etc/boa/boa.conf of the component Web Interface. Executing a manipulation can lead to least privilege violation. The attack can be launched remotely. The...

7.7CVSS0.00368EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 6 days ago7 views

CVE-2026-59149

Mockoon provides way to design and run mock APIs. Prior to 9.7.0, a FILE response whose filePath embeds request data is confined by getSafeFilePath in packages/commons-server/src/libs/server/server.ts with resolvedPath.startsWithstaticBaseDir. That prefix test has no path-separator boundary, so a...

6.5CVSS5.9AI score0.0033EPSS
Exploits0References6Affected Software1
Positive Technologies
Positive Technologies
added 6 days ago9 views

PT-2026-56920

Name of the Vulnerable Software and Affected Versions D-link DIR-823G version 1.0.2B05 20181207 Description A weakness exists in the Web Interface component within the /etc/boa/boa.conf file. A remote attacker can perform a manipulation that leads to a least privilege violation. This attack is...

7.7CVSS6.8AI score0.00368EPSS
Exploits0References10
Snyk
Snyk
added 2026/07/01 6:41 p.m.4 views

Unsafe Dependency Resolution

Overview neuro-cortex-memory is a Scientifically-grounded memory system based on computational neuroscience research Affected versions of this package are vulnerable to Unsafe Dependency Resolution via the CLAUDEPROJECTDIR environment variable, which is treated as a trusted source directory witho...

8.5CVSS6.2AI score
Exploits0References2
Cvelist
Cvelist
added 2026/06/30 3:57 p.m.40 views

CVE-2026-58371 SeaweedFS < 4.30 - Cross-Origin Information Disclosure via Unvalidated JSONP callback Parameter

SeaweedFS before 4.30 reflects the callback query parameter verbatim into responses served with Content-Type application/javascript in the shared writeJson helper weed/server/common.go, with no callback-name validation, no X-Content-Type-Options: nosniff header, and no CORS allow-list. Every JSON...

3.1CVSS0.0021EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/06/23 6:8 p.m.5 views

CVE-2026-54319

Daytona is a secure and elastic infrastructure runtime for AI-generated code execution and agent workflows. Prior to 0.186, a sandbox volume reference volumeId, which may also be a volume name was forwarded to the runner and used to build the host bind-mount source path without confinement. A...

4.2CVSS6.2AI score0.00171EPSS
Exploits0References2Affected Software1
Snyk
Snyk
added 2026/06/17 2:1 p.m.14 views

Symlink Attack

Overview chrome-devtools-mcp is a MCP server for Chrome DevTools Affected versions of this package are vulnerable to Symlink Attack in the fs.writeFileSync process when writing the PID file to a runtime directory under /tmp if $XDGRUNTIMEDIR is unset. An attacker can overwrite or truncate arbitra...

6.9CVSS6AI score0.00077EPSS
Exploits1References2
Rows per page
Query Builder