Lucene search
K

220874 matches found

Vulnrichment
Vulnrichment
added 2026/05/25 10:15 p.m.8 views

CVE-2026-9512 Totolink CA750-PoE Setting cstecgi.cgi setPasswordCfg os command injection

A security flaw has been discovered in Totolink CA750-PoE 6.2c.510. This vulnerability affects the function setPasswordCfg of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. Performing a manipulation of the argument admuser/admpass results in os command injection. The attack can b...

6.5CVSS6.4AI score0.01057EPSS
Exploits0References5
CVE
CVE
added 2026/05/25 10:15 p.m.20 views

CVE-2026-9512

CVE-2026-9512 affects Totolink CA750-PoE (firmware 6.2c.510) in the Setting Handler’s /cgi-bin/cstecgi.cgi, where manipulating the admuser/admpass arguments enables an os command injection in the setPasswordCfg function. The issue is remotely exploitable and, per the metrics, has an in-the-wild p...

6.5CVSS6.4AI score0.01057EPSS
Exploits0References5
EUVD
EUVD
added 2026/05/25 10:0 p.m.12 views

EUVD-2026-31760

A vulnerability was identified in Totolink CA750-PoE 6.2c.510. This affects the function setWebWlanIdx of the file /cgi-bin/cstecgi.cgi of the component Setting Handler. Such manipulation of the argument webWlanIdx leads to os command injection. It is possible to launch the attack remotely. The...

6.5CVSS6.4AI score0.01057EPSS
Exploits0References5
NVD
NVD
added 2026/05/25 9:16 p.m.17 views

CVE-2026-9503

A security flaw has been discovered in GNU LibreDWG up to 0.14. This impacts the function dwgnextentity of the file src/decode.c of the component DWG File Handler. The manipulation results in null pointer dereference. The attack must be initiated from a local position. The exploit has been releas...

4.8CVSS0.00143EPSS
Exploits0References7
NVD
NVD
added 2026/05/25 9:16 p.m.20 views

CVE-2026-9502

A vulnerability was identified in GNU LibreDWG up to 0.14. This affects the function decompressR2004section of the file src/decode.c of the component Dwgread Utility. The manipulation leads to heap-based buffer overflow. The attack must be carried out locally. The exploit is publicly available an...

5.3CVSS0.00154EPSS
Exploits0References7
CVE
CVE
added 2026/05/25 9:15 p.m.25 views

CVE-2026-9504

GNU LibreDWG (up to 0.14) is affected in the Dwggrep Utility, specifically the bit_convert_TU function in programs/dwggrep.c, which can trigger an out-of-bounds read. The issue requires local access to exploit and the public exploit is available. A patch be996bf2178a40e98720f18c2414815d244413db i...

4.8CVSS5.3AI score0.00176EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/05/25 9:0 p.m.23 views

CVE-2026-9503 GNU LibreDWG DWG File decode.c dwg_next_entity null pointer dereference

A security flaw has been discovered in GNU LibreDWG up to 0.14. This impacts the function dwgnextentity of the file src/decode.c of the component DWG File Handler. The manipulation results in null pointer dereference. The attack must be initiated from a local position. The exploit has been releas...

4.8CVSS0.00143EPSS
Exploits0References7
EUVD
EUVD
added 2026/05/25 9:0 p.m.13 views

EUVD-2026-31741

A security flaw has been discovered in GNU LibreDWG up to 0.14. This impacts the function dwgnextentity of the file src/decode.c of the component DWG File Handler. The manipulation results in null pointer dereference. The attack must be initiated from a local position. The exploit has been releas...

4.8CVSS5.4AI score0.00143EPSS
Exploits0References7
CVE
CVE
added 2026/05/25 9:0 p.m.21 views

CVE-2026-9503

Summary: CVE-2026-9503 affects GNU LibreDWG up to v0.14, specifically the DWG File Handler’s dwg_next_entity function in src/decode.c. The issue is a null pointer dereference arising from the function’s handling of certain DWG entities, with exploitation requiring local access. The exploit has be...

4.8CVSS5.4AI score0.00143EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2026/05/25 9:0 p.m.10 views

CVE-2026-9503 GNU LibreDWG DWG File decode.c dwg_next_entity null pointer dereference

A security flaw has been discovered in GNU LibreDWG up to 0.14. This impacts the function dwgnextentity of the file src/decode.c of the component DWG File Handler. The manipulation results in null pointer dereference. The attack must be initiated from a local position. The exploit has been releas...

4.8CVSS5.4AI score0.00143EPSS
Exploits0References7
CVE
CVE
added 2026/05/25 8:45 p.m.29 views

CVE-2026-9502

Summary: CVE-2026-9502 affects GNU LibreDWG’s Dwgread Utility (up to 0.14). The issue is in decompress_R2004_section (src/decode.c), causing a heap-based buffer overflow. The attack is local and there is a publicly available exploit. A patch is identified by commit/id e501cb9926c1e9a07a0d1cc997f3...

5.3CVSS6AI score0.00154EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2026/05/25 8:45 p.m.9 views

CVE-2026-9502 GNU LibreDWG Dwgread Utility decode.c decompress_R2004_section heap-based overflow

A vulnerability was identified in GNU LibreDWG up to 0.14. This affects the function decompressR2004section of the file src/decode.c of the component Dwgread Utility. The manipulation leads to heap-based buffer overflow. The attack must be carried out locally. The exploit is publicly available an...

5.3CVSS6AI score0.00154EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/05/25 8:45 p.m.43 views

CVE-2026-9502 GNU LibreDWG Dwgread Utility decode.c decompress_R2004_section heap-based overflow

A vulnerability was identified in GNU LibreDWG up to 0.14. This affects the function decompressR2004section of the file src/decode.c of the component Dwgread Utility. The manipulation leads to heap-based buffer overflow. The attack must be carried out locally. The exploit is publicly available an...

5.3CVSS0.00154EPSS
Exploits0References7
EUVD
EUVD
added 2026/05/25 8:45 p.m.13 views

EUVD-2026-31740

A vulnerability was identified in GNU LibreDWG up to 0.14. This affects the function decompressR2004section of the file src/decode.c of the component Dwgread Utility. The manipulation leads to heap-based buffer overflow. The attack must be carried out locally. The exploit is publicly available an...

5.3CVSS6AI score0.00154EPSS
Exploits0References7
EUVD
EUVD
added 2026/05/25 8:30 p.m.10 views

EUVD-2026-31737

A vulnerability was determined in GNU LibreDWG up to 0.14. The impacted element is the function decompressR2004section of the file src/decode.c of the component Dwgread Utility. Executing a manipulation can lead to reachable assertion. The attack is restricted to local execution. The exploit has...

4.8CVSS5.3AI score0.00144EPSS
Exploits0References7
NVD
NVD
added 2026/05/25 8:16 p.m.10 views

CVE-2026-9484

A vulnerability was determined in SourceCodester Student Grades Management System 1.0. Affected by this vulnerability is the function getClassroomStudents/removeStudentFromClassroom of the file classroom.php. Executing a manipulation of the argument classroomid can lead to improper authorization...

6.5CVSS0.00272EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2026/05/25 8:15 p.m.7 views

CVE-2026-9500 GNU LibreDWG Dwgread Utility decode.c read_2004_compressed_section heap-based overflow

A vulnerability was found in GNU LibreDWG up to 0.14. The affected element is the function read2004compressedsection of the file src/decode.c of the component Dwgread Utility. Performing a manipulation results in heap-based buffer overflow. The attack is only possible with local access. The explo...

5.3CVSS6AI score0.00124EPSS
Exploits0References6
EUVD
EUVD
added 2026/05/25 8:15 p.m.12 views

EUVD-2026-31732

A vulnerability was found in GNU LibreDWG up to 0.14. The affected element is the function read2004compressedsection of the file src/decode.c of the component Dwgread Utility. Performing a manipulation results in heap-based buffer overflow. The attack is only possible with local access. The explo...

5.3CVSS6AI score0.00124EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/05/25 7:30 p.m.23 views

CVE-2026-9486 SourceCodester Student Grades Management System cross-site request forgery

A security flaw has been discovered in SourceCodester Student Grades Management System 1.0. This affects an unknown part. The manipulation results in cross-site request forgery. The attack can be executed remotely. The exploit has been released to the public and may be used for attacks...

5.3CVSS0.00187EPSS
Exploits0References5
EUVD
EUVD
added 2026/05/25 7:30 p.m.8 views

EUVD-2026-31726

A security flaw has been discovered in SourceCodester Student Grades Management System 1.0. This affects an unknown part. The manipulation results in cross-site request forgery. The attack can be executed remotely. The exploit has been released to the public and may be used for attacks...

5.3CVSS5.4AI score0.00187EPSS
Exploits0References5
Rows per page
Query Builder