CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

32 matches found

CVE•added 2026/06/05 7:52 a.m.•27 views

CVE-2026-9088

In Keycloak, a flaw in org.keycloak.services allows an administrator with delegated access to read group memberships and users to bypass user profile permissions by querying the group members endpoint. This enables viewing user attributes that are explicitly denied, causing information disclosure...

2.7CVSS5.4AI score0.00318EPSS

Exploits0References6

Positive Technologies•added 2026/06/05 12:0 a.m.•14 views

PT-2026-46909

A flaw was found in org.keycloak.services. An administrator with delegated access to read group memberships and users can bypass user profile permissions by accessing the group members endpoint. This allows the administrator to view user attributes that are explicitly configured to be denied,...

2.7CVSS5.4AI score0.00318EPSS

Exploits0References3

Positive Technologies•added 2026/05/26 12:0 a.m.•8 views

PT-2026-43322

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description An improper access check allows privilege escalation through the 'com users group editing webservice' endpoint. Recommendations At the moment, there is no...

9.8CVSS5.8AI score0.00292EPSS

Exploits0References4

CNVD•added 2026/04/16 12:0 a.m.•2 views

D-Link DI-8003 Buffer Overflow Vulnerability (CNVD-2026-17643)

The D-Link DI-8003 is a wireless router from China-based AUO D-Link. The D-Link DI-8003 suffers from a buffer overflow vulnerability that originates from improper handling of the name parameter in the /urlgroup.asp endpoint, which can be exploited by an attacker to cause a denial of service...

7.5CVSS6.1AI score0.00516EPSS

Exploits0

RedhatCVE•added 2026/04/10 7:22 p.m.•6 views

CVE-2025-50664

A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of parameters in the /usergroup.asp endpoint. The attacker can exploit this vulnerability by sending a crafted HTTP GET request with parameters name, mem, pri, and attr...

7.5CVSS6.1AI score0.00605EPSS

Exploits0References1

RedhatCVE•added 2026/04/10 7:22 p.m.•3 views

CVE-2025-50662

A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the name parameter in the /urlgroup.asp endpoint...

7.5CVSS6AI score0.00516EPSS

Exploits0References1

EUVD•added 2026/04/08 9:33 p.m.•4 views

EUVD-2025-209347

A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the name parameter in the /urlgroup.asp endpoint...

6.2AI score0.00516EPSS

Exploits0References3

EUVD•added 2026/04/08 9:33 p.m.•10 views

EUVD-2025-209351

6.2AI score0.00605EPSS

Exploits0References3

NVD•added 2026/04/08 7:24 p.m.•1 views

CVE-2025-50664

7.5CVSS0.00605EPSS

Exploits0References3

NVD•added 2026/04/08 7:24 p.m.•5 views

CVE-2025-50653

A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the name and mem parameters in the /timegroup.asp endpoint...

7.5CVSS0.00516EPSS

Exploits0References3

NVD•added 2026/04/08 7:24 p.m.•3 views

CVE-2025-50662

A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the name parameter in the /urlgroup.asp endpoint...

7.5CVSS0.00516EPSS

Exploits0References3

Positive Technologies•added 2026/04/08 12:0 a.m.•7 views

PT-2026-31378

CVE-2025-50653 A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the name and mem parameters in the /time group.asp endpoint. https://t.co/22B1zw0ww8...

7.5CVSS6AI score0.00516EPSS

Exploits0References4

Vulnrichment•added 2026/04/08 12:0 a.m.•2 views

CVE-2025-50664

6.1AI score0.00605EPSS

Exploits0References3

Cvelist•added 2026/04/08 12:0 a.m.•17 views

CVE-2025-50664

0.00605EPSS

Exploits0References3

Vulnrichment•added 2026/04/08 12:0 a.m.•3 views

CVE-2025-50655

A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the name parameter in the /thdgroup.asp endpoint...

6AI score0.00516EPSS

Exploits0References3

Positive Technologies•added 2026/04/08 12:0 a.m.•2 views

PT-2026-31387

A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of parameters in the /user group.asp endpoint. The attacker can exploit this vulnerability by sending a crafted HTTP GET request with parameters name, mem, pri, and attr...

7.5CVSS6.2AI score0.00605EPSS

Exploits0References5

Vulnrichment•added 2026/04/08 12:0 a.m.•3 views

CVE-2025-50653

A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the name and mem parameters in the /timegroup.asp endpoint...

6AI score0.00516EPSS

Exploits0References3

CVE•added 2026/04/08 12:0 a.m.•13 views

CVE-2025-50653

CVE-2025-50653 affects D-Link DI-8003 devices (firmware 16.07.26A1). A buffer overflow is triggered by improper handling of the name and mem parameters in the /time_group.asp endpoint. CNVD-2026-17635 and RH/CVEs describe a boundary/overflow condition leading to denial of service; NVD metrics ind...

7.5CVSS6.2AI score0.00516EPSS

Exploits0References3Affected Software1

Cvelist•added 2026/04/08 12:0 a.m.•18 views

CVE-2025-50662

A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the name parameter in the /urlgroup.asp endpoint...

0.00516EPSS

Exploits0References3

Cvelist•added 2026/04/08 12:0 a.m.•18 views

CVE-2025-50655

A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the name parameter in the /thdgroup.asp endpoint...

0.00516EPSS

Exploits0References3