Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

21799 matches found

Positive Technologies
Positive Technologiesadded 2026/04/13 12:0 a.m.2 views

PT-2026-32518

A security vulnerability has been detected in DbGate up to 7.1.4. This affects an unknown function of the file packages/web/src/icons/FontIcon.svelte of the component SVG Icon String Handler. Such manipulation of the argument applicationIcon leads to cross site scripting. The attack may be launch...

5.1CVSS4.2AI score0.00036EPSS
Exploits0References7
Positive Technologies
Positive Technologiesadded 2026/04/13 12:0 a.m.2 views

PT-2026-32195

Name of the Vulnerable Software and Affected Versions Totolink A7100RU version 7.4cu.2313 b20191024 Description A flaw exists in the Totolink A7100RU version 7.4cu.2313 b20191024. The issue is due to a vulnerability in the setAccessDeviceCfg function within the CGI Handler component, located in t...

10CVSS7.4AI score0.01221EPSS
Exploits0References12
Positive Technologies
Positive Technologiesadded 2026/04/13 12:0 a.m.4 views

PT-2026-32531

A vulnerability was identified in HummerRisk up to 1.5.0. This vulnerability affects the function ServerService.addServer of the file ServerService.java of the component Video File Download URL Handler. Such manipulation of the argument streamIp leads to server-side request forgery. It is possibl...

5.8CVSS5.5AI score0.00047EPSS
Exploits0References7
Positive Technologies
Positive Technologiesadded 2026/04/13 12:0 a.m.3 views

PT-2026-32197

Name of the Vulnerable Software and Affected Versions Totolink A7100RU version 7.4cu.2313 b20191024 Description A flaw exists in the CGI Handler component of Totolink A7100RU version 7.4cu.2313 b20191024. Specifically, the UploadOpenVpnCert function within the /cgi-bin/cstecgi.cgi file is...

10CVSS7.3AI score0.01221EPSS
Exploits0References11
NVD
NVDadded 2026/04/12 11:16 p.m.1 views

CVE-2026-6132

A vulnerability was determined in Totolink A7100RU 7.4cu.2313b20191024. Affected by this issue is the function setLedCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulation of the argument enable causes os command injection. Remote exploitation of the attack is...

10CVSS0.00316EPSS
Exploits0References5
CVE
CVEadded 2026/04/12 10:30 p.m.7 views

CVE-2026-6132

Affected product: Totolink A7100RU. Vulnerable component: CGI Handler, function setLedCfg in /cgi-bin/cstecgi.cgi. Issue: manipulation of the argument enable leads to OS command injection. Impact: remote code execution possibility with high severity (CVE-2026-6132). Exploit status: publicly discl...

10CVSS7AI score0.00316EPSS
Exploits0References5
EUVD
EUVDadded 2026/04/12 3:30 p.m.3 views

EUVD-2019-20133

Easy Video to iPod Converter 1.6.20 contains a local buffer overflow vulnerability in the user registration field that allows local attackers to overwrite the structured exception handler. Attackers can input a crafted payload exceeding 996 bytes in the username field to trigger SEH overwrite and...

8.6CVSS6.4AI score0.00017EPSS
Exploits1References5
OSV
OSVadded 2026/04/12 12:30 p.m.2 views

GHSA-822V-8W6H-5JXP Warm-Flow has a SpEL Expression Injection in SpelHelper.parseExpression

A security flaw has been discovered in Dromara warm-flow up to 1.8.4. Impacted is the function SpelHelper.parseExpression of the file /warm-flow/save-json of the component Workflow Definition Handler. The manipulation of the argument listenerPath/skipCondition/permissionFlag results in code...

6.3CVSS6.3AI score0.00019EPSS
Exploits0References8
Github Security Blog
Github Security Blogadded 2026/04/12 12:30 p.m.6 views

Warm-Flow has a SpEL Expression Injection in SpelHelper.parseExpression

A security flaw has been discovered in Dromara warm-flow up to 1.8.4. Impacted is the function SpelHelper.parseExpression of the file /warm-flow/save-json of the component Workflow Definition Handler. The manipulation of the argument listenerPath/skipCondition/permissionFlag results in code...

6.5CVSS6.3AI score0.00019EPSS
Exploits0References8Affected Software1
CVE
CVEadded 2026/04/12 12:28 p.m.6 views

CVE-2019-25701

CVE-2019-25701 affects Easy Video to iPod Converter 1.6.20. The issue is a local buffer overflow in the user registration field, where a crafted payload exceeding 996 bytes in the username can trigger an SEH overwrite and allow an attacker to execute arbitrary code with user privileges. Documents...

8.6CVSS6.4AI score0.00017EPSS
Exploits1References4Affected Software1
ATTACKERKB
ATTACKERKBadded 2026/04/12 12:28 p.m.3 views

CVE-2019-25701

Easy Video to iPod Converter 1.6.20 contains a local buffer overflow vulnerability in the user registration field that allows local attackers to overwrite the structured exception handler. Attackers can input a crafted payload exceeding 996 bytes in the username field to trigger SEH overwrite and...

8.6CVSS6.4AI score0.00017EPSS
Exploits1References4Affected Software1
Cvelist
Cvelistadded 2026/04/12 12:28 p.m.30 views

CVE-2019-25701 Easy Video to iPod Converter 1.6.20 Local Buffer Overflow SEH

Easy Video to iPod Converter 1.6.20 contains a local buffer overflow vulnerability in the user registration field that allows local attackers to overwrite the structured exception handler. Attackers can input a crafted payload exceeding 996 bytes in the username field to trigger SEH overwrite and...

8.6CVSS0.00017EPSS
Exploits1References4
Vulnrichment
Vulnrichmentadded 2026/04/12 12:28 p.m.2 views

CVE-2019-25701 Easy Video to iPod Converter 1.6.20 Local Buffer Overflow SEH

Easy Video to iPod Converter 1.6.20 contains a local buffer overflow vulnerability in the user registration field that allows local attackers to overwrite the structured exception handler. Attackers can input a crafted payload exceeding 996 bytes in the username field to trigger SEH overwrite and...

8.6CVSS6.4AI score0.00017EPSS
Exploits1References4
CVE
CVEadded 2026/04/12 9:30 a.m.9 views

CVE-2026-6125

Affected software: Dromara warm-flow up to version 1.8.4. Vulnerable component: SpelHelper.parseExpression in /warm-flow/save-json of the Workflow Definition Handler. Issue: argument manipulation of listenerPath/skipCondition/permissionFlag enables code injection. Impact: remote attacker could ex...

6.5CVSS6.3AI score0.00019EPSS
Exploits0References5
ATTACKERKB
ATTACKERKBadded 2026/04/12 9:30 a.m.2 views

CVE-2026-6125

A security flaw has been discovered in Dromara warm-flow up to 1.8.4. Impacted is the function SpelHelper.parseExpression of the file /warm-flow/save-json of the component Workflow Definition Handler. The manipulation of the argument listenerPath/skipCondition/permissionFlag results in code...

6.5CVSS6.3AI score0.00019EPSS
Exploits0References5Affected Software1
EUVD
EUVDadded 2026/04/12 6:30 a.m.2 views

EUVD-2026-21700

A weakness has been identified in Totolink A7100RU 7.4cu.2313b20191024. Affected is the function setRadvdCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulation of the argument maxRtrAdvInterval causes os command injection. The attack can be initiated remotely. The...

10CVSS5.6AI score0.01221EPSS
Exploits0References6
NVD
NVDadded 2026/04/12 4:16 a.m.2 views

CVE-2026-6114

A vulnerability was detected in Totolink A7100RU 7.4cu.2313b20191024. Affected by this issue is the function setNetworkCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipulation of the argument proto results in os command injection. The attack may be initiated...

10CVSS0.01221EPSS
Exploits0References5
NVD
NVDadded 2026/04/12 4:16 a.m.0 views

CVE-2026-6112

A weakness has been identified in Totolink A7100RU 7.4cu.2313b20191024. Affected is the function setRadvdCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulation of the argument maxRtrAdvInterval causes os command injection. The attack can be initiated remotely. The...

10CVSS0.01221EPSS
Exploits0References5
ATTACKERKB
ATTACKERKBadded 2026/04/12 4:15 a.m.1 views

CVE-2026-6116

A vulnerability has been found in Totolink A7100RU 7.4cu.2313b20191024. This vulnerability affects the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument ip leads to os command injection. Remote exploitation of the attack is...

10CVSS6.8AI score0.01221EPSS
Exploits0References5Affected Software1
ATTACKERKB
ATTACKERKBadded 2026/04/12 4:0 a.m.0 views

CVE-2026-6115

A flaw has been found in Totolink A7100RU 7.4cu.2313b20191024. This affects the function setAppCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argument enable can lead to os command injection. The attack may be launched remotely. The exploit has...

10CVSS7AI score0.01221EPSS
Exploits0References5Affected Software1
Rows per page
Query Builder