CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

185 matches found

EasySpider 0.6.2 - Arbitrary File Read

A vulnerability classified as problematic was found in NaiboWang EasySpider 0.6.2 on Windows. Affected by this vulnerability is an unknown functionality of the file \EasySpider\resources\app\server.js of the component HTTP GET Request Handler. The manipulation with the input...

8.8CVSS4.8AI score0.81003EPSS

Exploits1References6

Cvelist•added 5 days ago•30 views

CVE-2026-49841 FreeSWITCH: Pre-authentication heap buffer overflow in `mod_verto` HTTP POST body read

FreeSWITCH is a Software Defined Telecom Stack enabling the digital transformation from proprietary telecom switches to a software implementation that runs on any commodity hardware. Prior to version 1.11.1, the modverto HTTP request handler allocates a fixed 2 MiB buffer for a POST...

9.8CVSS0.00043EPSS

Exploits0References2

AlpineLinux•added 5 days ago•4 views

CVE-2026-49841

9.8CVSS5.6AI score0.00043EPSS

Exploits0References2

RedhatCVE•added 2026/06/05 7:49 p.m.•6 views

CVE-2026-38360

Directory Traversal vulnerability in fohrloop dash-uploader v.0.1.0 through v.0.7.0a2 allows a remote attacker to execute arbitrary code via the dashuploader/httprequesthandler.py, BaseHttpRequestHandler.gettemproot, BaseHttpRequestHandler.post components...

9.8CVSS6AI score0.06538EPSS

Exploits4References1

RedhatCVE•added 2026/06/05 7:22 p.m.•5 views

CVE-2026-7855

A vulnerability was detected in D-Link DI-8100 16.07.26A1. Affected by this issue is the function tgglasp of the file /tggl.asp of the component HTTP Request Handler. Performing a manipulation of the argument Name results in buffer overflow. The attack can be initiated remotely. The exploit is no...

9CVSS8.2AI score0.00019EPSS

Exploits1References1

RedhatCVE•added 2026/06/05 7:17 p.m.•4 views

CVE-2026-6194

A weakness has been identified in Totolink A3002MU B20211125.1046. Affected by this vulnerability is the function sub410188 of the file /boafrm/formWlanSetup of the component HTTP Request Handler. This manipulation of the argument wan-url causes stack-based buffer overflow. Remote exploitation of...

9CVSS8AI score0.00085EPSS

Exploits0References1

Vulnrichment•added 2026/05/08 12:0 a.m.•6 views

CVE-2026-38360

6AI score0.06538EPSS

Exploits4References8

Positive Technologies•added 2026/05/08 12:0 a.m.•8 views

PT-2026-39150

Name of the Vulnerable Software and Affected Versions fohrloop dash-uploader versions 0.1.0 through 0.7.0a2 Description A directory traversal issue allows a remote attacker to execute arbitrary code. This is possible through the dash uploader/httprequesthandler.py component, specifically within t...

9.8CVSS6.1AI score0.06538EPSS

Exploits4References19

CVE•added 2026/05/08 12:0 a.m.•8 views

CVE-2026-38360

CVE-2026-38360 affects fohrloop dash-uploader, with directory traversal in dash_uploader/httprequesthandler.py affecting versions 0.1.0 through 0.7.0a2. The vulnerability arises from unvalidated user-supplied values used in get_temp_root (upload_id), resumableFilename, and resumableIdentifier, wh...

9.8CVSS6AI score0.06538EPSS

Exploits4References8

EUVD•added 2026/05/05 9:31 p.m.•6 views

EUVD-2026-27432

9CVSS7.8AI score0.00019EPSS

Exploits1References6

Cvelist•added 2026/05/05 6:30 p.m.•24 views

CVE-2026-7855 D-Link DI-8100 HTTP Request tggl.asp tggl_asp buffer overflow

9CVSS0.00019EPSS

Exploits1References5

ATTACKERKB•added 2026/05/05 6:30 p.m.•2 views

CVE-2026-7855

9CVSS7.8AI score0.00019EPSS

Exploits1References5Affected Software1

CVE•added 2026/05/05 6:30 p.m.•4 views

CVE-2026-7855

CVE-2026-7855 affects D-Link DI-8100 firmware 16.07.26A1. The vulnerability is in the HTTP Request Handler, specifically the function tggl_asp in the file tggl.asp ; manipulating the Name argument triggers a buffer overflow. The issue is exploitable remotely and the exploit is public. CVSS-based ...

9CVSS7.8AI score0.00019EPSS

Exploits1References5Affected Software1

Positive Technologies•added 2026/05/05 12:0 a.m.•6 views

PT-2026-37216

Name of the Vulnerable Software and Affected Versions D-Link DI-8100 version 16.07.26A1 Description A buffer overflow occurs in the HTTP Request Handler component when manipulating the Name argument. This issue is located within the tggl asp function of the '/tggl.asp' endpoint and can be trigger...

9CVSS7.4AI score0.00019EPSS

Exploits1References11

CVE•added 2026/04/13 5:15 p.m.•4 views

CVE-2026-6194

The CVE-2026-6194 entry concerns Totolink A3002MU (firmware B20211125.1046). The vulnerability affects the HTTP Request Handler, specifically the function sub_410188 in /boafrm/formWlanSetup, where manipulation of the wan-url argument triggers a stack-based buffer overflow. This allows remote exp...

9CVSS7.8AI score0.00085EPSS

Exploits0References5

EUVD•added 2026/03/16 3:30 p.m.•6 views

EUVD-2026-12214

A weakness has been identified in Topsec TopACM 3.0. Affected by this vulnerability is an unknown functionality of the file /view/systemConfig/management/nmcsync.php of the component HTTP Request Handler. Executing a manipulation of the argument templatepath can lead to os command injection. The...

10CVSS7.1AI score0.0022EPSS

Exploits0References5

RedhatCVE•added 2026/01/10 5:40 a.m.•3 views

CVE-2026-0731

A vulnerability has been found in TOTOLINK WA1200 5.9c.2914. The impacted element is an unknown function of the file cstecgi.cgi of the component HTTP Request Handler. The manipulation leads to null pointer dereference. The attack is possible to be carried out remotely. The exploit has been...

7.5CVSS6.5AI score0.00154EPSS

Exploits1References1