CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

16521 matches found

Cvelist•added 2025/12/29 8:32 a.m.•23 views

CVE-2025-15180 Tenda WH450 HTTP Request webExcptypemanFilte stack-based overflow

A vulnerability was identified in Tenda WH450 1.0.0.18. The affected element is an unknown function of the file /goform/webExcptypemanFilte of the component HTTP Request Handler. Such manipulation of the argument page leads to stack-based buffer overflow. The attack may be launched remotely. The...

8.6CVSS0.00137EPSS

Exploits1References6

IBM Security Bulletins•added 2025/12/29 7:37 a.m.•5 views

Security Bulletin: Vulnerability in Netty affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge.

Summary Potential vulnerability in Netty has been identified that affects IBM watsonx Assistant Cartridge and IBM watsonx Orchestrate with watsonx Assistant Cartridge - Assistant Builder Component. . The vulnerability have been addressed. Refer to details for additional information. Vulnerability...

7.5CVSS6.2AI score0.00097EPSS

Exploits1Affected Software2

EUVD•added 2025/12/29 7:32 a.m.•2 views

EUVD-2025-205562

A vulnerability was found in Tenda WH450 1.0.0.18. This issue affects some unknown processing of the file /goform/VirtualSer of the component HTTP Request Handler. The manipulation of the argument page results in stack-based buffer overflow. The attack can be launched remotely. The exploit has be...

8.6CVSS6.9AI score0.00481EPSS

Exploits1References7

CVE•added 2025/12/29 7:32 a.m.•9 views

CVE-2025-15178

CVE-2025-15178 affects Tenda WH450 v1.0.0.18, with a stack-based buffer overflow in the HTTP Request Handler triggered by manipulating the page parameter of /goform/VirtualSer. The vulnerability can be exploited remotely and public PoCs exist. Connected sources (Red Hat, NVD, CVE List, CVSS metri...

8.6CVSS7.3AI score0.00481EPSS

Exploits1References6Affected Software1

NVD•added 2025/12/29 7:15 a.m.•1 views

CVE-2025-15177

A vulnerability has been found in Tenda WH450 1.0.0.18. This vulnerability affects unknown code of the file /goform/SetIpBind of the component HTTP Request Handler. The manipulation of the argument page leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has be...

8.6CVSS0.0027EPSS

Exploits3References6

EUVD•added 2025/12/29 7:2 a.m.•1 views

EUVD-2025-205565

8.6CVSS7AI score0.0027EPSS

Exploits3References7

RedhatCVE•added 2025/12/24 11:35 p.m.•3 views

CVE-2025-15048

A vulnerability was determined in Tenda WH450 1.0.0.18. This impacts an unknown function of the file /goform/CheckTools of the component HTTP Request Handler. Executing a manipulation of the argument ipaddress can lead to command injection. The attack can be launched remotely. The exploit has bee...

9.8CVSS7.2AI score0.00112EPSS

Exploits1References1

RedhatCVE•added 2025/12/24 10:29 p.m.•2 views

CVE-2025-15046

A vulnerability has been found in Tenda WH450 1.0.0.18. The impacted element is an unknown function of the file /goform/PPTPClient of the component HTTP Request Handler. Such manipulation of the argument netmsk leads to stack-based buffer overflow. It is possible to launch the attack remotely. Th...

10CVSS9.7AI score0.00159EPSS

Exploits1References1

CVE•added 2025/12/24 8:14 p.m.•14 views

CVE-2025-8769

CVE-2025-8769 affects MegaSys/Megasys’ Telenium Online Web Application. The vulnerability arises from a Perl script used to load the login page with improper input validation, allowing an attacker to inject arbitrary Perl code through a crafted HTTP request and achieve remote code execution on th...

9.8CVSS7.8AI score0.00981EPSS

Exploits0References3

EUVD•added 2025/12/24 12:30 a.m.•1 views

EUVD-2025-204979

10CVSS6.8AI score0.00159EPSS

Exploits1References7

Packet Storm•added 2025/12/24 12:0 a.m.•154 views

📄 Varnish / Styx HTTP Request Smuggling

Proof of concept exploit that demonstrates an HTTP request smuggling vulnerability between Varnish and Styx / Nginx. ============================================================================================================================================= | Title : HTTP Request Smuggling TE.CL...

7AI score

Exploits0

Positive Technologies•added 2025/12/24 12:0 a.m.•2 views

PT-2025-53325

Name of the Vulnerable Software and Affected Versions V-SOL GPON/EPON OLT Platform version 2.03 Description The software contains an information disclosure issue that allows unauthorized access to configuration files. Attackers can obtain sensitive configuration data by sending HTTP GET requests ...

8.7CVSS6.3AI score0.00079EPSS

Exploits1References5

CVE•added 2025/12/23 10:32 p.m.•9 views

CVE-2025-15048

CVE-2025-15048 affects Tenda WH450 (v1.0.0.18). The vulnerability is in the HTTP Request Handler’s /goform/CheckTools, where tampering with the ipaddress argument enables remote command injection. Exploitation has been publicly disclosed and PoC/materials exist in multiple references; impact is d...

9.8CVSS7.2AI score0.00112EPSS

Exploits1References6Affected Software1

ATTACKERKB•added 2025/12/23 10:32 p.m.•2 views

CVE-2025-15048

9.8CVSS5.4AI score0.00112EPSS

Exploits1References5Affected Software1

Cvelist•added 2025/12/23 10:32 p.m.•23 views

CVE-2025-15048 Tenda WH450 HTTP Request CheckTools command injection

7.5CVSS0.00112EPSS

Exploits1References6

OSV•added 2025/12/23 10:15 p.m.•4 views

CVE-2025-15047

A vulnerability was found in Tenda WH450 1.0.0.18. This affects an unknown function of the file /goform/PPTPDClient of the component HTTP Request Handler. Performing a manipulation of the argument Username results in stack-based buffer overflow. The attack can be initiated remotely. The exploit h...

9.3CVSS6.5AI score

Exploits0References6

OSV•added 2025/12/23 10:15 p.m.•2 views

CVE-2025-15046

9.3CVSS6.3AI score

Exploits0References6

NVD•added 2025/12/23 10:15 p.m.•1 views

CVE-2025-15047

10CVSS0.00525EPSS

Exploits1References6

NVD•added 2025/12/23 10:15 p.m.•4 views

CVE-2025-15046