Lucene search
K

103221 matches found

SUSE CVE
SUSE CVE
added 2026/03/16 5:32 p.m.2 views

SUSE CVE-2026-23941

Inconsistent Interpretation of HTTP Requests 'HTTP Request Smuggling' vulnerability in Erlang OTP inets httpd module allows HTTP Request Smuggling. This vulnerability is associated with program files lib/inets/src/httpserver/httpdrequest.erl and program routines httpdrequest:parseheaders/7. The...

4.8CVSS5.8AI score0.00528EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/03/16 5:32 p.m.2 views

CVE-2026-4254

A weakness has been identified in Tenda AC8 up to 16.03.50.11. This vulnerability affects the function doSystemCmd of the file /goform/SysToolChangePwd of the component HTTP Endpoint. This manipulation of the argument local2c causes stack-based buffer overflow. The attack can be initiated remotel...

10CVSS8AI score0.00887EPSS
Exploits1References5Affected Software1
EUVD
EUVD
added 2026/03/16 3:30 p.m.6 views

EUVD-2026-12214

A weakness has been identified in Topsec TopACM 3.0. Affected by this vulnerability is an unknown functionality of the file /view/systemConfig/management/nmcsync.php of the component HTTP Request Handler. Executing a manipulation of the argument templatepath can lead to os command injection. The...

10CVSS7.1AI score0.0207EPSS
Exploits0References5
NVD
NVD
added 2026/03/16 2:19 p.m.4 views

CVE-2026-2491

Socomec DIRIS A-40 HTTP API Authentication Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Socomec DIRIS A-40 power monitoring devices. Authentication is not required to exploit this vulnerability. The specific flaw...

6.3CVSS0.00388EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/16 1:14 p.m.3 views

CVE-2025-10685 HTTP POST with specific higher content length leads into heap corruption

Heap-based buffer overflow vulnerability in Softing Industrial Automation GmbH smartLink SW-PN and smartLink SW-HT Webserver modules allows overflow buffers.This issue affects: smartLink SW-PN: through 1.03 smartLink SW-HT: through 1.42...

9.2CVSS6AI score0.00493EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/03/16 9:26 a.m.28 views

CVE-2025-11500 Credentials exposure in tinycontrol devices

Tinycontrol devices such as tcPDU and LAN Controllers LK3.5, LK3.9 and LK4 have two separate authentication mechanisms - one solely for interface management and one for protecting all other server resources. When the latter is turned off which is a default setting, an unauthenticated attacker on...

8.7CVSS0.00275EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2026/03/16 12:0 a.m.3 views

Huawei EulerOS: Security Advisory for libsoup (EulerOS-SA-2026-1402)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.6CVSS5.8AI score0.00557EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2026/03/16 12:0 a.m.7 views

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2026-1430)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS5.8AI score0.015EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/03/16 12:0 a.m.4 views

PT-2026-26462

Name of the Vulnerable Software and Affected Versions Kargo versions 1.4.0 through 1.6.3 Kargo versions 1.7.0-rc.1 through 1.7.8 Kargo versions 1.8.0-rc.1 through 1.8.11 Kargo versions 1.9.0-rc.1 through 1.9.4 Description Kargo's built-in http and http-download promotion steps allow Server-Side...

5.1CVSS5.9AI score0.00328EPSS
Exploits0References7
CNNVD
CNNVD
added 2026/03/16 12:0 a.m.6 views

CPython 安全漏洞

CPython is a Python interpreter implemented in C language by the Python Foundation. CPython has a security vulnerability, which stems from the incomplete repair of control characters in the http.cookies.Morsel module. This vulnerability may allow control characters to bypass input validation...

6CVSS5.8AI score0.00419EPSS
Exploits0References7
OpenVAS
OpenVAS
added 2026/03/16 12:0 a.m.4 views

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2026-1487)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.1CVSS5.8AI score0.015EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2026/03/16 12:0 a.m.5 views

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2026-1536)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.3CVSS5.8AI score0.015EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/03/16 12:0 a.m.5 views

EulerOS 2.0 SP10 : python3 (EulerOS-SA-2026-1319)

According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : The 'zipfile' module would not check the validity of the ZIP64 End of Central Directory EOCD Locator record offset value would not be used to...

7.5CVSS6.7AI score0.01525EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/03/16 12:0 a.m.9 views

EulerOS 2.0 SP12 : python3 (EulerOS-SA-2026-1407)

According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : When building nested elements using xml.dom.minidom methods such as appendChild that have a dependency on clearidcache the algorithm is quadratic...

7.5CVSS7.3AI score0.01525EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/03/16 12:0 a.m.6 views

EulerOS Virtualization 2.10.1 : python3 (EulerOS-SA-2026-1542)

According to the versions of the python3 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : The 'zipfile' module would not check the validity of the ZIP64 End of Central Directory EOCD Locator record offset value would not...

7.5CVSS6.7AI score0.01525EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/03/16 12:0 a.m.4 views

EulerOS 2.0 SP12 : python3 (EulerOS-SA-2026-1376)

According to the versions of the python3 packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : When building nested elements using xml.dom.minidom methods such as appendChild that have a dependency on clearidcache the algorithm is quadratic...

7.5CVSS6.9AI score0.01525EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/03/16 12:0 a.m.6 views

EulerOS Virtualization 2.10.0 : python3 (EulerOS-SA-2026-1562)

According to the versions of the python3 packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : The 'zipfile' module would not check the validity of the ZIP64 End of Central Directory EOCD Locator record offset value would not...

7.5CVSS6.7AI score0.01525EPSS
Exploits0References5
CVE
CVE
added 2026/03/15 8:32 a.m.11 views

CVE-2026-4172

The CVE describes a stack-based overflow in TRENDnet TEW-632BRP (1.010B32) within the HTTP POST Request Handler, specifically the /ping_response.cgi file. The issue stems from manipulating the ping_ipaddr argument in this handler, enabling a remote exploit. Public exploitation exists according to...

8.6CVSS7.8AI score0.00612EPSS
Exploits0References4
OSV
OSV
added 2026/03/15 5:55 a.m.3 views

OESA-2026-1593 httpd security update

Apache HTTP Server is a powerful and flexible HTTP/1.1 compliant web server. Security Fixes: An integer overflow vulnerability was found in Apache HTTP Server versions 2.4.30 to 2.4.66. In case of failed ACME certificate renewal, after a number of failures 30 days in default configurations, the...

8.3CVSS7.1AI score0.015EPSS
Exploits0References5
OSV
OSV
added 2026/03/15 5:53 a.m.5 views

OESA-2026-1550 wireshark security update

Wireshark allows you to examine protocol data stored in files or as it is captured from wired or wireless WiFi or Bluetooth networks, USB devices, and many other sources. It supports dozens of protocol capture file formats and understands more than a thousand protocols. Security Fixes: Wireshark ...

7.5CVSS6.1AI score0.00206EPSS
Exploits6References7
Rows per page
Query Builder