268 matches found
CVE-2026-12577
CVE-2026-12577 affects DVP80ES3 and is due to an improperly implemented security check for a standard vulnerability. The NVD entry lists a CVSS v4.0 base score of 8.7 (HIGH): network attack vector, low attack complexity, no user interaction required. Impacts: availability HIGH, confidentiality/in...
Trendnet AC2600 TEW-827DRU - Credentials Disclosure
Trendnet AC2600 TEW-827DRU version 2.08B01 improperly discloses information via redirection from the setup wizard. A user may view information as Admin by manually browsing to the setup wizard and forcing it to redirect to the desired page. id: CVE-2021-20150 info: name: Trendnet AC2600 TEW-827DR...
CVE-2026-24091
Memory corruption while processing fastboot commands with improperly formatted input...
CVE-2026-24091
Memory corruption while processing fastboot commands with improperly formatted input...
CVE-2026-24091
Technical details about CVE-2026-24091 are not publicly available in the provided documents. Monitor for updates and new connected documents for affected products, versions, and fixes.
CVE-2026-24091
Memory corruption while processing fastboot commands with improperly formatted input...
PT-2026-45646
Memory corruption while processing fastboot commands with improperly formatted input...
CVE-2026-6366
Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Drupal Drupal core allows Object Injection. This issue affects Drupal core: from 8.0.0 before 10.5.9, from 10.6.0 before 10.6.7, from 11.0.0 before 11.2.11, from 11.3.0 before 11.3.7...
CVE-2026-6366
CVE-2026-6366 — Drupal core insecure gadget chain leading to object injection Affects Drupal core: 8.0.0–10.5.8, 10.6.0–10.6.6, 11.0.0–11.2.10, 11.3.0–11.3.7. The issue is an improperly controlled modification of dynamically-determined object attributes that enables a gadget chain when deserializ...
CVE-2026-39682
Missing Authorization vulnerability in Arjan Pronk linkPizza-Manager linkpizza-manager allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects linkPizza-Manager: from n/a through = 5.5.5...
CVE-2026-21382
Memory Corruption when handling power management requests with improperly sized input/output buffers...
PT-2026-30650
Memory Corruption when handling power management requests with improperly sized input/output buffers...
CVE-2026-25309
Missing Authorization vulnerability in PublishPress PublishPress Authors publishpress-authors allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects PublishPress Authors: from n/a through = 4.10.1...
weixin4j has Improperly Controlled Sequential Memory Allocation
Improperly Controlled Sequential Memory Allocation vulnerability in foxinmy weixin4j weixin4j-base/src/main/java/com/foxinmy/weixin4j/util modules. This vulnerability is associated with program files CharArrayBuffer.Java, ClassUtil.Java. This issue affects all versions of weixin4j. A path is...
WordPress plugin: Final User security vulnerabilities
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...
SAMSUNG Mobile devices 安全漏洞
SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, and more, from the South Korean company Samsung SAMSUNG. A security vulnerability exists in SAMSUNG Mobile devices SMR Jan-2026 Release 1 prior to Release 1, which stems from an improperly exported Andro...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an improperly updated fence that could lead to the use of resources after they have been released...
CVE-2025-64898 ColdFusion | Insufficiently Protected Credentials (CWE-522)
ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are affected by an Insufficiently Protected Credentials vulnerability that could result in limited unauthorized write access. An attacker could leverage this vulnerability to gain unauthorized access by exploiting improperly stored or...
SAMSUNG Mobile devices 安全漏洞
SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc., from the South Korean company Samsung SAMSUNG. A security vulnerability exists in Samsung Mobile Devices that stems from improperly exported Android application components, which could lead to file...
Kiteworks Mft 安全漏洞
Kiteworks Mft is a software for securely managing internal and external data transfers from Kiteworks USA. A security vulnerability exists in Kiteworks Mft versions prior to 9.1.0 that stems from improperly defined roles and permissions, which could lead to elevated privileges...