Lucene search
K

1001 matches found

CVE
CVE
added 2026/06/10 2:35 p.m.46 views

CVE-2026-49759

CVE-2026-49759 affects Erlang OTP erts inet_drv SCTP error handling. The sctp_parse_error_chunk() writes cause codes into a fixed-size stack-allocated spec[] without bounds checks, allowing a remote attacker who has SCTP access to overflow the stack and crash the BEAM VM (DoS). A crafted SCTP ERR...

8.8CVSS5.6AI score0.00497EPSS
Exploits0References8Affected Software2
Debian CVE
Debian CVE
added 2026/06/10 2:35 p.m.7 views

CVE-2026-49759

Stack-based Buffer Overflow vulnerability in Erlang OTP erts inetdrv allows an unauthenticated remote attacker to crash the BEAM VM by sending a crafted SCTP ERROR chunk. The sctpparseerrorchunk function in erts/emulator/drivers/common/inetdrv.c parses SCTP ERROR chunks and writes cause codes int...

8.8CVSS5.6AI score0.00497EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2026/06/10 2:35 p.m.8 views

CVE-2026-49759 Stack buffer overflow in SCTP error cause parsing in inet_drv allows remote VM crash

Stack-based Buffer Overflow vulnerability in Erlang OTP erts inetdrv allows an unauthenticated remote attacker to crash the BEAM VM by sending a crafted SCTP ERROR chunk. The sctpparseerrorchunk function in erts/emulator/drivers/common/inetdrv.c parses SCTP ERROR chunks and writes cause codes int...

8.8CVSS5.6AI score0.00497EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.13 views

Erlang/OTP 安全漏洞

Erlang/OTP is an open-source JavaScript library for handling exceptions, developed by Erlang/OTP. This library can catch exceptions caused by the built-in APIs of node.js. There were security vulnerabilities in versions of Erlang/OTP erts prior to 15.2.7.9, as well as in versions 16.4.0.2 and...

8.8CVSS5.8AI score0.00497EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/10 12:0 a.m.11 views

Erlang/OTP 安全漏洞

Erlang/OTP is an open-source JavaScript library for handling exceptions. This library can catch exceptions caused by the built-in APIs of node.js. Erlang/OTP has security vulnerabilities in versions prior to 11.7.2, as well as versions 11.6.0.2 and 11.2.12.9. The vulnerability stems from the...

7.5CVSS5.3AI score0.00194EPSS
Exploits0References1
NVD
NVD
added 2026/06/08 12:16 p.m.21 views

CVE-2026-11505

A flaw has been found in GL.iNet A1300, AX1800, AXT1800, MT2500, MT3000, MT6000, X3000 and XE3000 4.8.x. This affects an unknown function of the component glnassys. Executing a manipulation can lead to use of hard-coded cryptographic key . The attack may be launched remotely. The attack requires ...

5CVSS0.00197EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/06/08 10:15 a.m.6 views

CVE-2026-11505

A flaw has been found in GL.iNet A1300, AX1800, AXT1800, MT2500, MT3000, MT6000, X3000 and XE3000 4.8.x. This affects an unknown function of the component glnassys. Executing a manipulation can lead to use of hard-coded cryptographic key . The attack may be launched remotely. The attack requires ...

5CVSS5.2AI score0.00197EPSS
Exploits0References7Affected Software8
CVE
CVE
added 2026/06/08 10:15 a.m.28 views

CVE-2026-11505

CVE-2026-11505 affects GL.iNet devices (A1300, AX1800, AXT1800, MT2500, MT3000, MT6000, X3000, XE3000) running 4.8.x, due to a flaw in the glnassys component. The issue involves use of a hard-coded cryptographic key introduced or exposed via a manipulation, enabling a remote attack with high comp...

5CVSS5.2AI score0.00197EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/08 10:15 a.m.14 views

EUVD-2026-35040

A flaw has been found in GL.iNet A1300, AX1800, AXT1800, MT2500, MT3000, MT6000, X3000 and XE3000 4.8.x. This affects an unknown function of the component glnassys. Executing a manipulation can lead to use of hard-coded cryptographic key . The attack may be launched remotely. The attack requires ...

5CVSS5.2AI score0.00197EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/06/08 8:58 a.m.12 views

CVE-2026-11452

A vulnerability has been found in GL.iNet GL-MT3000 up to 4.4.5. Affected is the function FUN0042e200 of the file /cgi-bin/glc of the component SETUSERPWD Handler. The manipulation of the argument Password leads to command injection. The attack can be initiated remotely. Upgrading to version 4.8....

7.5CVSS6.8AI score0.01681EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/06/08 2:58 a.m.13 views

CVE-2026-11448

A weakness has been identified in GL.iNet GL-MT3000 up to 4.4.5. The affected element is the function realpath of the file /rpc of the component Minidlna Service. This manipulation of the argument kube. set causes command injection. The attack is possible to be carried out remotely. Upgrading to...

5.8CVSS5.1AI score0.01582EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/08 2:58 a.m.14 views

CVE-2026-11447

A security flaw has been discovered in GL.iNet GL-MT3000 up to 4.4.5. Impacted is the function iwinfobackend of the file iwinfo.so of the component MTK Backend. The manipulation of the argument device results in command injection. The attack can be executed remotely. The exploit has been released...

6.5CVSS6.2AI score0.01073EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/08 2:58 a.m.11 views

CVE-2026-11406

A vulnerability was determined in GL.iNet MT3000 up to 4.4.5. This vulnerability affects unknown code of the file ovpnclient.sh of the component OpenVPN Client Import Workflow. This manipulation causes command injection. Remote exploitation of the attack is possible. The exploit has been publicly...

6.5CVSS6.2AI score0.0123EPSS
Exploits0References1
NVD
NVD
added 2026/06/07 4:16 a.m.19 views

CVE-2026-11451

A flaw has been found in GL.iNet GL-MT3000 4.4.5. This impacts the function snprintf of the file /cgi-bin/glc of the component FTP Protocol Handler. Executing a manipulation of the argument mediadir can lead to command injection. It is possible to launch the attack remotely. Upgrading to version...

7.5CVSS0.02027EPSS
Exploits1References5
NVD
NVD
added 2026/06/07 3:16 a.m.14 views

CVE-2026-11449

A security vulnerability has been detected in GL.iNet GL-MT3000 4.4.5. The impacted element is the function rpcsys of the file /cgi-bin/luci/rpc of the component LuCI JSON-RPC Interface. Such manipulation leads to command injection. The attack may be performed from remote. Upgrading to version...

6.5CVSS0.01102EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2026/06/07 3:15 a.m.11 views

CVE-2026-11452 GL.iNet GL-MT3000 SET_USER_PWD glc FUN_0042e200 command injection

A vulnerability has been found in GL.iNet GL-MT3000 up to 4.4.5. Affected is the function FUN0042e200 of the file /cgi-bin/glc of the component SETUSERPWD Handler. The manipulation of the argument Password leads to command injection. The attack can be initiated remotely. Upgrading to version 4.8....

7.5CVSS6.8AI score0.01681EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/06/07 3:15 a.m.10 views

CVE-2026-11452

A vulnerability has been found in GL.iNet GL-MT3000 up to 4.4.5. Affected is the function FUN0042e200 of the file /cgi-bin/glc of the component SETUSERPWD Handler. The manipulation of the argument Password leads to command injection. The attack can be initiated remotely. Upgrading to version 4.8....

7.5CVSS5.2AI score0.01681EPSS
Exploits1References6Affected Software1
EUVD
EUVD
added 2026/06/07 3:0 a.m.12 views

EUVD-2026-34982

A flaw has been found in GL.iNet GL-MT3000 4.4.5. This impacts the function snprintf of the file /cgi-bin/glc of the component FTP Protocol Handler. Executing a manipulation of the argument mediadir can lead to command injection. It is possible to launch the attack remotely. Upgrading to version...

7.5CVSS7.2AI score0.02027EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/06/07 3:0 a.m.8 views

CVE-2026-11451 GL.iNet GL-MT3000 FTP Protocol glc snprintf command injection

A flaw has been found in GL.iNet GL-MT3000 4.4.5. This impacts the function snprintf of the file /cgi-bin/glc of the component FTP Protocol Handler. Executing a manipulation of the argument mediadir can lead to command injection. It is possible to launch the attack remotely. Upgrading to version...

7.5CVSS7.1AI score0.02027EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/06/07 3:0 a.m.36 views

CVE-2026-11451 GL.iNet GL-MT3000 FTP Protocol glc snprintf command injection

A flaw has been found in GL.iNet GL-MT3000 4.4.5. This impacts the function snprintf of the file /cgi-bin/glc of the component FTP Protocol Handler. Executing a manipulation of the argument mediadir can lead to command injection. It is possible to launch the attack remotely. Upgrading to version...

7.5CVSS0.02027EPSS
Exploits1References5
Rows per page
Query Builder