CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1340 matches found

RedhatCVE•added 2026/01/13 10:52 p.m.•4 views

CVE-2026-22079

This vulnerability exists in Tenda wireless routers 300Mbps Wireless Router F3 and N300 Easy Setup Router due to the plaintext transmission of login credentials during the initial login or post-factory reset setup through the web-based administrative interface. An attacker on the same network cou...

8.7CVSS6.8AI score0.0002EPSS

Exploits0References1

The Hacker News•added 2026/01/13 9:8 a.m.•11 views

New Malware Campaign Delivers Remcos RAT Through Multi-Stage Windows Attack

Cybersecurity researchers have disclosed details of a new campaign dubbed SHADOWREACTOR that employs an evasive multi-stage attack chain to deliver a commercially available remote administration tool called Remcos RAT and establish persistent, covert remote access. "The infection chain follows a...

6.9AI score

Exploits0

NVD•added 2026/01/09 11:15 a.m.•4 views

CVE-2026-22079

8.7CVSS0.0002EPSS

Exploits0References1

CVE•added 2026/01/09 11:2 a.m.•26 views

CVE-2026-22079

The PT-2026-2147 entry specifies that Tenda 300Mbps Wireless Router F3 and Tenda N300 Easy Setup Router are affected by a flaw where login credentials are transmitted in plaintext during the initial login or after a factory reset via the web-based interface. An attacker on the same network could ...

8.7CVSS6.4AI score0.0002EPSS

Exploits0References1

Cvelist•added 2026/01/09 11:2 a.m.•24 views

CVE-2026-22079 Cleartext Transmission Vulnerability in Tenda Wireless Routers

8.7CVSS0.0002EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 9:14 a.m.•7 views

CVE-2022-23937

In Wind River VxWorks 6.9 and 7, a specific crafted packet may lead to an out-of-bounds read during an IKE initial exchange scenario...

7.5CVSS6.7AI score0.00184EPSS

Exploits0References1

CNNVD•added 2026/01/09 12:0 a.m.•3 views

Tenda N300和Tenda F3 安全漏洞

Tenda N300 and Tenda F3 are both products of Tenda, a China-based company.Tenda N300 is a router.Tenda F3 is a wireless router.Tenda N300 and Tenda F3 are both products of Tenda, a China-based company.Tenda N300 is a router.Tenda F3 is a wireless router. A security vulnerability exists in the Ten...

8.7CVSS7AI score0.0002EPSS

Exploits0References1

Positive Technologies•added 2026/01/09 12:0 a.m.•2 views

PT-2026-2147

Name of the Vulnerable Software and Affected Versions Tenda 300Mbps Wireless Router F3 Tenda N300 Easy Setup Router Description The routers transmit login credentials in plaintext during the initial login or after a factory reset through the web-based administrative interface. An attacker on the...

8.7CVSS6.5AI score0.0002EPSS

Exploits0References4

The Hacker News•added 2026/01/08 2:54 p.m.•4 views

China-Linked UAT-7290 Targets Telecoms with Linux Malware and ORB Nodes

A China-nexus threat actor known as UAT-7290 has been attributed to espionage-focused intrusions against entities in South Asia and Southeastern Europe. The activity cluster, which has been active since at least 2022, primarily focuses on extensive technical reconnaissance of target organizations...

7.7AI score

Exploits0

OSV•added 2026/01/05 12:0 a.m.•0 views

UBUNTU-CVE-2026-21444

libtpms, a library that provides software emulation of a Trusted Platform Module, has a flaw in versions 0.10.0 and 0.10.1. The commonly used integration of libtpms with OpenSSL 3.x contained a vulnerability related to the returned IV initialization vector when certain symmetric ciphers were used...

5.5CVSS5.8AI score0.00006EPSS

Exploits1References5

Tenable Nessus•added 2026/01/05 12:0 a.m.•2 views

Linux Distros Unpatched Vulnerability : CVE-2023-54167

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - m68k: mm: Move initrd phystovirt handling after paginginit When booting with an initial ramdisk on platforms where physical memory does not start at address zer...

5.3AI score0.0002EPSS

Exploits0References2

UbuntuCve•added 2026/01/02 7:15 p.m.•1 views

CVE-2026-21444

5.5CVSS5.9AI score0.00006EPSS

Exploits1References2

CVE•added 2026/01/02 7:5 p.m.•19 views

CVE-2026-21444

CVE-2026-21444 affects libtpms when integrated with OpenSSL 3.x, with vulnerable versions 0.10.0 and 0.10.1. The issue is that the library returns the initial IV instead of the last IV for certain symmetric ciphers, weakening confidentiality. Affected deployments using OpenSSL 3.x are at risk of ...

5.5CVSS6.5AI score0.00006EPSS

Exploits1References3Affected Software1

Cvelist•added 2026/01/02 7:5 p.m.•25 views

CVE-2026-21444 libtpms returns wrong initialization vector when certain symmetric ciphers are used

5.5CVSS0.00006EPSS

Exploits1References3

OSV•added 2026/01/02 7:5 p.m.•2 views

CVE-2026-21444 libtpms returns wrong initialization vector when certain symmetric ciphers are used

5.5CVSS6.5AI score0.00006EPSS

Exploits1References5

AlpineLinux•added 2026/01/02 7:5 p.m.•4 views

CVE-2026-21444

5.5CVSS6.9AI score0.00006EPSS

Exploits1References3

Positive Technologies•added 2026/01/01 12:0 a.m.•4 views

PT-2026-26050

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel addresses an issue where off-path TCP source port leakage could occur via a SYN cookie side-channel. The resolution involves reintroducing TCP ports into the timestamp...

5.5CVSS5.8AI score0.00017EPSS

Exploits0References41

SUSE CVE•added 2025/12/31 12:29 a.m.•1 views

SUSE CVE-2023-54167

In the Linux kernel, the following vulnerability has been resolved: m68k: mm: Move initrd phystovirt handling after paginginit When booting with an initial ramdisk on platforms where physical memory does not start at address zero e.g. on Amiga: initrd: 0ef0602c - 0f800000 Zone ranges: DMA mem...

6.2AI score0.0002EPSS

Exploits0References3