Lucene search
K

3768 matches found

Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.6 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013013)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013013 advisory. In the Linux kernel, the following vulnerability has been resolved: bpf: Fix metadatadst leak bpfredirectneighv4,6 Cilium has a BPF egress gateway feature which forc...

5.6AI score0.00202EPSS
Exploits1References4
EUVD
EUVD
added 2026/04/15 5:26 p.m.7 views

EUVD-2026-22991

Git for Windows is the Windows port of Git. Versions prior to 2.53.0.windows.3 do not have protections that prevent attackers from obtaining a user's NTLM hash. The NTLM hash can be obtained by tricking users into cloning a malicious repository, or checking out a malicious branch, that accesses a...

7.4CVSS5.8AI score0.00316EPSS
Exploits0References5
Cvelist
Cvelist
added 2026/04/10 12:45 a.m.35 views

CVE-2026-5995 Totolink A7100RU CGI cstecgi.cgi setMiniuiHomeInfoShow os command injection

A weakness has been identified in Totolink A7100RU 7.4cu.2313b20191024. Impacted is the function setMiniuiHomeInfoShow of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argument laninfo can lead to os command injection. The attack may be performed from...

10CVSS0.01823EPSS
Exploits0References5
CVE
CVE
added 2026/04/10 12:45 a.m.13 views

CVE-2026-5995

The CVE affects Totolink A7100RU (firmware 7.4cu.2313_b20191024). The vulnerable component is /cgi-bin/cstecgi.cgi, function setMiniuiHomeInfoShow, where manipulating the lan_info argument enables OS command injection. Impact is described as high for confidentiality, integrity, and availability, ...

10CVSS6.9AI score0.01823EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/04/10 12:45 a.m.3 views

CVE-2026-5995

A weakness has been identified in Totolink A7100RU 7.4cu.2313b20191024. Impacted is the function setMiniuiHomeInfoShow of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argument laninfo can lead to os command injection. The attack may be performed from...

10CVSS6.9AI score0.01823EPSS
Exploits0References5Affected Software1
Positive Technologies
Positive Technologies
added 2026/04/10 12:0 a.m.4 views

PT-2026-31835

Name of the Vulnerable Software and Affected Versions Totolink A7100RU version 7.4cu.2313 b20191024 Description A weakness exists in the Totolink A7100RU version 7.4cu.2313 b20191024. The setMiniuiHomeInfoShow function within the /cgi-bin/cstecgi.cgi file of the CGI Handler component is affected...

10CVSS7.2AI score0.01823EPSS
Exploits0References10
CNNVD
CNNVD
added 2026/04/10 12:0 a.m.6 views

TOTOLINK A7100RU 操作系统命令注入漏洞

The TOTOLINK A7100RU is a wireless router produced by TOTOLINK, a Chinese company. The Totolink A7100RU 7.4cu.2313b20191024 version contains an operating system command injection vulnerability. This vulnerability stems from the lack of proper validation in the handling of the laninfo parameter in...

10CVSS7.3AI score0.01823EPSS
Exploits0References5
NVD
NVD
added 2026/04/09 10:16 p.m.14 views

CVE-2026-33781

An Improper Check for Unusual or Exceptional Conditions vulnerability in the packet forwarding engine pfe of Juniper Networks Junos OS on specific EX and QFX Series devices allow an unauthenticated, adjacent attacker to cause a complete Denial of Service DoS. On EX4k, and QFX5k platforms configur...

7.1CVSS0.00165EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/09 9:35 p.m.3 views

CVE-2026-33781

An Improper Check for Unusual or Exceptional Conditions vulnerability in the packet forwarding engine pfe of Juniper Networks Junos OS on specific EX and QFX Series devices allow an unauthenticated, adjacent attacker to cause a complete Denial of Service DoS. On EX4k, and QFX5k platforms configur...

7.1CVSS6AI score0.00165EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/04/09 9:35 p.m.22 views

CVE-2026-33781

Junos OS on EX Series and QFX Series is affected by CVE-2026-33781. In VXLAN scenarios, when L2PT is enabled on the UNI and VSTP on the NNI, receiving VSTP BPDUs on UNI can trigger a memory leak in the packet forwarding engine (pfe) and packet buffer allocation failures, causing the device to sto...

7.1CVSS6AI score0.00165EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/09 6:30 a.m.1 views

CVE-2026-5853 Totolink A7100RU CGI cstecgi.cgi setIpv6LanCfg os command injection

A security vulnerability has been detected in Totolink A7100RU 7.4cu.2313b20191024. Affected by this vulnerability is the function setIpv6LanCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such manipulation of the argument addrPrefixLen leads to os command injection. The attack...

10CVSS6.9AI score0.14277EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/04/07 5:12 a.m.9 views

CVE-2026-5608

A vulnerability was detected in Belkin F9K1122 1.00.33. Affected is the function formWlanSetup of the file /goform/formWlanSetup. The manipulation of the argument webpage results in stack-based buffer overflow. The attack may be performed from remote. The exploit is now public and may be used. Th...

9CVSS7.7AI score0.00725EPSS
Exploits1References1
Fedora
Fedora
added 2026/04/04 1:3 a.m.11 views

[SECURITY] Fedora 42 Update: libgsasl-1.10.0-15.fc42

The library includes support for the SASL framework and at least partial support for the CRAM-MD5, EXTERNAL, GSSAPI, ANONYMOUS, PLAIN, SECURID, DIGEST-MD5, LOGIN, and NTLM mechanisms...

8.1CVSS7.1AI score0.01091EPSS
Exploits0
EUVD
EUVD
added 2026/04/04 12:31 a.m.4 views

EUVD-2015-9425

Hirschmann HiLCOS devices OpenBAT, WLC, BAT300, BAT54 prior to 8.80 and OpenBAT prior to 9.10 are shipped with identical default SSH and SSL keys that cannot be changed, allowing unauthenticated remote attackers to decrypt or intercept encrypted management communications. Attackers can perform...

8.8CVSS5.9AI score0.00291EPSS
Exploits0References3
CVE
CVE
added 2026/04/03 10:47 p.m.9 views

CVE-2017-20233

CVE-2017-20233 affects Hirschmann HiLCOS devices OpenBAT, BAT450, WLC, and BAT867. The issue is a firewall filtering vulnerability where IPv4 multicast and broadcast traffic are not correctly filtered when management IP address filtering is disabled, allowing bypass of configured firewall rules. ...

5.4CVSS5.8AI score0.00204EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/04/03 9:42 p.m.19 views

CVE-2015-10148 Hirschmann HiLCOS Hard-coded Credentials SSH SSL Keys

Hirschmann HiLCOS devices OpenBAT, WLC, BAT300, BAT54 prior to 8.80 and OpenBAT prior to 9.10 are shipped with identical default SSH and SSL keys that cannot be changed, allowing unauthenticated remote attackers to decrypt or intercept encrypted management communications. Attackers can perform...

8.8CVSS0.00291EPSS
Exploits0References2
OSV
OSV
added 2026/04/03 4:16 p.m.13 views

UBUNTU-CVE-2026-31394

In the Linux kernel, the following vulnerability has been resolved: mac80211: fix crash in ieee80211chanbwchange for APVLAN stations ieee80211chanbwchange iterates all stations and accesses link-reserved.oper via sta-sdata-linklinkid. For stations on APVLAN interfaces e.g. 4addr WDS clients,...

5.5CVSS5.7AI score0.00114EPSS
Exploits0References7
OSV
OSV
added 2026/04/03 3:15 p.m.1 views

CVE-2026-31394 mac80211: fix crash in ieee80211_chan_bw_change for AP_VLAN stations

In the Linux kernel, the following vulnerability has been resolved: mac80211: fix crash in ieee80211chanbwchange for APVLAN stations ieee80211chanbwchange iterates all stations and accesses link-reserved.oper via sta-sdata-linklinkid. For stations on APVLAN interfaces e.g. 4addr WDS clients,...

5.5CVSS5.8AI score0.00114EPSS
Exploits0References7
EUVD
EUVD
added 2026/04/02 3:31 p.m.6 views

EUVD-2026-18340

A security vulnerability has been detected in Tenda G103 1.0.0.5. The affected element is the function actionsetsystemsettings of the file system.lua of the component Setting Handler. Such manipulation of the argument lanIp leads to command injection. The attack may be performed from remote. The...

5.8CVSS5.6AI score0.04353EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2026/03/31 3:0 a.m.1 views

CVE-2026-5178 Totolink A3300R cstecgi.cgi setIptvCfg command injection

A security vulnerability has been detected in Totolink A3300R 17.0.0cu.557b20221024. Affected by this issue is the function setIptvCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument vlanPriLan3 leads to command injection. Remote exploitation of the attack is possible. The...

6.5CVSS6.3AI score0.03664EPSS
Exploits1References5
Rows per page
Query Builder