61539 matches found
CVE-2026-4595
creationtimestamp| type| source ---|---|--- 2026-03-23 21:04:08+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhqxk3yyb22i...
CVE-2025-15606
A Denial-of-Service DoS vulnerability in the httpd component of TP-Link's TD-W8961N v4.0 due to improper input sanitization, allows crafted requests to trigger a processing error that causes the httpd service to crash. Successful exploitation may allow the attacker to cause service interruption,...
CVE-2026-33517
creationtimestamp| type| source ---|---|--- 2026-03-23 19:16:27+00:00| seen| https://www.incibe.es/incibe-cert/alerta-temprana/vulnerabilidades/cve-2026-33517 2026-03-23 22:39:22+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mhr4ufbdb72g...
CVE-2026-33716
WWBN AVideo is an open source video platform. In versions up to and including 26.0, the standalone live stream control endpoint at plugin/Live/standAloneFiles/control.json.php accepts a user-supplied streamerURL parameter that overrides where the server sends token verification requests. An...
CVE-2025-15606 Denial of Service (DoS) in HTTPD Input Handling on TP-Link TD-W8961N
A Denial-of-Service DoS vulnerability in the httpd component of TP-Link's TD-W8961N v4.0 due to improper input sanitization, allows crafted requests to trigger a processing error that causes the httpd service to crash. Successful exploitation may allow the attacker to cause service interruption,...
CVE-2025-15606 Denial of Service (DoS) in HTTPD Input Handling on TP-Link TD-W8961N
A Denial-of-Service DoS vulnerability in the httpd component of TP-Link's TD-W8961N v4.0 due to improper input sanitization, allows crafted requests to trigger a processing error that causes the httpd service to crash. Successful exploitation may allow the attacker to cause service interruption,...
CVE-2025-15606
The CVE-2025-15606 entry describes a DoS in the httpd component of TP-Link TD-W8961N v4.0 caused by improper input sanitization. Crafted requests can trigger a processing error that crashes the httpd service, leading to service interruption (availability impact). No remediation details are provid...
CVE-2025-15606
A Denial-of-Service DoS vulnerability in the httpd component of TP-Link's TD-W8961N v4.0 due to improper input sanitization, allows crafted requests to trigger a processing error that causes the httpd service to crash. Successful exploitation may allow the attacker to cause service interruption,...
WordPress MinhNhut Link Gateway plugin <= 3.6.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via Shortcode Attributes vulnerability discovered by san6051 - PWC in WordPress Plugin MinhNhut Link Gateway versions = 3.6.1...
EUVD-2025-208939
Improper input handling in a wireless-control administrative CLI command on TP-Link Archer NX200, NX210, NX500 and NX600 allows crafted input to be executed as part of an operating system command. An authenticated attacker with administrative privileges may execute arbitrary commands on the...
EUVD-2025-208937
A missing authentication check in the HTTP server on TP-Link Archer NX200, NX210, NX500 and NX600 to certain cgi endpoints allows unauthenticated access intended for authenticated users. An attacker may perform privileged HTTP actions without authentication, including firmware upload and...
EUVD-2025-208943
A hardcoded cryptographic key within the configuration mechanism on TP-Link Archer NX200, NX210, NX500 and NX600 enables decryption and re-encryption of device configuration data. An authenticated attacker may decrypt configuration files, modify them, and re-encrypt them, affecting the...
CVE-2025-15519
Improper input handling in a modem-management administrative CLI command on TP-Link Archer NX200, NX210, NX500 and NX600 allows crafted input to be executed as part of an operating system command. An authenticated attacker with administrative privileges may execute arbitrary commands on the...
CVE-2025-15605 Hardcoded Cryptographic Key in Configuration Encryption Mechanism on TP-Link Archer NX200, NX210, NX500 and NX600
A hardcoded cryptographic key within the configuration mechanism on TP-Link Archer NX200, NX210, NX500 and NX600 enables decryption and re-encryption of device configuration data. An authenticated attacker may decrypt configuration files, modify them, and re-encrypt them, affecting the...
CVE-2025-15605
This CVE affects TP-Link Archer NX200, NX210, NX500, and NX600 models. The root cause is a hardcoded cryptographic key in the configuration encryption mechanism, enabling an attacker (authenticated, adjacent access) to decrypt, modify, and re-encrypt device configuration data, compromising confid...
CVE-2025-15519 Command Injection in Modem Management CLI on TP-Link Archer NX200, NX210, NX500 and NX600
Improper input handling in a modem-management administrative CLI command on TP-Link Archer NX200, NX210, NX500 and NX600 allows crafted input to be executed as part of an operating system command. An authenticated attacker with administrative privileges may execute arbitrary commands on the...
CVE-2025-15519
The CVE-2025-15519 affects TP-Link Archer NX200/NX210/NX500/NX600 devices, where an improper input handling in the modem-management CLI allows authenticated administrators to inject commands that are executed by the OS. This can impact confidentiality, integrity, and availability as described. No...
CVE-2025-15519 Command Injection in Modem Management CLI on TP-Link Archer NX200, NX210, NX500 and NX600
Improper input handling in a modem-management administrative CLI command on TP-Link Archer NX200, NX210, NX500 and NX600 allows crafted input to be executed as part of an operating system command. An authenticated attacker with administrative privileges may execute arbitrary commands on the...
CVE-2025-15519
Improper input handling in a modem-management administrative CLI command on TP-Link Archer NX200, NX210, NX500 and NX600 allows crafted input to be executed as part of an operating system command. An authenticated attacker with administrative privileges may execute arbitrary commands on the...
CVE-2025-15518 Command Injection in Wireless Control CLI on TP-Link Archer NX200, NX210, NX500 and NX600
Improper input handling in a wireless-control administrative CLI command on TP-Link Archer NX200, NX210, NX500 and NX600 allows crafted input to be executed as part of an operating system command. An authenticated attacker with administrative privileges may execute arbitrary commands on the...