6334 matches found
MAL-2026-664 Malicious code in transform-es2015-modules-amd (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8f874dbbcc1f45c4afb0b3b6eba5bab0a03a8f0f2749b4ad737ce8562bbd1f3b The package transform-es2015-modules-amd was found to contain malicious code. Source: ghsa-malware...
PT-2026-5924
Name of the Vulnerable Software and Affected Versions TP-Link Archer AX53 versions 1.0 through 1.3.1 Build 20241120 Description A heap-based buffer overflow exists in the tmpserver modules of TP-Link Archer AX53. This flaw allows authenticated attackers in an adjacent network to trigger a...
CVE-2026-22222
An OS Command Injection vulnerability in TP-Link Archer BE230 v1.2web modules allows adjacent authenticated attacker to execute arbitrary code. Successful exploitation could allow an attacker to gain full administrative control of the device, resulting in severe compromise of configuration...
CVE-2026-22223 Command Injection Vulnerability on TP-Link Archer BE230 v1.2
An OS Command Injection vulnerability in TP-Link Archer BE230 v1.2vpn modules allows adjacent authenticated attacker execute arbitrary code. Successful exploitation could allow an attacker to gain full administrative control of the device, resulting in severe compromise of configuration integrity...
CVE-2026-22223 Command Injection Vulnerability on TP-Link Archer BE230 v1.2
An OS Command Injection vulnerability in TP-Link Archer BE230 v1.2vpn modules allows adjacent authenticated attacker execute arbitrary code. Successful exploitation could allow an attacker to gain full administrative control of the device, resulting in severe compromise of configuration integrity...
CVE-2026-22222
CVE-2026-22222 is an OS Command Injection in TP-Link Archer BE230 v1.2 (web modules). The issue allows an adjacent authenticated attacker to execute arbitrary code and potentially gain full administrative control on Archer BE230 v1.2, impacting configuration integrity, network security, and servi...
CVE-2026-22222 Command Injection Vulnerability on TP-Link Archer BE230 v1.2
An OS Command Injection vulnerability in TP-Link Archer BE230 v1.2web modules allows adjacent authenticated attacker to execute arbitrary code. Successful exploitation could allow an attacker to gain full administrative control of the device, resulting in severe compromise of configuration...
EUVD-2026-5097
An OS Command Injection vulnerability in TP-Link Archer BE230 v1.2web modules allows adjacent authenticated attacker to execute arbitrary code. Successful exploitation could allow an attacker to gain full administrative control of the device, resulting in severe compromise of configuration...
CVE-2026-0631
An OS Command Injection vulnerability in TP-Link Archer BE230 v1.2vpn modules allows an adjacent authenticated attacker to execute arbitrary code. Successful exploitation could allow an attacker to gain full administrative control of the device, resulting in severe compromise of configuration...
EUVD-2026-5098
An OS Command Injection vulnerability in TP-Link Archer BE230 v1.2vpn modules allows an adjacent authenticated attacker to execute arbitrary code. Successful exploitation could allow an attacker to gain full administrative control of the device, resulting in severe compromise of configuration...
CVE-2026-0631 Command Injection Vulnerability on TP-Link Archer BE230 v1.2
An OS Command Injection vulnerability in TP-Link Archer BE230 v1.2vpn modules allows an adjacent authenticated attacker to execute arbitrary code. Successful exploitation could allow an attacker to gain full administrative control of the device, resulting in severe compromise of configuration...
CVE-2026-0630 Command Injection Vulnerability on TP-Link Archer BE230 v1.2 and AXE75 v1.0
An OS Command Injection vulnerability in TP-Link Archer BE230 v1.2web modules and Archer AXE75 v1.0 allows adjacent authenticated attacker to execute arbitrary code. Successful exploitation could allow an attacker to gain full administrative control of the device, resulting in severe compromise o...
CVE-2026-0630
CVE-2026-0630 is a reported OS Command Injection vulnerability in TP-Link Archer BE230 v1.2 web modules, affecting versions older than 1.2.4 Build 20251218 rel.70420. The issue permits an adjacent authenticated attacker to execute arbitrary code, potentially gaining full administrative control ov...
EUVD-2026-5099
An OS Command Injection vulnerability in TP-Link Archer BE230 v1.2web modules allows adjacent authenticated attacker to execute arbitrary code. Successful exploitation could allow an attacker to gain full administrative control of the device, resulting in severe compromise of configuration...
CVE-2026-0630 Command Injection Vulnerability on TP-Link Archer BE230 v1.2 and AXE75 v1.0
An OS Command Injection vulnerability in TP-Link Archer BE230 v1.2web modules and Archer AXE75 v1.0 allows adjacent authenticated attacker to execute arbitrary code. Successful exploitation could allow an attacker to gain full administrative control of the device, resulting in severe compromise o...
CVE-2026-22221 Command Injection Vulnerability on TP-Link Archer BE230 v1.2
An OS Command Injection vulnerability in TP-Link Archer BE230 v1.2vpn modules allows adjacent authenticated attacker execute arbitrary code. Successful exploitation could allow an attacker to gain full administrative control of the device, resulting in severe compromise of configuration integrity...
PT-2026-5687
An OS Command Injection vulnerability in TP-Link Archer BE230 v1.2vpn modules allows adjacent authenticated attacker execute arbitrary code. Successful exploitation could allow an attacker to gain full administrative control of the device, resulting in severe compromise of configuration integrity...
PT-2026-5684
An OS Command Injection vulnerability in TP-Link Archer BE230 v1.2vpn modules allows an adjacent authenticated attacker to execute arbitrary code. Successful exploitation could allow an attacker to gain full administrative control of the device, resulting in severe compromise of configuration...
PT-2026-5686
An OS Command Injection vulnerability in TP-Link Archer BE230 v1.2web modules allows adjacent authenticated attacker to execute arbitrary code. Successful exploitation could allow an attacker to gain full administrative control of the device, resulting in severe compromise of configuration...
CVE-2022-50940 Knap Advanced PHP Login 3.1.3 Persistent Cross-Site Scripting via Name Parameter
Knap Advanced PHP Login 3.1.3 contains a persistent cross-site scripting vulnerability that allows remote attackers to inject malicious script code in the name parameter. Attackers can exploit the vulnerability to execute arbitrary scripts in users and activity log backend modules, potentially...