Lucene search
K

680 matches found

CNNVD
CNNVD
added 2026/02/05 12:0 a.m.9 views

Edimax EW-7438RPn-v3 Mini 操作系统命令注入漏洞

The Edimax EW-7438RPn-v3 Mini is a mini wireless signal extender produced by Edimax of Taiwan, China. Version 1.27 of the Edimax EW-7438RPn-v3 Mini has a vulnerability related to operating system command injection. This vulnerability stems from remote command execution at the /goform/mp endpoint,...

9.8CVSS6.1AI score0.06301EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/02/05 12:0 a.m.10 views

PT-2026-6569

Edimax EW-7438RPn-v3 Mini 1.27 contains a remote code execution vulnerability that allows unauthenticated attackers to execute arbitrary commands through the /goform/mp endpoint. Attackers can exploit the vulnerability by sending crafted POST requests with command injection payloads to download a...

9.8CVSS6.9AI score0.06301EPSS
Exploits1References4
OSV
OSV
added 2026/01/31 2:18 p.m.3 views

MINI-MP8G-WVGM-787X

Bulletin has no description...

7CVSS5.8AI score0.00335EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/01/27 9:30 a.m.7 views

com.foxinmy:easemob4j (>=1.1.0 <=1.1.3), com.foxinmy:umeng4j (>=1.1.0 <=1.1.3) +13 more potentially affected by CVE-2026-24819 via com.foxinmy:weixin4j-base (>=1.0 <=1.9.1)

com.foxinmy:weixin4j-base MAVEN version =1.0, =1.1.0, =1.1.0, =1.9.0, =1.4, =1.0, =1.9.0, =1.4, =1.0, =1.8.0, =1.0.9-RELEASE, =0.0.2, =0.0.3 - org.oxerr:spring-security-wechat-samples-helloworld =0.0.1 Source cves: CVE-2026-24819 Source advisory: SNYK:JAVA-COMFOXINMY-15128702...

6.3CVSS5.8AI score0.00432EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.6 views

Azure Linux 3.0 Security Update: kernel (CVE-2025-23141)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-23141 advisory. - In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Acquire SRCU in KVMGETMPSTATE ...

5.5CVSS6.6AI score0.00168EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/01/13 10:51 p.m.22 views

CVE-2022-50808 CoolerMaster MasterPlus 1.8.5 - 'MPService' Unquoted Service Path

CoolerMaster MasterPlus 1.8.5 contains an unquoted service path vulnerability in the MPService that allows local attackers to execute code with elevated system privileges. Attackers can drop a malicious executable in the service path and trigger code execution during service startup or system...

8.5CVSS0.00132EPSS
Exploits0References3
AstraLinux
AstraLinux
added 2026/01/13 2:1 p.m.5 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: mailbox: zynqmp-ipi: Fixed an issue of out-of-bounds access during the mailbox cleanup loop. The cleanup loop was initially running at the wrong array index, leading to out-of-bounds access. The loop now starts at the correct ind...

5.6AI score0.00176EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/01/09 11:20 a.m.8 views

CVE-2021-22742

Improper Check for Unusual or Exceptional Conditions vulnerability exists in Triconex Model 3009 MP installed on Tricon V11.3.x systems that could cause module reset when TCM receives malformed TriStation packets while the write-protect keyswitch is in the program position...

3.9CVSS6.4AI score0.00246EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:17 a.m.7 views

CVE-2019-18203

On the RICOH MP 501 printer, HTML Injection and Stored XSS vulnerabilities have been discovered in the area of adding addresses via the entryNameIn and KeyDisplay parameter to /web/entry/en/address/adrsSetUserWizard.cgi...

6.1CVSS6.5AI score0.00797EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:58 a.m.8 views

CVE-2020-7591

A vulnerability has been identified in SIPORT MP All versions 3.2.1. Vulnerable versions of the device could allow an authenticated attacker to impersonate other users of the system and perform potentially administrative actions on behalf of those users if the single sign-on feature "Allow logon...

8.8CVSS6.6AI score0.01461EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/01 10:28 p.m.14 views

CVE-2023-7332

PocketMine-MP versions prior to 4.18.1 contain an improper input validation vulnerability in inventory transaction handling. A remote attacker with a valid player session can request that the server drop more items than are available in the player's hotbar, triggering a server crash and resulting...

7.1CVSS6.7AI score0.0036EPSS
Exploits0References1
NVD
NVD
added 2025/12/31 10:15 p.m.34 views

CVE-2023-7332

PocketMine-MP versions prior to 4.18.1 contain an improper input validation vulnerability in inventory transaction handling. A remote attacker with a valid player session can request that the server drop more items than are available in the player's hotbar, triggering a server crash and resulting...

7.1CVSS0.0036EPSS
Exploits0References4
OSV
OSV
added 2025/12/31 10:15 p.m.8 views

CVE-2023-7332

PocketMine-MP versions prior to 4.18.1 contain an improper input validation vulnerability in inventory transaction handling. A remote attacker with a valid player session can request that the server drop more items than are available in the player's hotbar, triggering a server crash and resulting...

7.1CVSS6.7AI score
Exploits0References4
Vulnrichment
Vulnrichment
added 2025/12/31 9:37 p.m.2 views

CVE-2023-7332 PocketMine-MP < 4.18.1 Improper Validation of Dropped Item Count Allows Remote Server Crash

PocketMine-MP versions prior to 4.18.1 contain an improper input validation vulnerability in inventory transaction handling. A remote attacker with a valid player session can request that the server drop more items than are available in the player's hotbar, triggering a server crash and resulting...

7.1CVSS6.5AI score0.0036EPSS
Exploits0References4
EUVD
EUVD
added 2025/12/31 9:37 p.m.10 views

EUVD-2023-1817

PocketMine-MP versions prior to 4.18.1 contain an improper input validation vulnerability in inventory transaction handling. A remote attacker with a valid player session can request that the server drop more items than are available in the player's hotbar, triggering a server crash and resulting...

7.1CVSS6.3AI score0.0036EPSS
Exploits0References6
CVE
CVE
added 2025/12/31 9:37 p.m.38 views

CVE-2023-7332

PocketMine-MP (server software for Minecraft: Bedrock) is affected in versions prior to 4.18.1 by an improper input validation flaw in inventory transaction handling. The root cause is inadequate validation in the handling of dropped items during an inventory transaction, which allows a remote at...

7.1CVSS6.5AI score0.0036EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/12/31 9:37 p.m.47 views

CVE-2023-7332 PocketMine-MP < 4.18.1 Improper Validation of Dropped Item Count Allows Remote Server Crash

PocketMine-MP versions prior to 4.18.1 contain an improper input validation vulnerability in inventory transaction handling. A remote attacker with a valid player session can request that the server drop more items than are available in the player's hotbar, triggering a server crash and resulting...

7.1CVSS0.0036EPSS
Exploits0References4
CNNVD
CNNVD
added 2025/12/31 12:0 a.m.49 views

PocketMine-MP 安全漏洞

PocketMine-MP is a game server software from PMMP Open Source. A security vulnerability exists in PocketMine-MP versions prior to 4.18.1, which stems from improper input validation in inventory transaction processing, and could lead to a remote attacker triggering a server crash and resulting in ...

7.1CVSS5.8AI score0.0036EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/12/31 12:0 a.m.16 views

PT-2025-54457

Name of the Vulnerable Software and Affected Versions PocketMine-MP versions prior to 4.18.1 Description PocketMine-MP versions prior to 4.18.1 have an issue with how input is checked when handling inventory transactions. A remote attacker who has a valid player session can ask the server to drop...

7.1CVSS6.7AI score0.0036EPSS
Exploits0References9
Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/12/24 2:10 a.m.5 views

Media Player MP-01 vulnerable to Missing Authentication for Critical Function

Overview NEC branded Media Player MP-01 manufactured by Sharp Display Solutions, Ltd. contains the following vulnerability. Missing Authentication for Critical Function CWE-306 - CVE-2025-12049 Souvik Kandar of MicroSec microsec.io discovered and reported the vulnerability to the developer and...

9.8CVSS6.7AI score0.00286EPSS
Exploits0References4
Rows per page
Query Builder