Lucene search
K

237 matches found

CVE
CVE
added 3 days ago14 views

CVE-2026-15480

The CVE-2026-15480 refers to Trendnet TEW-635BRM (firmware up to 1.00.03) where the Web Service’s /sbin/rc start_httpd function mishandles the device_name argument, causing a stack-based buffer overflow. This can be triggered remotely; public exploits are cited. Several sources note the vendor’s ...

9CVSS7.4AI score0.00463EPSS
Exploits0References5
EUVD
EUVD
added last week5 views

EUVD-2026-42225

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in Webbeyaz Web Design Mediküm Web allows Stored XSS. This issue affects Mediküm Web: through 08072026. NOTE: The vendor was contacted and it was learned that the product is not supported...

5.4CVSS5.9AI score0.00133EPSS
Exploits0References1
Cvelist
Cvelist
added last week36 views

CVE-2026-8315 Stored XSS in Webbeyaz's Mediküm Web

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in Webbeyaz Web Design Mediküm Web allows Stored XSS. This issue affects Mediküm Web: through 08072026. NOTE: The vendor was contacted and it was learned that the product is not supported...

5.4CVSS0.00133EPSS
Exploits0References1
CVE
CVE
added last week11 views

CVE-2026-8310

Mediküm Web (Webbeyaz Web Design) is affected by CVE-2026-8310, a Reflected XSS caused by improper neutralization of input during web page generation. Affected through 08/07/2026; vendor noted as not supported. The connected documents consistently describe the issue without detailing specific vul...

6.1CVSS5.9AI score0.00149EPSS
Exploits0References1
EUVD
EUVD
added last week5 views

EUVD-2026-42223

Improper neutralization of special elements used in an SQL command 'SQL injection' vulnerability in Webbeyaz Web Design Mediküm Web allows SQL Injection. This issue affects Mediküm Web: through 08072026. NOTE: The vendor was contacted and it was learned that the product is not supported...

9.8CVSS6AI score0.00266EPSS
Exploits0References1
Cvelist
Cvelist
added last week35 views

CVE-2026-8307 SQLi in Webbeyaz's Mediküm Web

Improper neutralization of special elements used in an SQL command 'SQL injection' vulnerability in Webbeyaz Web Design Mediküm Web allows SQL Injection. This issue affects Mediküm Web: through 08072026. NOTE: The vendor was contacted and it was learned that the product is not supported...

9.8CVSS0.00266EPSS
Exploits0References1
CVE
CVE
added last week17 views

CVE-2026-8307

SQL injection in Webbeyaz Web Design Mediküm Web (Mediküm Web) due to improper neutralization of special elements in SQL commands. Affected through 08072026; vendor state: product not supported. CVSS 3.1 vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (base 9.8). No remediation details provided in th...

9.8CVSS6AI score0.00266EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/07/08 12:0 a.m.6 views

PT-2026-56412

Name of the Vulnerable Software and Affected Versions Mediküm Web versions through 08072026 Description Improper neutralization of input during web page generation allows for Stored Cross-Site Scripting XSS, a condition where malicious scripts are permanently stored on the target server and serve...

5.4CVSS6.1AI score0.00133EPSS
Exploits0References4
NVD
NVD
added 2026/07/03 10:16 a.m.10 views

CVE-2026-4321

Improper neutralization of special elements used in an SQL command 'SQL injection' vulnerability in Raera - Ankara Web Design and Digital Advertising Agency Destekz allows SQL Injection. This issue affects Destekz: through 02062026. NOTE: The vendor was contacted and it was learned that the produ...

9.8CVSS0.00266EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/03 8:58 a.m.35 views

CVE-2026-4322 XSS in Raera's Destekz

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in Raera - Ankara Web Design and Digital Advertising Agency Destekz allows Reflected XSS. This issue affects Destekz: through 02062026. NOTE: The vendor was contacted and it was learned that the produ...

6.1CVSS0.00149EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/03 8:58 a.m.7 views

EUVD-2026-41527

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in Raera - Ankara Web Design and Digital Advertising Agency Destekz allows Reflected XSS. This issue affects Destekz: through 02062026. NOTE: The vendor was contacted and it was learned that the produ...

6.1CVSS5.9AI score0.00149EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/03 8:54 a.m.8 views

EUVD-2026-41526

Improper neutralization of special elements used in an SQL command 'SQL injection' vulnerability in Raera - Ankara Web Design and Digital Advertising Agency Destekz allows SQL Injection. This issue affects Destekz: through 02062026. NOTE: The vendor was contacted and it was learned that the produ...

9.8CVSS6AI score0.00266EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/07/03 8:54 a.m.33 views

CVE-2026-4321 SQLi in Raera's Destekz

Improper neutralization of special elements used in an SQL command 'SQL injection' vulnerability in Raera - Ankara Web Design and Digital Advertising Agency Destekz allows SQL Injection. This issue affects Destekz: through 02062026. NOTE: The vendor was contacted and it was learned that the produ...

9.8CVSS0.00266EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/30 11:46 a.m.31 views

CVE-2026-8403 Stored XSS in Exagate's SYSGUARD 6001

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in Eksagate Electronic Engineering and Computer Industry Trade Inc. SYSGUARD 6001 allows Stored XSS. This issue affects SYSGUARD 6001: from 2.0.2 before 6.1.4.0. NOTE: The vendor was contacted and it...

6.1CVSS0.00149EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 11:46 a.m.8 views

CVE-2026-8403 Stored XSS in Exagate's SYSGUARD 6001

Improper neutralization of input during web page generation 'cross-site scripting' vulnerability in Eksagate Electronic Engineering and Computer Industry Trade Inc. SYSGUARD 6001 allows Stored XSS. This issue affects SYSGUARD 6001: from 2.0.2 before 6.1.4.0. NOTE: The vendor was contacted and it...

6.1CVSS5.8AI score0.00149EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/30 11:36 a.m.8 views

CVE-2026-8402 SQLi in Exagate's SYSGUARD 6001

Improper neutralization of special elements used in an SQL command 'SQL injection' vulnerability in Eksagate Electronic Engineering and Computer Industry Trade Inc. SYSGUARD 6001 allows Blind SQL Injection. This issue affects SYSGUARD 6001: from 2.0.2 before 6.1.16.0. NOTE: The vendor was...

9.8CVSS5.8AI score0.00321EPSS
Exploits0References1
AstraLinux
AstraLinux
added 2026/06/24 3:11 p.m.3 views

Astra Linux – Vulnerability in Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: The reference count of the device should always be dropped in ibdelsubdeviceandput. Since nldevdeldev introduced in commit 060c642b2ab8 “RDMA/nldev: Add support for adding/deleting a sub IB device through netlink” grab...

7.8CVSS6AI score0.00119EPSS
Exploits0References3
NVD
NVD
added 2026/06/24 8:16 a.m.19 views

CVE-2026-52928

In the Linux kernel, the following vulnerability has been resolved: afunix: Reject SIOCATMARK on non-stream sockets SIOCATMARK reports whether the receive queue is at the urgent mark for MSGOOB. In AFUNIX, MSGOOB is supported only for SOCKSTREAM sockets. SOCKDGRAM and SOCKSEQPACKET reject MSGOOB ...

5.5CVSS0.00114EPSS
Exploits0References7
OSV
OSV
added 2026/06/24 8:16 a.m.4 views

UBUNTU-CVE-2026-52928

In the Linux kernel, the following vulnerability has been resolved: afunix: Reject SIOCATMARK on non-stream sockets SIOCATMARK reports whether the receive queue is at the urgent mark for MSGOOB. In AFUNIX, MSGOOB is supported only for SOCKSTREAM sockets. SOCKDGRAM and SOCKSEQPACKET reject MSGOOB ...

5.5CVSS5.6AI score0.00114EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/06/24 7:14 a.m.32 views

CVE-2026-52928 af_unix: Reject SIOCATMARK on non-stream sockets

In the Linux kernel, the following vulnerability has been resolved: afunix: Reject SIOCATMARK on non-stream sockets SIOCATMARK reports whether the receive queue is at the urgent mark for MSGOOB. In AFUNIX, MSGOOB is supported only for SOCKSTREAM sockets. SOCKDGRAM and SOCKSEQPACKET reject MSGOOB ...

0.00114EPSS
Exploits0References7
Rows per page
Query Builder