CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

199 matches found

EUVD•added 2026/06/12 6:24 p.m.•12 views

EUVD-2026-36538

During WiFi association, Naxclow device firmware prints the host network’s SSID, PSK, and negotiated WPA keys in cleartext to an exposed UART console on production hardware. The UART pads are labeled, run with default serial settings, and drop to an interactive RT-Thread shell that permits...

5.1CVSS5.3AI score0.00171EPSS

Exploits0References2

CNNVD•added 2026/06/09 12:0 a.m.•12 views

Tenda O3 Wireless Router 安全漏洞

The Tenda O3 is an outdoor wireless bridge produced by the Chinese company Tenda. Version 1.0.0.54180 of the Tenda O3 Wireless Router contains a security vulnerability. This vulnerability stems from a stack overflow in the domain parameter within the fromNetToolGet function, which could allow...

7.5CVSS5.5AI score0.00397EPSS

Exploits0References1

CNNVD•added 2026/06/09 12:0 a.m.•10 views

Tenda O3 安全漏洞

The Tenda O3 is an outdoor wireless bridge produced by the Chinese company Tenda. Version 1.0.0.54180 of the Tenda O3 has a security vulnerability. This vulnerability stems from a stack overflow in the ip parameter within the fromNetToolGet function, which could allow attackers to cause...

7.5CVSS5.5AI score0.00329EPSS

Exploits0References1

Packet Storm News•added 2026/01/20 12:0 a.m.•13 views

PINA: Prompt Injection Attack against Navigation Agents

Navigation agents powered by large language models LLMs convert natural language instructions into executable plans and actions. Compared to text-based applications, their security is far more critical: a successful prompt injection attack does not just alter outputs but can directly misguide...

5.4AI score

Exploits0

RedhatCVE•added 2026/01/09 9:35 a.m.•18 views

CVE-2024-34218

TOTOLINK outdoor CPE CP450 v4.1.0cu.747B20191224 was discovered to contain a command injection vulnerability in the NTPSyncWithHost function via the hostTime parameter...

3.8CVSS7.8AI score0.17571EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 9:0 a.m.•10 views

CVE-2023-29236

Unauth. Reflected Cross-Site Scripting XSS vulnerability in Cththemes Outdoor theme = 3.9.6 versions...

7.1CVSS5.8AI score0.00382EPSS

Exploits0References1

CNNVD•added 2026/01/09 12:0 a.m.•5 views

ZTE MF258K Pro 安全漏洞

The ZTE MF258K Pro is a 4G outdoor bridge kit from ZTE China. The ZTE MF258K Pro suffers from a configuration flaw vulnerability that stems from improperly set directory permissions, which can be exploited by an attacker to cause a write operation to be performed...

8.8CVSS5.8AI score0.00223EPSS

Exploits0References2

Patchstack•added 2025/12/31 12:0 a.m.•6 views

WordPress Outdoor plugin <= 1.3.2 - Unauthenticated SQL Injection vulnerability

Unauthenticated SQL Injection vulnerability discovered by John Lee in WordPress Theme Outdoor versions = 1.3.2...

7.5CVSS5.9AI score0.00342EPSS

Exploits0References1Affected Software1

CNVD•added 2025/12/30 12:0 a.m.•2 views

Command Execution Vulnerability in RG-EST350 V2 of Beijing StarNet Ruijie Network Technology Co.

Ruijie EST350-V2 is a wireless outdoor bridge product supporting 802.11ac protocol, which is designed for the business of video transmission or data transmission in the scenarios of tower crane, factory, scenic spot, park, planting base, fishpond aquaculture base, construction site, etc. Ruijie...

6AI score

Exploits0

EUVD•added 2025/11/11 7:1 a.m.•2 views

EUVD-2025-71434

Malicious code in outdoorwrenz3n npm...

6.6AI score

Exploits0

OSV•added 2025/11/11 7:1 a.m.•2 views

MAL-2025-98856 Malicious code in outdoor_wren_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7dffd9a4ca631d1e2804e46f6090304b799b0e3f7c7ebf6b91367b3550fb9d68 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.8AI score

Exploits0

EUVD•added 2025/11/11 5:18 a.m.•2 views

EUVD-2025-62751

Malicious code in outdoorsailfishz3n npm...

6.6AI score

Exploits0

OSSF Malicious Packages•added 2025/11/11 5:18 a.m.•3 views

Malicious code in outdoor_guppy_z3n (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 6986300174d5f8930d6b9a23f7a57f5321cdd50b2a1a44c16033bb5364be9eb2 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score

Exploits0

OSV•added 2025/11/11 5:18 a.m.•2 views

MAL-2025-95802 Malicious code in outdoor_guppy_z3n (npm)

6.8AI score

Exploits0

EUVD•added 2025/11/11 12:41 a.m.•2 views

EUVD-2025-52883

Malicious code in outdoor-coral-flamingo npm...

6.6AI score

Exploits0

EUVD•added 2025/11/11 12:41 a.m.•3 views

EUVD-2025-52882

Malicious code in outdoor-maroon-lemming npm...

6.6AI score

Exploits0

OSSF Malicious Packages•added 2025/11/11 12:41 a.m.•4 views

Malicious code in outdoor-coral-flamingo (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 746386bf4b1fe81a823dd6d40dffb40f5a5236eec10249297ad05f8718c00777 This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...

6.9AI score

Exploits0

EUVD•added 2025/11/11 12:41 a.m.•2 views

EUVD-2025-52885

Malicious code in outdoor-amber-smelt npm...

6.6AI score

Exploits0

EUVD•added 2025/11/11 12:41 a.m.•1 views

EUVD-2025-52884

Malicious code in outdoor-black-pigeon npm...

6.6AI score

Exploits0