Lucene search
K

9099 matches found

NVD
NVD
added yesterday6 views

CVE-2026-58547

Heap-based buffer overflow in Universal Plug and Play upnp.dll allows an authorized attacker to elevate privileges locally...

5.5CVSS
Exploits0References1
NVD
NVD
added yesterday3 views

CVE-2026-50455

Use of uninitialized resource in Universal Plug and Play upnp.dll allows an authorized attacker to disclose information locally...

5.5CVSS
Exploits0References1
NVD
NVD
added yesterday4 views

CVE-2026-49180

Improper link resolution before file access 'link following' in Universal Plug and Play upnp.dll allows an authorized attacker to disclose information locally...

5.5CVSS
Exploits0References1
CVE
CVE
added yesterday8 views

CVE-2026-58547

The CVE-2026-58547 entry details a heap-based buffer overflow in Windows UPnP Device Host (upnp.dll) that can enable local privilege escalation for an authorized user. Affected component: Universal Plug and Play in Windows. Root cause: heap-based overflow in upnp.dll. Impact: local privilege elev...

5.5CVSS6.1AI score
Exploits0References1
Cvelist
Cvelist
added yesterday30 views

CVE-2026-58547 Windows Universal Plug and Play (UPnP) Device Host Elevation of Privilege Vulnerability

...

5.5CVSS
Exploits0References1
Cvelist
Cvelist
added yesterday19 views

CVE-2026-50455 Universal Plug and Play (upnp.dll) Information Disclosure Vulnerability

...

5.5CVSS
Exploits0References1
CVE
CVE
added yesterday11 views

CVE-2026-50455

CVE-2026-50455 describes an information disclosure in Universal Plug and Play (upnp.dll) caused by the use of an uninitialized resource. The vulnerability allows an authorized local attacker to disclose information. The reported impact shows confidentiality impact (C) as High, with local access a...

5.5CVSS6AI score
Exploits0References1
CVE
CVE
added yesterday12 views

CVE-2026-49180

This CVE concerns the Universal Plug and Play component upnp.dll, where an improper link resolution before file access (link following) can lead to local information disclosure. The entry notes that an authorized attacker can disclose information locally, with a CVSS base score of 5.5 (Medium). A...

5.5CVSS6AI score
Exploits0References1
Cvelist
Cvelist
added yesterday21 views

CVE-2026-49180 Universal Plug and Play (upnp.dll) Information Disclosure Vulnerability

...

5.5CVSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added yesterday8 views

Universal Plug and Play (upnp.dll) Information Disclosure Vulnerability

Use of uninitialized resource in Universal Plug and Play upnp.dll allows an authorized attacker to disclose information locally...

5.5CVSS6.1AI score
Exploits0
EUVD
EUVD
added 6 days ago5 views

EUVD-2026-42644

Tenda CP3 V3.0 firmware V31.1.9.91 contains a stack-based buffer overflow in the RTSP service. The device fails to validate the length of the clock= value in the Range header field when processing a PLAY request. An unauthenticated remote attacker who has completed a standard RTSP session handsha...

6.4AI score0.0041EPSS
Exploits0References2
EUVD
EUVD
added 6 days ago7 views

EUVD-2026-42647

A stack-based buffer overflow vulnerability in the RTSP service of Tenda CP3 V3.0 firmware V31.1.9.91 allows an unauthenticated remote attacker to cause a denial of service via a crafted PLAY request...

7.5CVSS6.3AI score0.0041EPSS
Exploits0References2
NVD
NVD
added 6 days ago12 views

CVE-2026-51604

A stack-based buffer overflow vulnerability in the RTSP service of Tenda CP3 V3.0 firmware V31.1.9.91 allows an unauthenticated remote attacker to cause a denial of service via a crafted PLAY request...

7.5CVSS0.0041EPSS
Exploits0References1
NVD
NVD
added 6 days ago9 views

CVE-2026-51601

Tenda CP3 V3.0 firmware V31.1.9.91 contains a stack-based buffer overflow in the RTSP service. The device fails to validate the length of the clock= value in the Range header field when processing a PLAY request. An unauthenticated remote attacker who has completed a standard RTSP session handsha...

7.5CVSS0.0041EPSS
Exploits0References1
Cvelist
Cvelist
added 6 days ago32 views

CVE-2026-51601

Tenda CP3 V3.0 firmware V31.1.9.91 contains a stack-based buffer overflow in the RTSP service. The device fails to validate the length of the clock= value in the Range header field when processing a PLAY request. An unauthenticated remote attacker who has completed a standard RTSP session handsha...

0.0041EPSS
Exploits0References1
CVE
CVE
added 6 days ago9 views

CVE-2026-51604

CVE-2026-51604 describes a stack-based buffer overflow in the RTSP service of the Tenda CP3 V3.0 firmware (V31.1.9.91). The vulnerability is triggered by processing a crafted PLAY request and can be exploited by an unauthenticated remote attacker to cause a denial of service. Affected component: ...

7.5CVSS6.3AI score0.0041EPSS
Exploits0References1
CVE
CVE
added 6 days ago8 views

CVE-2026-51601

The CVE describes a stack-based buffer overflow in the RTSP service of Tenda CP3 V3.0 firmware (version V31.1.9.91). The flaw arises from insufficient validation of the clock= value in the Range header during a PLAY request, enabling an unauthenticated remote attacker who has completed a standard...

7.5CVSS6.4AI score0.0041EPSS
Exploits0References1
Cvelist
Cvelist
added 6 days ago29 views

CVE-2026-51604

A stack-based buffer overflow vulnerability in the RTSP service of Tenda CP3 V3.0 firmware V31.1.9.91 allows an unauthenticated remote attacker to cause a denial of service via a crafted PLAY request...

0.0041EPSS
Exploits0References1
EUVD
EUVD
added 2026/07/02 2:21 a.m.11 views

EUVD-2026-41232

GeoWebPlayer also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud is an addon that can be installed with various GeoVision software GV-VMS, GV-Cloud, .... It creates a websocket server that expands the capabilities of the various web-interfaces provided by the...

8.3CVSS5.8AI score0.0022EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/07/02 2:21 a.m.8 views

CVE-2026-57270

GeoWebPlayer also called "Web Plugin" in the GV-VMS documentation and "WS Player" for VMS-Cloud is an addon that can be installed with various GeoVision software GV-VMS, GV-Cloud, .... It creates a websocket server that expands the capabilities of the various web-interfaces provided by the...

8.3CVSS5.8AI score0.0022EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder