Lucene search
K

1130 matches found

Cvelist
Cvelist
added 2026/05/09 5:15 p.m.39 views

CVE-2026-8190 Wavlink NU516U1 adm.cgi wan os command injection

A vulnerability was determined in Wavlink NU516U1 M16U1V240425. Affected by this issue is the function wan of the file /cgi-bin/adm.cgi. This manipulation of the argument pppusername/ppppasswd/rwanip/rwanmask/rwangateway is directly passed by the attacker/so we can control the...

6.5CVSS0.05344EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2026/05/09 12:0 a.m.16 views

PT-2026-39401

A vulnerability was determined in Wavlink NU516U1 M16U1 V240425. Affected by this issue is the function wan of the file /cgi-bin/adm.cgi. This manipulation of the argument ppp username/ppp passwd/rwan ip/rwan mask/rwan gateway is directly passed by the attacker/so we can control the ppp...

6.5CVSS6.4AI score0.05344EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2026/05/04 8:21 p.m.6 views

CVE-2026-7683

A weakness has been identified in Edimax BR-6428nC up to 1.16. This affects an unknown function of the file /goform/setWAN of the component Web Interface. This manipulation of the argument pppUserName/pptpUserName causes command injection. The attack can be initiated remotely. The exploit has bee...

6.5CVSS6.3AI score0.01543EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/05/03 6:30 a.m.6 views

CVE-2026-7683 Edimax BR-6428nC Web setWAN command injection

A weakness has been identified in Edimax BR-6428nC up to 1.16. This affects an unknown function of the file /goform/setWAN of the component Web Interface. This manipulation of the argument pppUserName/pptpUserName causes command injection. The attack can be initiated remotely. The exploit has bee...

6.5CVSS5.5AI score0.01543EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/05/03 6:30 a.m.7 views

CVE-2026-7683

A weakness has been identified in Edimax BR-6428nC up to 1.16. This affects an unknown function of the file /goform/setWAN of the component Web Interface. This manipulation of the argument pppUserName/pptpUserName causes command injection. The attack can be initiated remotely. The exploit has bee...

6.5CVSS6.3AI score0.01543EPSS
Exploits0References6Affected Software1
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.8 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013677)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013677 advisory. In the Linux kernel, the following vulnerability has been resolved: ppp: associate skb with a device at tx Syzkaller triggered flow dissector warning with the...

5.7AI score0.00183EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.5 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-010860)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-010860 advisory. In the Linux kernel, the following vulnerability has been resolved: ppp: associate skb with a device at tx Syzkaller triggered flow dissector warning with the...

5.9AI score0.00183EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/17 12:0 a.m.4 views

Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-007512)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007512 advisory. In the Linux kernel, the following vulnerability has been resolved: ppp: associate skb with a device at tx Syzkaller triggered flow dissector warning with the...

5.9AI score0.00183EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/04/13 12:0 a.m.8 views

Tenda F451 安全漏洞

The Tenda F451 is a wireless router produced by the Chinese company Tenda. The version Tenda F451 1.0.0.7cnsvn7958 contains a security vulnerability. This vulnerability arises from improper handling of the parameters “wanmode” and “PPPPassword” in the function fromAdvSetWan within the...

9CVSS7.7AI score0.00511EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/03/30 12:0 a.m.2 views

CVE-2026-34472

Unauthenticated credential disclosure in the wizard interface in ZTE ZXHN H188A V6.0.10P2TE and V6.0.10P3N3TE allows unauthenticated attackers on the local network to retrieve sensitive credentials from the router's web management interface, including the default administrator password, WLAN PSK,...

7.1CVSS5.9AI score0.08943EPSS
Exploits3References3
OSV
OSV
added 2026/03/09 11:40 a.m.14 views

CLSA-2026-1773043650 kernel: Fix of 10 CVEs

ACPICA: Add AMLNOOPERANDRESOLVE flag to Timer CVE-2023-53395 - net: ppp: Add bound checking for skb data on pppsynctxmung CVE-2025-37749 - ata: ahci: Match EMMAXSLOTS with SATAPMPMAXPORTS CVE-2022-50315 - ext2: Check block size validity during mount CVE-2023-53569 - gfs2: Fix possible data races...

7.8CVSS5.8AI score0.00295EPSS
Exploits2References1
OSV
OSV
added 2026/03/09 11:37 a.m.8 views

CLSA-2026-1773056241 kernel: Fix of 21 CVEs

i40e: fix IRQ freeing in i40evsirequestirqmsix error path CVE-2025-39911 - media: rc: fix races with imondisconnect CVE-2025-39993 - VMCI: fix race between vmcihostsetupnotify and vmcictxunsetnotify CVE-2025-38102 - partitions: mac: fix handling of bogus partition table CVE-2025-21772 - tracing:...

7.8CVSS7.1AI score0.00319EPSS
Exploits0References1
OSV
OSV
added 2026/03/09 8:59 a.m.12 views

CLSA-2026-1773046740 kernel: Fix of 21 CVEs

i40e: fix IRQ freeing in i40evsirequestirqmsix error path CVE-2025-39911 - media: rc: fix races with imondisconnect CVE-2025-39993 - VMCI: fix race between vmcihostsetupnotify and vmcictxunsetnotify CVE-2025-38102 - partitions: mac: fix handling of bogus partition table CVE-2025-21772 - tracing:...

7.8CVSS7.1AI score0.00319EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/03/05 12:0 a.m.5 views

Unity Linux 20.1070e Security Update: ppp (UTSA-2026-005828)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005828 advisory. The passprompt plugin in pppd in ppp before 2.5.2 mishandles privileges. Tenable has extracted the preceding description block directly from the Unity Linux security...

9.3CVSS6AI score0.00196EPSS
Exploits0References4
Rosalinux
Rosalinux
added 2026/02/16 10:56 a.m.11 views

Advisory ROSA-SA-2026-3184

Software: tcpdump 4.9.3 OS: ROSA Virtualization 3.0 unaffected versions = tcpdump-4.9.3-5.rv30 affected versions tcpdump-4.9.3-5.rv30 CVE-ID: CVE-2020-8037 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: A vulnerability in the PPP decoder in tcpdump allows an attacker to cause a large memory allocation...

7.5CVSS7.1AI score0.03071EPSS
Exploits0
Rosalinux
Rosalinux
added 2026/02/16 7:27 a.m.11 views

Advisory ROSA-SA-2026-3164

Software: tcpdump 4.9.3 OS: ROSA Virtualization 3.1 unaffected versions = tcpdump-4.9.3-5.rv31 affected versions tcpdump-4.9.3-5.rv31 CVE-ID: CVE-2020-8037 BDU-ID: None CVE-Crit: HIGH CVE-DESC.: A vulnerability in the PPP decoder in tcpdump allows an attacker to cause a large memory allocation...

7.5CVSS7AI score0.03071EPSS
Exploits0
EUVD
EUVD
added 2026/02/02 4:32 a.m.5 views

EUVD-2026-5152

A vulnerability was found in D-Link DSL-6641K N8.TR069.20131126. Affected by this issue is the function doSubmitPPP of the file sppppoeuser.js. The manipulation of the argument Username results in cross site scripting. The attack may be launched remotely. The exploit has been made public and coul...

4.8CVSS4AI score0.00408EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2026/01/27 12:0 a.m.5 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005131)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005131 advisory. In the Linux kernel, the following vulnerability has been resolved: ppp: fix pppasyncencode illegal access syzbot reported an issue in pppasyncencode 1 In this case,...

7.1CVSS5.8AI score0.00272EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.6 views

Azure Linux 3.0 Security Update: ppp (CVE-2022-4603)

The version of ppp installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-4603 advisory. - A vulnerability classified as problematic has been found in ppp. Affected is the function dumpppp of the file...

6.5CVSS4.5AI score0.00821EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.5 views

Azure Linux 3.0 Security Update: kernel (CVE-2025-37749)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2025-37749 advisory. - In the Linux kernel, the following vulnerability has been resolved: net: ppp: Add bound checking for skb dat...

7.1CVSS5.7AI score0.00166EPSS
Exploits0References2
Rows per page
Query Builder