CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CVE•added yesterday•11 views

CVE-2026-43924

Summary: CVE-2026-43924 affects FOSSBilling prior to v0.8.0, where the Redirect module does not validate URL schemes for administrator-configured redirect targets, allowing open redirects. This can cause legitimate user traffic to be redirected to attacker-controlled sites via a 301 response (bro...

4.8CVSS5.9AI score

EUVD•added yesterday•3 views

EUVD-2026-34176

4.8CVSS5.9AI score

Cvelist•added yesterday•10 views

CVE-2026-43924 FOSSBilling has an open redirect via administrator-configured redirect targets

4.8CVSS

ATTACKERKB•added yesterday•1 views

CVE-2026-20230

A vulnerability in Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an unauthenticated, remote attacker to conduct server-side request forgery SSRF attacks through an affected device. This vulnerability ...

8.6CVSS5.8AI score

Cvelist•added yesterday•13 views

CVE-2024-47263

An improper limitation of a pathname to a restricted directory 'Path Traversal' vulnerability in Backup.Repository webapi component in Synology Hyper Backup before 4.1.2-4036 allows remote authenticated users with administrator privileges to write specific files containing non-sensitive informati...

4.1CVSS

NVD•added yesterday•5 views

CVE-2026-35085

A remote attacker with user privileges can exploit a stack buffer overflow in gdv-serverconfig to gain full system access as root...

8.8CVSS

NVD•added yesterday•5 views

CVE-2026-35080

The ugw-restoreinfo method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input...

NVD•added yesterday•4 views

CVE-2026-35083

A remote attacker with user privileges can exploit a stack buffer overflow to gain full system access as root...

8.8CVSS

NVD•added yesterday•8 views

CVE-2026-35081

The ugw-logstop method allows a remote attacker with user privileges to terminate arbitrary processes due to insufficient validation of user-supplied input...

NVD•added yesterday•4 views

CVE-2026-35076

The bac-scanresult method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input...

NVD•added yesterday•4 views

CVE-2026-35077

The ugw-delete-file method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input...

NVD•added yesterday•5 views

CVE-2026-35078

The ugw-logstop method allows a remote attacker with user privileges to delete arbitrary local files due to insufficient validation of user-controlled input...

Vulnrichment•added yesterday•1 views

CVE-2026-35085 Stack buffer overflow in method gdv-serverconfig

A remote attacker with user privileges can exploit a stack buffer overflow in gdv-serverconfig to gain full system access as root...

EUVD•added yesterday•5 views

EUVD-2026-34081

A remote attacker with user privileges can exploit a stack buffer overflow in gdv-serverconfig to gain full system access as root...

CVE•added yesterday•6 views

CVE-2026-35084

A stack buffer overflow in the component dali-devconfig can be exploited remotely to escalate privileges. The vulnerability allows a remote attacker with user privileges to obtain full system access as root. The linked CVSS metrics indicate a high-severity issue (CVSS v4.0 base score 8.7; CVSS v3...

ATTACKERKB•added yesterday•2 views

CVE-2026-35084

A remote attacker with user privileges can exploit a stack buffer overflow in dali-devconfig to gain full system access as root...

Cvelist•added yesterday•9 views

CVE-2026-35084 Stack buffer overflow in method dali-devconfig

A remote attacker with user privileges can exploit a stack buffer overflow in dali-devconfig to gain full system access as root...

8.8CVSS