83 matches found
Exploit for CVE-2026-23744
No d...
EUVD-2026-3227
A security flaw has been discovered in Totolink LR350 9.3.5u.6369B20220309. Impacted is the function setTracerouteCfg of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument command results in command injection. The attack can be launched remotely...
EUVD-2026-2866
Xmind 2020 contains a cross-site scripting vulnerability that allows attackers to inject malicious payloads into mind mapping files or custom headers. Attackers can craft malicious files with embedded JavaScript that execute system commands when opened, enabling remote code execution through mous...
EUVD-2026-2974
Not used...
EUVD-2026-2924
Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the security parameter of the sub4C408 function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...
EUVD-2026-2472
In the Linux kernel, the following vulnerability has been resolved: kernel/kexec: fix IMA when allocation happens in CMA area Bug description When I tested kexec with the latest kernel, I ran into the following warning: 40.712410 ------------ cut here ------------ 40.712576 WARNING: CPU: 2 PID:...
EUVD-2026-2198
Concurrent execution using shared resource with improper synchronization 'race condition' in Graphics Kernel allows an authorized attacker to elevate privileges locally...
EUVD-2026-2283
In the Linux kernel, the following vulnerability has been resolved: scsi: aic94xx: fix use-after-free in device removal path The asdpciremove function fails to synchronize with pending tasklets before freeing the asdha structure, leading to a potential use-after-free vulnerability. When a device...
EUVD-2026-2347
A vulnerability has been identified in the installation/uninstallation of the Nessus Agent Tray App on Windows Hosts which could lead to escalation of privileges...
EUVD-2026-1219
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themesgrove WidgetKit Pro allows Reflected XSS.This issue affects WidgetKit Pro: from n/a through 1.13.1...
EUVD-2026-1260
EUVD-2026-1260...
EUVD-2026-1065
The Quiz and Survey Master QSM – Easy Quiz and Survey Maker plugin for WordPress is vulnerable to unauthorized loss of data due to a missing capability check on the qsmdashboarddeleteresult function in all versions up to, and including, 10.3.1. This makes it possible for authenticated attackers,...
EUVD-2026-0977
In Modem, there is a possible system crash due to incorrect error handling. This could lead to remote denial of service, if a UE has connected to a rogue base station controlled by the attacker, with no additional execution privileges needed. User interaction is not needed for exploitation. Patch...
EUVD-2026-0079
This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure...
EUVD-2026-0160
This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure...
EUVD-2026-0240
This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure...
EUVD-2026-0270
This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure...
EUVD-2026-0354
This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure...
EUVD-2026-0470
This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure...
EUVD-2026-0548
This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure...