CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

36 matches found

EUVD•added 2026/03/16 3:30 p.m.•1 views

EUVD-2026-12264

A vulnerability has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. This impacts the function...

6.5CVSS5.4AI score0.00123EPSS

Exploits1References10

NVD•added 2026/03/16 2:20 p.m.•1 views

CVE-2026-4196

9.8CVSS0.00123EPSS

Exploits1References9

CNNVD•added 2026/03/16 12:0 a.m.•2 views

D-Link多款产品命令注入漏洞

D-Link DNS-320, etc., are products of D-Link Corporation from China. The D-Link DNS-320 is a NAS Network Attached Storage device. The D-Link DNS-120 is a network storage adapter. The D-Link DNS-315L is a network attached storage device. Several D-Link products have command injection...

9.8CVSS6.6AI score0.00123EPSS

Exploits1References9

Cvelist•added 2026/03/15 11:32 p.m.•32 views

CVE-2026-4196 D-Link DNS-1550-04 remote_backup.cgi cgi_set_rsync_server command injection

6.5CVSS0.00123EPSS

Exploits1References9

EUVD•added 2025/11/27 12:30 a.m.•2 views

EUVD-2020-30819

ESCAM QD-900 WIFI HD cameras contain an unauthenticated configuration disclosure vulnerability in the /web/cgi-bin/hi3510/backup.cgi endpoint. The endpoint allows remote download of a compressed configuration backup without requiring authentication or authorization. The exposed backup can include...

8.7CVSS6.3AI score0.00355EPSS

Exploits0References4

NVD•added 2025/11/26 11:15 p.m.•2 views

CVE-2020-36871

8.7CVSS0.00355EPSS

Exploits0References3

Cvelist•added 2025/11/26 10:13 p.m.•6 views

CVE-2020-36873 Astak CM-818T3 Unauthenticated Configuration Disclosure

Astak CM-818T3 2.4GHz wireless security surveillance cameras contain an unauthenticated configuration disclosure vulnerability in the /web/cgi-bin/hi3510/backup.cgi endpoint. The endpoint permits remote download of a compressed configuration backup without requiring authentication or authorizatio...

8.7CVSS0.00314EPSS

Exploits0References2

CNNVD•added 2025/11/26 12:0 a.m.•2 views

Astak CM-818T3 访问控制错误漏洞

The Astak CM-818T3 is a wireless security camera from Astak. The Astak CM-818T3 suffers from an Access Control Error vulnerability that originates in the /web/cgi-bin/hi3510/backup.cgi endpoint to remotely download a compressed configuration backup without authentication, which could lead to...

8.7CVSS6.6AI score0.00314EPSS

Exploits0References3

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2023-43943

Malicious code in bioql PyPI...

9.1CVSS8.6AI score0.00322EPSS

Exploits0References1

Veeam•added 2025/09/03 12:0 a.m.•8 views

Console Connection to Veeam Software Appliance Unstable When IPv6 is Disabled

Challenge When IPv6 has been disabled in the Veeam Host Management Console settings, actions within the Veeam Backup & Replication Console on a remote machine may be slow to initiate or fail if IPv6 has not also been disabled in the Console settings. Cause This issue occurs when the IPv6...

7AI score

Exploits0Affected Software1

RedhatCVE•added 2025/05/23 3:49 a.m.•5 views

CVE-2023-3267

When adding a remote backup location, an authenticated user can pass arbitrary OS commands through the username field. The username is passed without sanitization into CMD running as NT/Authority System. An authenticated attacker can leverage this vulnerability to execute arbitrary code with...

9.1CVSS7.8AI score0.00322EPSS

Exploits0References1

Fedora•added 2023/12/19 2:19 a.m.•15 views

[SECURITY] Fedora 38 Update: rdiff-backup-2.2.6-3.fc38

rdiff-backup is a script, written in Python, that backs up one directory to another and is intended to be run periodically nightly from cron for instance. The target directory ends up a copy of the source directory, but extra reverse diffs are stored in the target directory, so you can still...

8.8CVSS7.7AI score0.00047EPSS

Exploits0

Fedora•added 2023/12/19 1:12 a.m.•16 views

[SECURITY] Fedora 39 Update: rdiff-backup-2.2.6-3.fc39

8.8CVSS7.7AI score0.00047EPSS

Exploits0

Huntr•added 2023/08/19 10:50 p.m.•22 views

Cross-site Scripting (XSS) - Stored

Description 1. Go to Setting Server == Choose Configuare. 2. Continue to choose backup == Remote Backup. 3. Inject the payload into the fields host,port,username... Proof of Concept link ProC : https://drive.google.com/file/d/1DcCMP9lT93HYNO3RzGllCVu3Mgk7yfK/view?usp=sharing Payload payload = "im...

4.9CVSS7AI score0.00079EPSS

Exploits1

OSV•added 2023/08/14 5:15 a.m.•3 views

CVE-2023-3267

8.8CVSS6.1AI score0.00322EPSS

Exploits0References1

Prion•added 2023/08/14 5:15 a.m.•15 views

Design/Logic Flaw

6.5CVSS8.8AI score0.00322EPSS

Exploits0References1Affected Software1

CVE•added 2023/08/14 4:11 a.m.•37 views

CVE-2023-3267

CVE-2023-3267 affects CyberPower PowerPanel Enterprise DCIM. The vulnerability is an OS command injection where an authenticated user can place arbitrary commands in the username field, which is passed un-sanitized into CMD running with SYSTEM privileges. This yields authenticated remote code exe...

9.1CVSS8.8AI score0.00322EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2023/08/14 4:11 a.m.•11 views

CVE-2023-3267

9.1CVSS7.8AI score0.00322EPSS

Exploits0References1

Fedora•added 2023/03/26 12:30 a.m.•25 views

[SECURITY] Fedora 38 Update: tar-1.34-8.fc38

The GNU tar program saves many files together in one archive and can restore individual files or all of the files from that archive. Tar can also be used to add supplemental files to an archive and to update or list files in the archive. Tar includes multivolume support, automatic archive...

5.5CVSS7.7AI score0.00047EPSS

Exploits1

Fedora•added 2023/03/23 1:34 a.m.•27 views

[SECURITY] Fedora 37 Update: tar-1.34-6.fc37

5.5CVSS7.7AI score0.00047EPSS

Exploits1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by