CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

RedhatCVE•added 2026/06/01 4:3 p.m.•13 views

CVE-2026-10189

A vulnerability has been found in Tenda W12 3.0.0.74763. This vulnerability affects the function cgiSysTimeInfoSet of the file /bin/httpd. The manipulation of the argument sec leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to t...

9CVSS6.2AI score0.00503EPSS

RedhatCVE•added 2026/06/01 4:3 p.m.•12 views

CVE-2026-10192

A vulnerability was identified in Tenda W12 3.0.0.74763. The affected element is the function setlocaltime0 of the file /bin/httpd. Such manipulation of the argument Time leads to stack-based buffer overflow. The attack can be launched remotely. The exploit is publicly available and might be used...

9CVSS6.4AI score0.00503EPSS

RedhatCVE•added 2026/06/01 4:3 p.m.•12 views

CVE-2026-10159

A weakness has been identified in TRENDnet TEW-432BRP 3.10B20. Affected by this vulnerability is the function formSysLog of the file /goform/formSysLog. This manipulation of the argument currentpage causes stack-based buffer overflow. The attack can be initiated remotely. The exploit has been mad...

9CVSS6.3AI score0.00463EPSS

RedhatCVE•added 2026/06/01 4:2 p.m.•9 views

CVE-2026-10123

A vulnerability was found in TRENDnet TEW-432BRP 3.10B20. This impacts the function formSetDomainFilter of the file /goform/formSetDomainFilter. Performing a manipulation of the argument blockeddomain/permitteddomain/blockeddomainlist/permitteddomainlist results in stack-based buffer overflow. It...

9CVSS6.2AI score0.00472EPSS

EUVD•added 2026/06/01 4:0 p.m.•11 views

EUVD-2026-33661

A vulnerability has been found in a4m4 Student-Management-System up to f0c5f6842c5e8c431ff02b5260a565ca844df3a0. The impacted element is an unknown function of the file admin/deleteform.php. Such manipulation of the argument sid leads to improper authorization. It is possible to launch the attack...

6.9CVSS6.2AI score0.00307EPSS

Cvelist•added 2026/06/01 4:0 p.m.•27 views

CVE-2026-10272 a4m4 Student-Management-System deleteform.php improper authorization

6.9CVSS0.00307EPSS

Vulnrichment•added 2026/06/01 4:0 p.m.•13 views

CVE-2026-10272 a4m4 Student-Management-System deleteform.php improper authorization

6.9CVSS5.4AI score0.00307EPSS

CVE•added 2026/06/01 4:0 p.m.•19 views

CVE-2026-10272

CVE-2026-10272 affects the a4m4 Student-Management-System. The vulnerability is in an unknown function within admin/deleteform.php, where manipulating the argument sid leads to improper authorization. It can be exploited remotely, and public disclosures exist. Version details for affected/updated...

6.9CVSS6.2AI score0.00307EPSS

CVE•added 2026/06/01 3:30 p.m.•18 views

CVE-2026-10270

The vulnerability CVE-2026-10270 affects D-Link DI-7001 MINI (up to firmware 19.09.19A1). The issue is a stack-based overflow in the API component, specifically the sprintf usage in /httpd_debug.asp where an attacker can manipulate the Time argument. This allows a remote attacker to potentially e...

9CVSS7.7AI score0.00687EPSS

Exploits1References7Affected Software1

EUVD•added 2026/06/01 3:30 p.m.•13 views

EUVD-2026-33693

A vulnerability was detected in D-Link DI-7001 MINI up to 19.09.19A1. Impacted is the function sprintf of the file /httpddebug.asp of the component API. The manipulation of the argument Time results in stack-based buffer overflow. The attack may be performed from remote. The exploit is now public...

9CVSS7.7AI score0.00687EPSS

Exploits1References7

Cvelist•added 2026/06/01 3:30 p.m.•27 views

CVE-2026-10270 D-Link DI-7001 MINI API httpd_debug.asp sprintf stack-based overflow

9CVSS0.00687EPSS

Exploits1References7

NVD•added 2026/06/01 3:16 p.m.•9 views

CVE-2026-10265

A vulnerability was identified in itsourcecode Content Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/edittopic.php. Such manipulation of the argument topicid leads to sql injection. The attack may be launched remotely. The exploit is publicly...

6.5CVSS0.00204EPSS

NVD•added 2026/06/01 3:16 p.m.•13 views

CVE-2026-10261

A flaw has been found in CodeAstro Online Job Portal 1.0. This affects an unknown function of the file /users/applicationstatus.php. Executing a manipulation of the argument ID can lead to sql injection. It is possible to launch the attack remotely. The exploit has been published and may be used...

7.5CVSS0.00263EPSS

NVD•added 2026/06/01 3:16 p.m.•10 views

CVE-2026-10262

A vulnerability has been found in code-projects Real State Services 1.0. This impacts an unknown function of the file /loginuser.php of the component Login. The manipulation of the argument Username leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to th...

7.5CVSS0.00269EPSS

NVD•added 2026/06/01 3:16 p.m.•12 views

CVE-2026-10263

A vulnerability was found in SourceCodester Computer Repair Shop Management System up to 1.0. Affected is an unknown function of the file /admin/products/manageproduct.php. The manipulation of the argument ID results in sql injection. The attack can be launched remotely. The exploit has been made...

7.5CVSS0.00269EPSS

NVD•added 2026/06/01 3:16 p.m.•14 views

CVE-2026-10259

A security vulnerability has been detected in H3C Magic B0 up to 100R002. The affected element is the function SetMobileAPInfoById of the file /goform/aspForm. Such manipulation of the argument param leads to stack-based buffer overflow. The attack may be performed from remote. The exploit has be...

9CVSS0.00484EPSS