Lucene search
K

41225 matches found

Positive Technologies
Positive Technologies
added 2026/03/27 12:0 a.m.5 views

PT-2026-28707

Name of the Vulnerable Software and Affected Versions Open5GS version 2.7.6 Description A security flaw exists in Open5GS 2.7.6, specifically within the CCA Message Handler component and the smf gx cca cb/smf gy cca cb/smf s6b function. This manipulation can lead to a denial of service. The attac...

6.3CVSS5.6AI score0.00566EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2026/03/27 12:0 a.m.8 views

PT-2026-28698

Name of the Vulnerable Software and Affected Versions SourceCodester Online Quiz System version 1.0 Description A flaw exists in SourceCodester Online Quiz System that allows for cross site scripting. This issue is related to the manipulation of the quiz question argument within the...

5.1CVSS4.7AI score0.00239EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/03/27 12:0 a.m.5 views

PT-2026-28683

A flaw has been found in OpenBMB XAgent 1.0.0. The impacted element is the function FunctionHandler.handle tool call of the file XAgent/function handler.py of the component API Key Handler. This manipulation of the argument api key causes sensitive information in log files. The attack may be...

5.1CVSS5.5AI score0.0028EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/03/27 12:0 a.m.10 views

PT-2026-28679

A weakness has been identified in mingSoft MCMS up to 5.5.0. This issue affects the function catchImage of the file net/mingsoft/cms/action/BaseAction.java of the component Editor Endpoint. Executing a manipulation of the argument catchimage can lead to server-side request forgery. It is possible...

7.5CVSS5.5AI score0.00278EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/03/27 12:0 a.m.12 views

PT-2026-28684

A vulnerability has been found in OpenBMB XAgent 1.0.0. This affects the function ReplayServer.on connect/ReplayServer.send data of the file XAgentServer/application/websockets/replayer.py of the component WebSocket Endpoint. Such manipulation of the argument interaction id leads to authorization...

3.1CVSS5.4AI score0.00383EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2026/03/27 12:0 a.m.6 views

PT-2026-28681

A vulnerability was found in Shenzhen Ruiming Technology Streamax Crocus 1.3.44. This impacts an unknown function of the file /OperateStatistic.do. The manipulation of the argument VehicleID results in sql injection. The attack can be launched remotely. The exploit has been made public and could ...

7.5CVSS5.7AI score0.00254EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/03/27 12:0 a.m.4 views

PT-2026-28690

A security vulnerability has been detected in letta-ai letta 0.16.4. This vulnerability affects the function convert message create to message of the file letta/helpers/message helper.py of the component File URL Handler. Such manipulation of the argument ImageContent leads to server-side request...

6.5CVSS5.5AI score0.00327EPSS
Exploits1References5
Packet Storm
Packet Storm
added 2026/03/27 12:0 a.m.119 views

📄 Generic HTTP Command Execution

This Metasploit module interacts with existing command execution functionality on a target system, where user-supplied input is directly passed to system execution functions via a HTTP request. This could be from an existing vulnerability, or uploaded webshells. It is likely that HTTP evasion...

6.1AI score
Exploits0
NVD
NVD
added 2026/03/26 11:16 p.m.7 views

CVE-2026-4902

A vulnerability was detected in Tenda AC5 15.03.06.47. This affects the function fromAddressNat of the file /goform/addressNat of the component POST Request Handler. The manipulation of the argument page results in stack-based buffer overflow. The attack can be launched remotely. The exploit is n...

9CVSS0.00632EPSS
Exploits1References5
NVD
NVD
added 2026/03/26 11:16 p.m.2 views

CVE-2026-4903

A flaw has been found in Tenda AC5 15.03.06.47. This vulnerability affects the function formQuickIndex of the file /goform/QuickIndex of the component POST Request Handler. This manipulation of the argument PPPOEPassword causes stack-based buffer overflow. The attack may be initiated remotely. Th...

9CVSS0.05461EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/03/26 11:11 p.m.2 views

CVE-2026-4904 Tenda AC5 POST Request setcfm formSetCfm stack-based overflow

A vulnerability has been found in Tenda AC5 15.03.06.47. This issue affects the function formSetCfm of the file /goform/setcfm of the component POST Request Handler. Such manipulation of the argument funcpara1 leads to stack-based buffer overflow. The attack may be launched remotely. The exploit...

9CVSS7.9AI score0.00746EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/03/26 11:11 p.m.2 views

CVE-2026-4904

A vulnerability has been found in Tenda AC5 15.03.06.47. This issue affects the function formSetCfm of the file /goform/setcfm of the component POST Request Handler. Such manipulation of the argument funcpara1 leads to stack-based buffer overflow. The attack may be launched remotely. The exploit...

9CVSS8.1AI score0.00746EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2026/03/26 11:11 p.m.9 views

CVE-2026-4904

CVE-2026-4904 affects Tenda AC5 firmware version 15.03.06.47. The flaw resides in the POST handler’s /goform/setcfm function SetCfm, where manipulation of the funcpara1 argument can trigger a stack-based buffer overflow. Exploitation is possible remotely, and public exploit disclosure is noted. T...

9CVSS8.1AI score0.00746EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/26 10:30 p.m.1 views

CVE-2026-4903 Tenda AC5 POST Request QuickIndex formQuickIndex memory corruption

A flaw has been found in Tenda AC5 15.03.06.47. This vulnerability affects the function formQuickIndex of the file /goform/QuickIndex of the component POST Request Handler. This manipulation of the argument PPPOEPassword causes stack-based buffer overflow. The attack may be initiated remotely. Th...

9CVSS7.9AI score0.05461EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/03/26 10:30 p.m.23 views

CVE-2026-4903 Tenda AC5 POST Request QuickIndex formQuickIndex memory corruption

A flaw has been found in Tenda AC5 15.03.06.47. This vulnerability affects the function formQuickIndex of the file /goform/QuickIndex of the component POST Request Handler. This manipulation of the argument PPPOEPassword causes stack-based buffer overflow. The attack may be initiated remotely. Th...

9CVSS0.05461EPSS
Exploits1References5
CVE
CVE
added 2026/03/26 10:30 p.m.8 views

CVE-2026-4903

CVE-2026-4903 affects the Tenda AC5 (firmware 15.03.06.47). The vulnerability is in the POST /goform/QuickIndex handler function formQuickIndex, where manipulating the PPPOEPassword argument triggers a stack-based buffer overflow. The attack can be mounted remotely, with the exploit published and...

9CVSS8.1AI score0.05461EPSS
Exploits1References5Affected Software1
Vulnrichment
Vulnrichment
added 2026/03/26 10:30 p.m.3 views

CVE-2026-4902 Tenda AC5 POST Request addressNat fromAddressNat memory corruption

A vulnerability was detected in Tenda AC5 15.03.06.47. This affects the function fromAddressNat of the file /goform/addressNat of the component POST Request Handler. The manipulation of the argument page results in stack-based buffer overflow. The attack can be launched remotely. The exploit is n...

9CVSS8AI score0.00632EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/03/26 10:30 p.m.2 views

CVE-2026-4902

A vulnerability was detected in Tenda AC5 15.03.06.47. This affects the function fromAddressNat of the file /goform/addressNat of the component POST Request Handler. The manipulation of the argument page results in stack-based buffer overflow. The attack can be launched remotely. The exploit is n...

9CVSS8.1AI score0.00632EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2026/03/26 10:30 p.m.21 views

CVE-2026-4902 Tenda AC5 POST Request addressNat fromAddressNat memory corruption

A vulnerability was detected in Tenda AC5 15.03.06.47. This affects the function fromAddressNat of the file /goform/addressNat of the component POST Request Handler. The manipulation of the argument page results in stack-based buffer overflow. The attack can be launched remotely. The exploit is n...

9CVSS0.00632EPSS
Exploits1References5
CVE
CVE
added 2026/03/26 10:30 p.m.15 views

CVE-2026-4902

CVE-2026-4902 concerns the Tenda AC5 firmware (version 15.03.06.47). The issue lies in the POST Request Handler, specifically the function fromAddressNat in /goform/addressNat, where manipulating the argument page leads to a stack-based buffer overflow. This can be exploited remotely, and public ...

9CVSS8.1AI score0.00632EPSS
Exploits1References5Affected Software1
Rows per page
Query Builder