Lucene search
K

49 matches found

Debian CVE
Debian CVE
added 2026/06/26 4:15 p.m.5 views

CVE-2026-55677

Echo is a Go web framework. Prior to 4.15.3 and 5.2.0, Echo's router and static file handler disagree on URL path decoding. The router matches routes using the raw encoded path preserving %2F as-is, while StaticDirectoryHandler unescapes %2F to / before resolving filesystem paths. This allows an...

7.5CVSS5.8AI score0.0043EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/06/18 6:54 p.m.8 views

CVE-2026-33244

A flaw was found in react-router. When using Framework Mode with pre-rendering enabled, an attacker can exploit improper handling of the HTTP Location header value. This can lead to Cross-Site Scripting XSS, allowing malicious scripts to be injected into statically generated HTML files if the...

5.4CVSS5.2AI score0.00144EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/02 10:2 p.m.12 views

CVE-2026-45632

Dokploy is a free, self-hostable Platform as a Service PaaS. In 0.26.7 and earlier, the schedule router does not enforce organization/role checks. As a result, any authenticated user can create, update, run, or delete schedules belonging to other organizations if they know the scheduleId/serverId...

9.9CVSS6AI score0.00256EPSS
Exploits0References1
EUVD
EUVD
added 2026/05/31 2:30 p.m.12 views

EUVD-2026-33510

A flaw has been found in Tenda W12 3.0.0.74763. This affects the function cgistaKickOff of the file /bin/httpd. Executing a manipulation of the argument staMac can lead to stack-based buffer overflow. The attack may be performed from remote. The exploit has been published and may be used...

9CVSS7.8AI score0.00476EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/05/29 12:0 a.m.9 views

PT-2026-44936

Dokploy is a free, self-hostable Platform as a Service PaaS. In 0.26.7 and earlier, the schedule router does not enforce organization/role checks. As a result, any authenticated user can create, update, run, or delete schedules belonging to other organizations if they know the scheduleId/serverId...

9.9CVSS6AI score0.00256EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/05/03 12:0 a.m.11 views

PT-2026-36685

A security flaw has been discovered in Edimax BR-6208AC 1.02. The impacted element is the function setWAN of the file /goform/setWAN of the component L2TP Mode. The manipulation of the argument L2TPUserName results in command injection. It is possible to launch the attack remotely. The exploit ha...

6.5CVSS6.3AI score0.01158EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/03/16 12:0 a.m.5 views

PT-2026-25785

A security flaw has been discovered in Tenda AC8 16.03.50.11. This affects the function route set user policy rule of the file /cgi-bin/UploadCfg of the component Web Interface. The manipulation of the argument wans.policy.list1 results in os command injection. It is possible to launch the attack...

5.8CVSS5.6AI score0.06532EPSS
Exploits2References5
ATTACKERKB
ATTACKERKB
added 2026/03/09 7:32 a.m.4 views

CVE-2026-3809

A flaw has been found in Tenda FH1202 1.2.0.14408. The impacted element is the function fromNatStaticSetting of the file /goform/NatSaticSetting. Executing a manipulation of the argument page can lead to stack-based buffer overflow. The attack may be launched remotely. The exploit has been...

9CVSS8AI score0.00619EPSS
Exploits1References5Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-31076

Malicious code in bioql PyPI...

8.7CVSS6.6AI score0.003EPSS
Exploits0References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2021-7608

Malicious code in bioql PyPI...

10CVSS8.7AI score0.01597EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-31144

Malicious code in bioql PyPI...

6.5CVSS6.6AI score0.06807EPSS
Exploits1References6
CNNVD
CNNVD
added 2025/08/14 12:0 a.m.4 views

KuWFi CPF908-CP5 安全漏洞

KuWFi CPF908-CP5 is a WiFi router from KuWFi China. A security vulnerability exists in the KuWFi CPF908-CP5 WEB5.0LCD20210125 version, which stems from an unauthenticated access control vulnerability that could lead to the disclosure of sensitive information, modification of device settings, and...

9.1CVSS6.8AI score0.00357EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2025/05/29 12:0 a.m.7 views

The vulnerability of the recvUpgradeNewFw() function in TOTOLINK CA600-PoE router’s software allows a hacker to execute arbitrary commands.

The vulnerability of the recvUpgradeNewFw function in TOTOLINK CA600-PoE router microprogramming software is related to the lack of measures taken to clean data at the management level when processing the fwUrl parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary...

6.5CVSS6AI score0.00884EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/05/23 12:0 a.m.7 views

The vulnerability of the NTPSyncWithHost() function in TOTOLINK CA600-PoE router’s software allows a hacker to execute arbitrary code.

The vulnerability of the NTPSyncWithHost function in TOTOLINK CA600-PoE router microprogramming software is related to the lack of measures taken to clean data at the management level. Exploiting this vulnerability can allow a remote attacker to execute arbitrary code...

6.5CVSS5.9AI score0.00903EPSS
Exploits1References3Affected Software1
CNNVD
CNNVD
added 2025/05/06 12:0 a.m.7 views

D-Link DIR-880L 安全漏洞

The D-Link DIR-880L is a dual-band Gigabit wireless router from China's AUO D-Link. The D-Link DIR-880L suffers from a command injection vulnerability, which arises from the failure of the file /htdocs/ssdpcgi in the component Request Header Handler to correctly filter the constructed command...

9.8CVSS7.5AI score0.1651EPSS
Exploits0References6
CNNVD
CNNVD
added 2025/04/22 12:0 a.m.4 views

H3C GR-3000AX 安全漏洞

The H3C GR-3000AX is an enterprise-grade Wi-Fi 6 wireless router from China's Xinhua San H3C. A security vulnerability exists in H3C GR-3000AX V100R006 and prior versions, which originates from a buffer overflow due to improper handling of the parameter param in multiple functions in...

8.6CVSS8.2AI score0.0049EPSS
Exploits0References6
CNVD
CNVD
added 2025/04/02 12:0 a.m.6 views

Tenda FH1202 Access Control Error Vulnerability (CNVD-2025-08907)

The Tenda FH1202 is a wireless router from Tenda China. The Tenda FH1202 is vulnerable to an access control error vulnerability that stems from improper access control. No detailed vulnerability details are available at this time...

6.9CVSS6.7AI score0.00597EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/12/10 12:0 a.m.2 views

TP-LINK WR845N 安全漏洞

The TP-LINK WR845N is a wireless router from China P&L TP-LINK. A security vulnerability exists in the TP-LINK WR845N version V4200909 and version V4190219, which originates from transmitting user credentials in plain text after performing a restore of factory settings...

9.8CVSS6.8AI score0.00323EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/11/19 12:0 a.m.5 views

The vulnerability in the wizpppoe.cgi script of the microprogramming software for Netgear XR300, R7000P, and R6400 v2 allows a hacker to cause a service failure.

The vulnerability in the wizpppoe.cgi microprogramming software of Netgear XR300, R7000P, and R6400 v2 lies in the copying of buffers without checking the size of input data during the processing of the pppoelocalip parameter. Exploiting this vulnerability allows a malicious actor to cause servic...

5.7CVSS5.5AI score0.00299EPSS
Exploits0References2Affected Software3
BDU FSTEC
BDU FSTEC
added 2024/11/19 12:0 a.m.7 views

The vulnerability in the geniepppoe.cgi script of Netgear’s router software models R7000P and R6400 v2 allows a hacker to cause a service failure.

The vulnerability in the geniepppoe.cgi microprogramming software for Netgear XR300, R7000P, and R6400 v2 lies in the copying of buffers without checking the size of input data during the processing of the pppoelocalip parameter. Exploiting this vulnerability allows a malicious actor to cause...

5.7CVSS5.5AI score0.00299EPSS
Exploits0References2Affected Software3
Rows per page
Query Builder