12 matches found
CVE-2026-40434 Anviz CrossChex Standard Improper Verification of Source of a Communication Channel
Anviz CrossChex Standard lacks source verification in the client/server channel, enabling TCP packet injection by an attacker on the same network to alter or disrupt application traffic...
CVE-2026-34119
CVE-2026-34119 — TP-Link Tapo C520WS (v2.6) shows a heap-based buffer overflow in the HTTP parsing loop when appending segmented request bodies, due to insufficient boundary validation for externally supplied HTTP input. The issue can allow heap memory corruption on the device when an attacker on...
PT-2026-2148
Name of the Vulnerable Software and Affected Versions Tenda 300Mbps Wireless Router F3 Tenda N300 Easy Setup Router Description The routers transmit credentials using reversible Base64 encoding through the web-based administrative interface. An attacker on the same network can intercept network...
CVE-2025-10495
A potential vulnerability was reported in the Lenovo PC Manager, Lenovo App Store, Lenovo Browser, and Lenovo Legion Zone client applications that, under certain conditions, could allow an attacker on the same logical network to execute arbitrary code...
PT-2025-46691
Name of the Vulnerable Software and Affected Versions Lenovo Scanner pro affected versions not specified Description An issue was identified in the Lenovo Scanner pro application that, in certain situations, could allow an attacker on the same network to access sensitive user files from the...
CVE-2023-3348
The Wrangler command line tool [email protected] or [email protected] was affected by a directory traversal vulnerability when running a local development server for Pages wrangler pages dev command. This vulnerability enabled an attacker in the same network as the victim to connect to the local...
VulnCheck KEV: CVE-2021-21974
OpenSLP as used in ESXi 7.0 before ESXi70U1c-17325551, 6.7 before ESXi670-202102401-SG, 6.5 before ESXi650-202102101-SG has a heap-overflow vulnerability. A malicious actor residing within the same network segment as ESXi who has access to port 427 may be able to trigger the heap-overflow issue...
Lindy 42633 Denial of Service Vulnerability
The Lindy 42633 is a 4-port USB 2.0 Gigabit network server. A denial of service vulnerability exists in the Lindy 42633 2.078.000. An attacker on the same network can exploit this vulnerability by entering a long value to cause the device to deny service...
kernel: heap overflow in mwifiex_update_vs_ie() function of Marvell WiFi driver
A vulnerability was found in the Linux kernel's Marvell WiFi chip driver. Where, while parsing vendor-specific informational attributes, an attacker on the same WiFi physical network segment could cause a system crash, resulting in a denial of service, or potentially execute arbitrary code. This...
CVE-2020-5546
Improper Neutralization of Argument Delimiters in a Command 'Argument Injection' vulnerability in TCP function included in the firmware of Mitsubishi Electric MELQIC IU1 series IU1-1M20-D firmware version 1.0.7 and earlier allows an attacker on the same network segment to stop the network functio...
kernel: heap overflow in mwifiex_update_vs_ie() function of Marvell WiFi driver
A vulnerability was found in the Linux kernel's Marvell WiFi chip driver. Where, while parsing vendor-specific informational attributes, an attacker on the same WiFi physical network segment could cause a system crash, resulting in a denial of service, or potentially execute arbitrary code. This...
kernel: heap overflow in mwifiex_update_vs_ie() function of Marvell WiFi driver
A vulnerability was found in the Linux kernel's Marvell WiFi chip driver. Where, while parsing vendor-specific informational attributes, an attacker on the same WiFi physical network segment could cause a system crash, resulting in a denial of service, or potentially execute arbitrary code. This...