CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

23 matches found

AstraLinux•added 2026/05/03 11:59 p.m.•3 views

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: ksmbd: The issue of slub overflow in ksmbddecodentlmsspauthblob has been fixed. If authblob-SessionKey.Length is larger than the size of the session key CIFSKEYSIZE, slub overflow can occur in the key exchange process. The functi...

7.8CVSS6.3AI score0.00478EPSS

Exploits1References2

Vulnrichment•added 2025/10/24 2:9 p.m.•1 views

CVE-2025-43995

Dell Storage Center - Dell Storage Manager, versions 20.1.21, contains an Improper Authentication vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Protection mechanism bypass. Authentication Bypass in DSM Data Collector. An...

9.8CVSS6.6AI score0.00156EPSS

Exploits0References1

EUVD•added 2025/10/24 2:9 p.m.•1 views

EUVD-2025-35853

9.8CVSS6.5AI score0.00156EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•1 views

EUVD-2022-52133

Malicious code in bioql PyPI...

9.8CVSS9.1AI score0.00598EPSS

Exploits1References1

Github Security Blog•added 2024/02/21 12:10 a.m.•46 views

MeshCentral cross-site websocket hijacking (CSWSH) vulnerability

We have identified a cross-site websocket hijacking CSWSH vulnerability within the control.ashx endpoint of MeshCentral. This component is the primary mechanism used within MeshCentral to perform administrative actions on the server. To demonstrate the impact of the vulnerability we developed a...

8.8CVSS6.7AI score0.01394EPSS

Exploits1References4Affected Software1

OSV•added 2024/02/21 12:10 a.m.•18 views

GHSA-CP68-QRHR-G9H8 MeshCentral cross-site websocket hijacking (CSWSH) vulnerability

8.3CVSS8.6AI score0.01394EPSS

Exploits1References4

OSV•added 2023/01/11 9:15 p.m.•2 views

CVE-2022-4873

On Netcomm router models NF20MESH, NF20, and NL1902 a stack based buffer overflow affects the sessionKey parameter. By providing a specific number of bytes, the instruction pointer is able to be overwritten on the stack and crashes the application at a known location...

9.8CVSS6AI score

Exploits0References2

Prion•added 2023/01/11 9:15 p.m.•16 views

Stack overflow

7.5CVSS9.6AI score0.00598EPSS

Exploits1References1Affected Software3

Cvelist•added 2023/01/11 8:39 p.m.•21 views

CVE-2022-4873 Stack based overflow on Netcomm router models NF20MESH, NF20, and NL1902

9.9AI score0.00598EPSS

Exploits1References1

Vulnrichment•added 2023/01/11 8:39 p.m.•4 views

CVE-2022-4873 Stack based overflow on Netcomm router models NF20MESH, NF20, and NL1902

9.7AI score0.00598EPSS

Exploits1References1

CVE•added 2023/01/11 8:39 p.m.•191 views

CVE-2022-4873

CVE-2022-4873 is a stack-based buffer overflow in the Netcomm NF20MESH, NF20, and NL1902 sessionKey handling that can overwrite the instruction pointer and crash the app. Related CVE-2022-4874 is an authentication bypass; together these flaws enable remote code execution when exploited in affecte...

9.8CVSS9.8AI score0.00598EPSS

In wildExploits1References2Affected Software1

ATTACKERKB•added 2023/01/11 12:0 a.m.•39 views

CVE-2022-4873

9.8CVSS4.5AI score0.00598EPSS

In wildExploits1References2

CNNVD•added 2023/01/11 12:0 a.m.•1 views

Netcomm路由器缓冲区错误漏洞

The Netcomm NF20 and Netcomm NF20MESH are both routers from Netcomm Australia. The Netcomm routers have a security vulnerability that stems from its sessionKey parameter that allows an attacker to achieve a stack-based buffer overflow and crash an application at a known location by supplying a...

9.8CVSS9.1AI score0.00598EPSS

Exploits1References2

Positive Technologies•added 2022/11/11 12:0 a.m.•2 views

PT-2022-6233 · Netcomm · Netcomm Nf20Mesh +2

Name of the Vulnerable Software and Affected Versions: Netcomm NF20MESH versions Netcomm NF20 versions Netcomm NL1902 versions Description: A stack-based buffer overflow issue affects the sessionKey parameter, allowing a remote attacker to potentially execute arbitrary code by providing a specifi...

9.8CVSS8.3AI score0.00842EPSS

Exploits2References9

NVD•added 2021/01/26 6:16 p.m.•9 views

CVE-2021-3304

Sagemcom F@ST 3686 v2 3.495 devices have a buffer overflow via a long sessionKey to the goform/login URI...

9.8CVSS9.7AI score0.00512EPSS

Exploits1References1

OSV•added 2021/01/26 6:16 p.m.•1 views

CVE-2021-3304

Sagemcom F@ST 3686 v2 3.495 devices have a buffer overflow via a long sessionKey to the goform/login URI...

9.8CVSS6.1AI score

Exploits0References1

Prion•added 2021/01/26 6:16 p.m.•16 views

Buffer overflow

Sagemcom F@ST 3686 v2 3.495 devices have a buffer overflow via a long sessionKey to the goform/login URI...

7.5CVSS9.6AI score0.00512EPSS

Exploits1References1Affected Software1

Cvelist•added 2021/01/26 6:5 a.m.•15 views

CVE-2021-3304

Sagemcom F@ST 3686 v2 3.495 devices have a buffer overflow via a long sessionKey to the goform/login URI...

9.9AI score0.00512EPSS

Exploits1References1

CVE•added 2021/01/26 6:5 a.m.•50 views

CVE-2021-3304

CVE-2021-3304 affects Sagemcom F@ST 3686 v2 with firmware 3.495; a buffer overflow is triggered by a long sessionKey to the /goform/login URI. Connected documents confirm the affected product and input vector, but do not provide exploitation details or remediation steps in the supplied material.

9.8CVSS9.6AI score0.00512EPSS

Exploits1References1Affected Software1

Cvelist•added 2017/10/17 4:0 p.m.•11 views

CVE-2014-8357

backupsettings.html in the web administrative portal in Zhone zNID GPON 2426A before S3.0.501 places a session key in a URL, which allows remote attackers to obtain arbitrary user passwords via the sessionKey parameter in a getConfig action to backupsettings.conf...

8.7AI score0.18268EPSS

Exploits4References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by