3866 matches found
PT-2026-35668
The Check & Log Email WordPress plugin before 2.0.13 does not properly handle email replacement, which could allow unauthenticated users to perform Stored XSS attacks when the email encoder setting is enabled...
CVE-2026-6999
A flaw has been found in BIVOCOM TR321 21.1.1.50. Affected by this vulnerability is an unknown functionality of the component Wireless Setting. This manipulation of the argument Network Name SSID causes cross site scripting. The attack is possible to be carried out remotely. The exploit has been...
CVE-2026-7080 Tenda F456 httpd PPTPUserSetting fromPPTPUserSetting buffer overflow
A security vulnerability has been detected in Tenda F456 1.0.0.5. This impacts the function fromPPTPUserSetting of the file /goform/PPTPUserSetting of the component httpd. Such manipulation of the argument delno leads to buffer overflow. The attack may be launched remotely. The exploit has been...
CVE-2026-7080 Tenda F456 httpd PPTPUserSetting fromPPTPUserSetting buffer overflow
A security vulnerability has been detected in Tenda F456 1.0.0.5. This impacts the function fromPPTPUserSetting of the file /goform/PPTPUserSetting of the component httpd. Such manipulation of the argument delno leads to buffer overflow. The attack may be launched remotely. The exploit has been...
CVE-2026-7080
A security vulnerability has been detected in Tenda F456 1.0.0.5. This impacts the function fromPPTPUserSetting of the file /goform/PPTPUserSetting of the component httpd. Such manipulation of the argument delno leads to buffer overflow. The attack may be launched remotely. The exploit has been...
CVE-2026-7080
This CVE affects Tenda F456 devices running version 1.0.0.5, where the httpd component’s file /goform/PPTPUserSetting contains the function fromPPTPUserSetting. The vulnerability arises from manipulation of the delno argument, leading to a buffer overflow. The issue is exploitable remotely and ha...
EUVD-2026-25763
A security vulnerability has been detected in Tenda F456 1.0.0.5. This impacts the function fromPPTPUserSetting of the file /goform/PPTPUserSetting of the component httpd. Such manipulation of the argument delno leads to buffer overflow. The attack may be launched remotely. The exploit has been...
PT-2026-35343
A security vulnerability has been detected in Tenda F456 1.0.0.5. This impacts the function fromPPTPUserSetting of the file /goform/PPTPUserSetting of the component httpd. Such manipulation of the argument delno leads to buffer overflow. The attack may be launched remotely. The exploit has been...
Tenda F456 缓冲区错误漏洞
The Tenda F456 is a wireless router produced by the Chinese company Tenda. Version 1.0.0.5 of the Tenda F456 contains a buffer overflow vulnerability. This vulnerability stems from improper handling of the parameter delno in the fromPPTPUserSetting function within the httpd component’s...
Linux Distros Unpatched Vulnerability : CVE-2026-42038
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Axios is a promise based HTTP client for the browser and Node.js. Prior to 1.15.1 and 0.31.1, he fix for noproxy hostname normalization bypass is incomplete. Wh...
CVE-2026-6999
A flaw has been found in BIVOCOM TR321 21.1.1.50. Affected by this vulnerability is an unknown functionality of the component Wireless Setting. This manipulation of the argument Network Name SSID causes cross site scripting. The attack is possible to be carried out remotely. The exploit has been...
CVE-2026-6999
The CVE-2026-6999 entry concerns BIVOCOM TR321 firmware 21.1.1.50. Affected is an unknown functionality in the Wireless Setting component where manipulating the Network Name SSID triggers cross-site scripting. The vulnerability is exploitable remotely, and an exploit has been published. There is ...
CVE-2026-6999 BIVOCOM TR321 Wireless Setting cross site scripting
A flaw has been found in BIVOCOM TR321 21.1.1.50. Affected by this vulnerability is an unknown functionality of the component Wireless Setting. This manipulation of the argument Network Name SSID causes cross site scripting. The attack is possible to be carried out remotely. The exploit has been...
CVE-2026-6999
A flaw has been found in BIVOCOM TR321 21.1.1.50. Affected by this vulnerability is an unknown functionality of the component Wireless Setting. This manipulation of the argument Network Name SSID causes cross site scripting. The attack is possible to be carried out remotely. The exploit has been...
EUVD-2026-25673
A flaw has been found in BIVOCOM TR321 21.1.1.50. Affected by this vulnerability is an unknown functionality of the component Wireless Setting. This manipulation of the argument Network Name SSID causes cross site scripting. The attack is possible to be carried out remotely. The exploit has been...
CVE-2026-6999 BIVOCOM TR321 Wireless Setting cross site scripting
A flaw has been found in BIVOCOM TR321 21.1.1.50. Affected by this vulnerability is an unknown functionality of the component Wireless Setting. This manipulation of the argument Network Name SSID causes cross site scripting. The attack is possible to be carried out remotely. The exploit has been...
Bivocom TR321 跨站脚本漏洞
Bivocom TR321 is a wireless communication terminal device developed by Bivocom Corporation in China, designed for industrial IoT scenarios. Version 21.1.1.50 of Bivocom TR321 contains a cross-site scripting vulnerability. This vulnerability stems from operations involving the Network Name SSID...
PT-2026-35174
Name of the Vulnerable Software and Affected Versions BIVOCOM TR321 version 21.1.1.50 Description A flaw in the Wireless Setting component allows for remote cross-site scripting XSS, which is a technique where malicious scripts are injected into trusted websites. This occurs through the...
Linux kernel 安全漏洞
The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from improper state checking in the rxrpc service challenge phase. This vulnerability may lead to...
GHSA-H829-5CG7-6HFF gitverify has improper tag signature verification
gitverify is still a prototype. Impact The bug is related to requireSignedTags which is on by default: an unsigned annotated tag would pass the verification. The commit pointed to by the tag would still have to be signed by a maintainer or a contributor. Patches Since the initial commit, fixed in...