Lucene search
K

3866 matches found

CVE
CVE
added 2026/02/25 7:2 a.m.16 views

CVE-2026-3168

CVE-2026-3168 affects Tenda F453 version 1.0.0.3. The flaw is in the httpd component’s fromNatStaticSetting function (file /goform/NatStaticSetting). Manipulating the argument page can cause a buffer overflow. The issue may be exploitable remotely and public exploits exist. CVSS-derived metrics i...

9CVSS6.1AI score0.03248EPSS
Exploits2References5Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/02/25 2:33 a.m.5 views

CVE-2026-27615

ADB Explorer is a fluent UI for ADB on Windows. In versions prior to Beta 0.9.26022, ADB-Explorer allows the ManualAdbPath settings variable, which determines the path of the ADB binary to be executed, to be set to a Universal Naming Convention UNC path in the application's settings file. This...

8.8CVSS5.8AI score0.00207EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2026/02/25 12:0 a.m.6 views

PT-2026-21883

Name of the Vulnerable Software and Affected Versions Tenda F453 version 1.0.0.3 Description A flaw exists in the Tenda F453 router’s httpd component. Specifically, the fromNatStaticSetting function, accessible via the /goform/NatStaticSetting API endpoint, is susceptible to a buffer overflow. Th...

9CVSS7.5AI score0.03248EPSS
Exploits2References14
CNNVD
CNNVD
added 2026/02/25 12:0 a.m.8 views

Tenda F453 安全漏洞

The Tenda F453 is a wireless router produced by the Chinese company Tenda. Version 1.0.0.3 of the Tenda F453 contains a security vulnerability. This vulnerability stems from the improper handling of the page parameter in the fromNatStaticSetting function within the httpd component or the...

9CVSS7.5AI score0.03248EPSS
Exploits2References5
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/02/24 2:18 p.m.10 views

Malicious code in modify-setting (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 48505e42b99b10152a5e8587fc88350de886a6ff02ca5b70ada3d90c9a7e980f The package modify-setting was found to contain malicious code. Source: ghsa-malware 3420a3d9050f94ba247ff8853e7a7f98ee33ca16a7beda959c53463992b65c24...

5.9AI score
Exploits0References1
Snyk
Snyk
added 2026/02/24 2:18 p.m.3 views

Malicious Package

Overview modify-setting is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package...

9.8CVSS5.6AI score
Exploits0References2
OSV
OSV
added 2026/02/24 2:18 p.m.5 views

MAL-2026-1010 Malicious code in modify-setting (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 48505e42b99b10152a5e8587fc88350de886a6ff02ca5b70ada3d90c9a7e980f The package modify-setting was found to contain malicious code. Source: ghsa-malware 3420a3d9050f94ba247ff8853e7a7f98ee33ca16a7beda959c53463992b65c24...

5.9AI score
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/24 1:44 a.m.6 views

CVE-2025-70043

An issue pertaining to CWE-295: Improper Certificate Validation was discovered in Ayms node-To master. The application disables TLS/SSL certificate validation by setting 'rejectUnauthorized': false in TLS socket options...

9.1CVSS5.3AI score0.00183EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/02/24 12:0 a.m.7 views

Zyxel VMG3625-T50B和Zyxel WX3100-T0 代码问题漏洞

Both Zyxel VMG3625-T50B and Zyxel WX3100-T0 are products of the Chinese company Zyxel. Zyxel VMG3625-T50B is a Wi-Fi device. Zyxel WX3100-T0 is a wireless bridge. There are code vulnerabilities in versions of Zyxel VMG3625-T50B 5.50ABPM.9.6C0 and earlier, as well as Zyxel WX3100-T0 5.50ABVL.4.8C0...

4.9CVSS5.9AI score0.01124EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/02/22 7:11 p.m.12 views

CVE-2026-2874

A flaw has been found in Tenda A21 1.0.0.0. Impacted is the function formfastsettingwifiset of the file /goform/fastsettingwifiset. Executing a manipulation of the argument ssid can lead to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been published a...

9CVSS8.7AI score0.00568EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/02/21 8:32 p.m.24 views

CVE-2026-2884 D-Link DWR-M960 WAN Interface Setting formWanConfigSetup sub_41914C stack-based overflow

A vulnerability was identified in D-Link DWR-M960 1.01.07. The affected element is the function sub41914C of the file /boafrm/formWanConfigSetup of the component WAN Interface Setting Handler. The manipulation of the argument submit-url leads to stack-based buffer overflow. The attack is possible...

9CVSS0.00728EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/02/21 8:32 p.m.4 views

CVE-2026-2884

A vulnerability was identified in D-Link DWR-M960 1.01.07. The affected element is the function sub41914C of the file /boafrm/formWanConfigSetup of the component WAN Interface Setting Handler. The manipulation of the argument submit-url leads to stack-based buffer overflow. The attack is possible...

9CVSS6.2AI score0.00728EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2026/02/21 6:15 p.m.4 views

CVE-2026-2874

A flaw has been found in Tenda A21 1.0.0.0. Impacted is the function formfastsettingwifiset of the file /goform/fastsettingwifiset. Executing a manipulation of the argument ssid can lead to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been published a...

8.8CVSS6.4AI score0.00568EPSS
Exploits1References5
NVD
NVD
added 2026/02/21 6:15 p.m.18 views

CVE-2026-2874

A flaw has been found in Tenda A21 1.0.0.0. Impacted is the function formfastsettingwifiset of the file /goform/fastsettingwifiset. Executing a manipulation of the argument ssid can lead to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been published a...

9CVSS0.00568EPSS
Exploits1References5
Vulnrichment
Vulnrichment
added 2026/02/21 5:32 p.m.5 views

CVE-2026-2874 Tenda A21 fast_setting_wifi_set form_fast_setting_wifi_set stack-based overflow

A flaw has been found in Tenda A21 1.0.0.0. Impacted is the function formfastsettingwifiset of the file /goform/fastsettingwifiset. Executing a manipulation of the argument ssid can lead to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been published a...

9CVSS6.1AI score0.00568EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/02/21 5:32 p.m.6 views

CVE-2026-2874

A flaw has been found in Tenda A21 1.0.0.0. Impacted is the function formfastsettingwifiset of the file /goform/fastsettingwifiset. Executing a manipulation of the argument ssid can lead to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been published a...

9CVSS6.3AI score0.00568EPSS
Exploits1References5Affected Software1
Cvelist
Cvelist
added 2026/02/21 5:32 p.m.16 views

CVE-2026-2874 Tenda A21 fast_setting_wifi_set form_fast_setting_wifi_set stack-based overflow

A flaw has been found in Tenda A21 1.0.0.0. Impacted is the function formfastsettingwifiset of the file /goform/fastsettingwifiset. Executing a manipulation of the argument ssid can lead to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been published a...

9CVSS0.00568EPSS
Exploits1References5
CVE
CVE
added 2026/02/21 7:24 a.m.14 views

CVE-2026-27469

Isso is a lightweight Python/JavaScript commenting server affected by a stored XSS in commits prior to 0afbfe0691ee237963e8fb0b2ee01c9e55ca2144. The vulnerability affects the website field and author comments because quotes were not properly escaped; the frontend inserts the website value into a ...

6.1CVSS5.7AI score0.00216EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/02/21 5:40 a.m.5 views

CVE-2026-26046 Moodle: moodle: improper input sanitization in tex filter administration setting

A vulnerability was found in a Moodle TeX filter administrative setting where insufficient sanitization of configuration input could allow command injection. On sites where the TeX filter is enabled and ImageMagick is installed, a maliciously crafted setting value entered by an administrator coul...

7.2CVSS5.5AI score0.02202EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/02/21 5:40 a.m.25 views

CVE-2026-26046 Moodle: moodle: improper input sanitization in tex filter administration setting

A vulnerability was found in a Moodle TeX filter administrative setting where insufficient sanitization of configuration input could allow command injection. On sites where the TeX filter is enabled and ImageMagick is installed, a maliciously crafted setting value entered by an administrator coul...

7.2CVSS0.02202EPSS
Exploits0References2
Rows per page
Query Builder