Lucene search
K

74117 matches found

RedhatCVE
RedhatCVE
added 2026/04/07 11:1 p.m.4 views

CVE-2026-5684

A vulnerability was determined in Tenda CX12L 16.03.53.12. Affected by this issue is the function fromwebExcptypemanFilter of the file /goform/webExcptypemanFilter. Executing a manipulation of the argument page can lead to stack-based buffer overflow. The attack requires access to the local...

8.6CVSS7.7AI score0.00618EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/04/07 11:1 p.m.5 views

CVE-2026-5685

A vulnerability was identified in Tenda CX12L 16.03.53.12. This affects the function fromAddressNat of the file /goform/addressNat. The manipulation of the argument page leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit is publicly available and might be used...

9CVSS7.9AI score0.00694EPSS
Exploits1References1
EUVD
EUVD
added 2026/04/07 9:32 p.m.6 views

EUVD-2025-209282

An improper access control vulnerability exists in Semtech LoRa LR11xxx transceivers running early versions of firmware where the memory write command accessible via the physical SPI interface fails to enforce write protection on the program call stack. An attacker with physical access to the SPI...

5.4CVSS6.2AI score0.00243EPSS
Exploits1References2
PyPA
PyPA
added 2026/04/07 8:16 p.m.9 views

PYSEC-2026-60

FastFeedParser is a high performance RSS, Atom and RDF parser. Prior to 0.5.10, when parse fetches a URL that returns an HTML page containing a tag, it recursively calls itself with the redirect URL — with no depth limit, no visited-URL deduplication, and no redirect count cap. An...

7.5CVSS5.8AI score0.00328EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2026/04/07 8:16 p.m.7 views

CVE-2025-14857

An improper access control vulnerability exists in Semtech LoRa LR11xxx transceivers running early versions of firmware where the memory write command accessible via the physical SPI interface fails to enforce write protection on the program call stack. An attacker with physical access to the SPI...

5.4CVSS0.00243EPSS
Exploits1References1
IBM Security Bulletins
IBM Security Bulletins
added 2026/04/07 8:13 p.m.10 views

Security Bulletin: Multiple Security vulnerabilities affecting IBM Knowledge Catalog Premium Cartridge

Summary Multiple security vulnerabilities impacting IBM Knowledge Catalog Premium Cartridge. These vulnerabilities had been addressed and customers should update to the recommended version of the product at the earliest opportunity. Vulnerability Details CVEID:CVE-2025-4565 DESCRIPTION: Any proje...

9.4CVSS7.4AI score0.01735EPSS
Exploits8Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/07 7:56 p.m.1 views

CVE-2025-14857

An improper access control vulnerability exists in Semtech LoRa LR11xxx transceivers running early versions of firmware where the memory write command accessible via the physical SPI interface fails to enforce write protection on the program call stack. An attacker with physical access to the SPI...

5.4CVSS6.2AI score0.00243EPSS
Exploits1References2
CVE
CVE
added 2026/04/07 7:56 p.m.11 views

CVE-2025-14857

CVE-2025-14857 affects Semtech LoRa LR11xxx transceivers on early firmware versions. The flaw is an improper access control: memory write via the physical SPI interface does not enforce write protection on the program call stack, enabling overwriting of stack memory and limited arbitrary code exe...

5.4CVSS6.2AI score0.00243EPSS
Exploits1References1
Cvelist
Cvelist
added 2026/04/07 7:56 p.m.18 views

CVE-2025-14857 Semtech LR11xx Memory Write Access Control Bypass

An improper access control vulnerability exists in Semtech LoRa LR11xxx transceivers running early versions of firmware where the memory write command accessible via the physical SPI interface fails to enforce write protection on the program call stack. An attacker with physical access to the SPI...

5.4CVSS0.00243EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/04/07 5:3 p.m.14 views

CVE-2026-34992

Antrea is a Kubernetes networking solution intended to be Kubernetes native. Prior to 2.4.5 and 2.5.2, a missing encryption vulnerability affects inter-Node Pod traffic. In Antrea clusters configured for dual-stack networking with IPsec encryption enabled trafficEncryptionMode: ipsec, Antrea fail...

7.5CVSS5.9AI score0.00121EPSS
Exploits0References1
OSV
OSV
added 2026/04/07 2:35 p.m.3 views

SUSE-SU-2026:0910-1 Security update for vim

This update for vim fixes the following issues: Update Vim to version 9.2.0110: - CVE-2025-53906: Fixed that malicious zip archive may cause a path traversal in Vim's zip bsc1246602. - CVE-2026-26269: Fixed Netbeans specialKeys stack buffer overflow bsc1258229. - CVE-2026-28417: Fixed that a...

7.8CVSS7.2AI score0.01162EPSS
Exploits1References17
OSV
OSV
added 2026/04/07 2:33 p.m.4 views

OPENSUSE-SU-2026:20470-1 Security update for libtasn1

This update for libtasn1 fixes the following issues: - CVE-2025-13151: lack of validation of input data size leads to stack-based buffer overflow in asn1expendoctetstring bsc1256341...

7.5CVSS6.4AI score0.01109EPSS
Exploits0References2
SUSE Linux
SUSE Linux
added 2026/04/07 12:25 p.m.3 views

Security update for ImageMagick

This update for ImageMagick fixes the following issues: CVE-2026-28493: integer overflow in the SIXEL decoder leads to out-of-bounds write bsc1259446. CVE-2026-28494: missing bounds checks in the morphology kernel parsing functions can lead to a stack buffer overflow bsc1259447. CVE-2026-28686:...

8.8CVSS6.1AI score0.00475EPSS
Exploits0References80
OSV
OSV
added 2026/04/07 12:24 p.m.6 views

SUSE-SU-2026:1203-1 Security update for ImageMagick

This update for ImageMagick fixes the following issues: - CVE-2026-28493: integer overflow in the SIXEL decoder leads to out-of-bounds write bsc1259446. - CVE-2026-28494: missing bounds checks in the morphology kernel parsing functions can lead to a stack buffer overflow bsc1259447. -...

8.1CVSS6AI score0.00475EPSS
Exploits0References41
OSV
OSV
added 2026/04/07 12:24 p.m.3 views

SUSE-SU-2026:1202-1 Security update for ImageMagick

This update for ImageMagick fixes the following issues: - CVE-2026-24484: denial of service vulnerability via multi-layer nested MVG to SVG conversion bsc1258790. - CVE-2026-28493: integer overflow in the SIXEL decoder leads to out-of-bounds write bsc1259446. - CVE-2026-28494: missing bounds chec...

9.8CVSS6AI score0.00475EPSS
Exploits0References46
RedhatCVE
RedhatCVE
added 2026/04/07 5:12 a.m.3 views

CVE-2026-5614

A security flaw has been discovered in Belkin F9K1015 1.00.10. Impacted is the function formSetPassword of the file /goform/formSetPassword. The manipulation of the argument webpage results in stack-based buffer overflow. The attack may be launched remotely. The exploit has been released to the...

9CVSS7.7AI score0.00687EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/04/07 5:12 a.m.8 views

CVE-2026-5610

A vulnerability has been found in Belkin F9K1015 1.00.10. Affected by this issue is the function formWISP5G of the file /goform/formWISP5G. Such manipulation of the argument webpage leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed ...

9CVSS7.6AI score0.00687EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/04/07 5:12 a.m.7 views

CVE-2026-5609

A flaw has been found in Tenda i12 1.0.0.113862. Affected by this vulnerability is the function formwrlSSIDset of the file /goform/wifiSSIDset of the component Parameter Handler. This manipulation of the argument index/wlradio causes stack-based buffer overflow. It is possible to initiate the...

9CVSS7.7AI score0.00632EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/04/07 5:12 a.m.5 views

CVE-2026-5613

A vulnerability was identified in Belkin F9K1015 1.00.10. This issue affects the function formReboot of the file /goform/formReboot. The manipulation of the argument webpage leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit is publicly available and might be...

9CVSS7.8AI score0.00687EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/04/07 5:12 a.m.3 views

CVE-2025-54328

An issue was discovered in SMS in Samsung Mobile Processor, Wearable Processor, and Modem Exynos 980, 990, 850, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 1580, 2500, 9110, W920, W930, W1000, Modem 5123, Modem 5300, and Modem 5400. A Stack-based Buffer Overflow occurs while parsing SMS RP-DA...

10CVSS5.9AI score0.0052EPSS
Exploits1References1
Rows per page
Query Builder