4642 matches found
CVE-2026-22103
The NPC start endpoint on the web server at port 8090 is vulnerable to command injection...
EUVD-2026-43314
A security flaw has been discovered in Shibby Tomato up to 1.28.0000. Affected by this issue is the function sub2D568 of the component startjffs2. Performing a manipulation of the argument jffs2exec results in os command injection. Remote exploitation of the attack is possible. The exploit has be...
CVE-2026-15546
A security flaw has been discovered in Shibby Tomato up to 1.28.0000. Affected by this issue is the function sub2D568 of the component startjffs2. Performing a manipulation of the argument jffs2exec results in os command injection. Remote exploitation of the attack is possible. The exploit has be...
CVE-2026-22103 Command injection in NPC start web endpoint
The NPC start endpoint on the web server at port 8090 is vulnerable to command injection...
CVE-2026-22103
CVE-2026-22103 : The NPC start endpoint on the web server listening at port 8090 is vulnerable to command injection. The public CVSS v4.0 metrics indicate a base score of 9.3 (CRITICAL) with network attack vector, low attack complexity, no privileges required, and no user interaction. Impacts are...
CVE-2026-15546
The CVE-2026-15546 entry describes a remote OS command injection in Shibby Tomato up to 1.28.0000. Affected component: start_jffs2, function sub_2D568. Exploitation involves manipulating the argument jffs2_exec; exploit is public and may be used for attacks. CVSS data indicate network access with...
CVE-2026-15480
A vulnerability was identified in Trendnet TEW-635BRM up to 1.00.03. This affects the function starthttpd of the file /sbin/rc of the component Web Service. Such manipulation of the argument devicename leads to stack-based buffer overflow. The attack can be executed remotely. The exploit is...
CVE-2026-47840
A network attacker positioned between UAA and its LDAP directory can impersonate the directory using any certificate from any trusted CA, then harvest the LDAP bind password and every end-user password sent during simple-bind authentication, and return forged group memberships that grant themselv...
EUVD-2026-42518
A network attacker positioned between UAA and its LDAP directory can impersonate the directory using any certificate from any trusted CA, then harvest the LDAP bind password and every end-user password sent during simple-bind authentication, and return forged group memberships that grant themselv...
CVE-2026-47840
A network attacker positioned between UAA and its LDAP directory can impersonate the directory using any certificate from any trusted CA, then harvest the LDAP bind password and every end-user password sent during simple-bind authentication, and return forged group memberships that grant themselv...
PT-2026-56709
Name of the Vulnerable Software and Affected Versions UAA versions prior to v78.13.0 Cf-deployment versions prior to v56.2.0 Description A network attacker positioned between UAA and its LDAP directory can impersonate the directory using any certificate from any trusted CA. This allows the attack...
EUVD-2026-42292
An OS command injection vulnerability exists in the startlltd function of the "rc" binary in Cisco RV130/RV130W with firmware 1.0.3.55 and RV110W routers with firmware 1.2.2.5 / 1.2.2.8. The machinename configuration parameter is not properly sanitized, which could allow an authenticated remote...
CVE-2026-24700
An OS command injection vulnerability exists in the startlltd function of the "rc" binary in Cisco RV130/RV130W with firmware 1.0.3.55 and RV110W routers with firmware 1.2.2.5 / 1.2.2.8. The machinename configuration parameter is not properly sanitized, which could allow an authenticated remote...
CVE-2026-24697
An OS command injection vulnerability exists in the startbonjour function of the "rc" binary in Cisco RV130/RV130W with firmware 1.0.3.55 and RV110W routers with firmware 1.2.2.5 / 1.2.2.8. The wanhostname configuration parameter is not properly sanitized, which could allow an authenticated remot...
CVE-2026-56775 n8n - Incorrect OAuth Scope Validation in Evaluation Test Runs Endpoints
n8n before 1.123.55, 2.25.7, and 2.26.2 contains an authorization vulnerability in three mutating evaluation test-run endpoints that authorize state-changing actions using the workflow:read scope instead of the action-appropriate workflow:execute scope. On instances using Advanced Permissions...
CVE-2026-56775
CVE-2026-56775 affects n8n prior to 1.123.55, 2.25.7, and 2.26.2. The issue is an authorization vulnerability in three mutating evaluation test-run endpoints that grant state-changing actions under the workflow:read scope instead of the action-appropriate workflow:execute scope. On systems using ...
CVE-2026-24697
Summary: CVE-2026-24697 is an OS command injection in the rc binary's start_bonjour() on Cisco RV130/RV130W (firmware 1.0.3.55) and RV110W (firmware 1.2.2.5 / 1.2.2.8). The issue stems from improper sanitization of the wan_hostname configuration parameter, potentially allowing an authenticated re...
CVE-2026-24700
An OS command injection vulnerability exists in the startlltd function of the "rc" binary in Cisco RV130/RV130W with firmware 1.0.3.55 and RV110W routers with firmware 1.2.2.5 / 1.2.2.8. The machinename configuration parameter is not properly sanitized, which could allow an authenticated remote...
CVE-2026-24697
An OS command injection vulnerability exists in the startbonjour function of the "rc" binary in Cisco RV130/RV130W with firmware 1.0.3.55 and RV110W routers with firmware 1.2.2.5 / 1.2.2.8. The wanhostname configuration parameter is not properly sanitized, which could allow an authenticated remot...
PYSEC-2026-2006 Defining resource name as integer may give unintended access in vantage6
Impact Malicious users may try to get access to resources they are not allowed to see, by creating resources with integers as names. One example where this is a risk, is when users define which users are allowed to run algorithms on their node. This may be defined by username or user id. Now, for...