Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

90 matches found

AstraLinux
AstraLinuxadded 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in imagemagick

A flaw was discovered in ImageMagick, specifically in the MagickCore/statistic.c file. An attacker who submits a crafted file processed by ImageMagick could trigger undefined behavior, resulting in values that are outside the range of the type unsigned long. This likely leads to a disruption in t...

7.8CVSS7AI score0.01183EPSS
Exploits1References2
AstraLinux
AstraLinuxadded 2026/06/19 11:10 a.m.4 views

Astra Linux – Vulnerability in imagemagick

A flaw was discovered in ImageMagick within MagickCore/statistic.c. An attacker who submits a crafted file processed by ImageMagick could induce undefined behavior, resulting in an excessively large value for the 64-bit type ssizet. This likely leads to a disruption in the application’s...

4.3CVSS6.5AI score0.01124EPSS
Exploits1References2
RedhatCVE
RedhatCVEadded 2026/06/01 10:3 p.m.10 views

CVE-2026-10161

A vulnerability was detected in TRENDnet TEW-432BRP 3.10B20. This affects the function formResetStatistic of the file /goform/formResetStatistic. Performing a manipulation of the argument statusstatistic results in stack-based buffer overflow. The attack may be initiated remotely. The exploit is...

9CVSS6.2AI score0.00472EPSS
Exploits0References1
NVD
NVDadded 2026/05/31 3:16 a.m.14 views

CVE-2026-10161

A vulnerability was detected in TRENDnet TEW-432BRP 3.10B20. This affects the function formResetStatistic of the file /goform/formResetStatistic. Performing a manipulation of the argument statusstatistic results in stack-based buffer overflow. The attack may be initiated remotely. The exploit is...

9CVSS0.00472EPSS
Exploits0References4
EUVD
EUVDadded 2026/05/31 1:45 a.m.12 views

EUVD-2026-33480

A vulnerability was detected in TRENDnet TEW-432BRP 3.10B20. This affects the function formResetStatistic of the file /goform/formResetStatistic. Performing a manipulation of the argument statusstatistic results in stack-based buffer overflow. The attack may be initiated remotely. The exploit is...

9CVSS7.9AI score0.00472EPSS
Exploits0References4
ATTACKERKB
ATTACKERKBadded 2026/05/31 1:45 a.m.7 views

CVE-2026-10161

A vulnerability was detected in TRENDnet TEW-432BRP 3.10B20. This affects the function formResetStatistic of the file /goform/formResetStatistic. Performing a manipulation of the argument statusstatistic results in stack-based buffer overflow. The attack may be initiated remotely. The exploit is...

9CVSS7.9AI score0.00472EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichmentadded 2026/05/31 1:45 a.m.8 views

CVE-2026-10161 TRENDnet TEW-432BRP formResetStatistic stack-based overflow

A vulnerability was detected in TRENDnet TEW-432BRP 3.10B20. This affects the function formResetStatistic of the file /goform/formResetStatistic. Performing a manipulation of the argument statusstatistic results in stack-based buffer overflow. The attack may be initiated remotely. The exploit is...

9CVSS6.2AI score0.00472EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2026/05/31 12:0 a.m.11 views

PT-2026-45165

A vulnerability was detected in TRENDnet TEW-432BRP 3.10B20. This affects the function formResetStatistic of the file /goform/formResetStatistic. Performing a manipulation of the argument status statistic results in stack-based buffer overflow. The attack may be initiated remotely. The exploit is...

9CVSS7.9AI score0.00472EPSS
Exploits0References5
Tenable Nessus
Tenable Nessusadded 2026/05/11 12:0 a.m.6 views

Unity Linux 20.1060e / 20.1070e Security Update: ImageMagick (UTSA-2026-017577)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017577 advisory. A flaw was found in ImageMagick in MagickCore/statistic.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior i...

4.3CVSS6.7AI score0.01124EPSS
Exploits1References4
EUVD
EUVDadded 2026/03/27 3:30 p.m.3 views

EUVD-2026-16654

A vulnerability was found in Shenzhen Ruiming Technology Streamax Crocus 1.3.44. This impacts an unknown function of the file /OperateStatistic.do. The manipulation of the argument VehicleID results in sql injection. The attack can be launched remotely. The exploit has been made public and could ...

7.5CVSS6.8AI score0.00254EPSS
Exploits0References6
CVE
CVEadded 2026/03/27 2:51 p.m.9 views

CVE-2026-4955

The CVE-2026-4955 entry concerns Shenzhen Ruiming Technology Streamax Crocus 1.3.44. Affected component is the server-side function handling /OperateStatistic.do; crafting or manipulating the VehicleID parameter yields a SQL injection. Attacks are remotely executable, and the exploit has been mad...

7.5CVSS6.8AI score0.00254EPSS
Exploits0References5
Positive Technologies
Positive Technologiesadded 2026/03/27 12:0 a.m.5 views

PT-2026-28681

A vulnerability was found in Shenzhen Ruiming Technology Streamax Crocus 1.3.44. This impacts an unknown function of the file /OperateStatistic.do. The manipulation of the argument VehicleID results in sql injection. The attack can be launched remotely. The exploit has been made public and could ...

7.5CVSS5.7AI score0.00254EPSS
Exploits0References6
CNNVD
CNNVDadded 2026/03/27 12:0 a.m.5 views

Shenzhen Ruiming Streamax Crocus SQL注入漏洞

Shenzhen Ruiming Streamax Crocus is a vehicle monitoring device developed by Shenzhen Ruiming Corporation. Version 1.3.44 of Shenzhen Ruiming Streamax Crocus contains an SQL injection vulnerability. This vulnerability arises from improper handling of the VehicleID parameter in the...

7.5CVSS7.2AI score0.00254EPSS
Exploits0References5
OSV
OSVadded 2026/03/03 6:16 p.m.3 views

CVE-2021-35484

Nokia IMPACT through 19.11.2.10-20210118042150283 allows an authenticated user to perform a Time-based Boolean Blind SQL Injection attack on the endpoint /ui/rest-proxy/campaign/statistic for the View Campaign page via the sortColumn HTTP GET parameter. This allows an attacker to access sensitive...

8.2CVSS5.8AI score0.00235EPSS
Exploits0References3
NVD
NVDadded 2026/03/03 6:16 p.m.8 views

CVE-2021-35484

Nokia IMPACT through 19.11.2.10-20210118042150283 allows an authenticated user to perform a Time-based Boolean Blind SQL Injection attack on the endpoint /ui/rest-proxy/campaign/statistic for the View Campaign page via the sortColumn HTTP GET parameter. This allows an attacker to access sensitive...

8.2CVSS0.00235EPSS
Exploits0References3
Vulnrichment
Vulnrichmentadded 2026/03/03 12:0 a.m.5 views

CVE-2021-35484

Nokia IMPACT through 19.11.2.10-20210118042150283 allows an authenticated user to perform a Time-based Boolean Blind SQL Injection attack on the endpoint /ui/rest-proxy/campaign/statistic for the View Campaign page via the sortColumn HTTP GET parameter. This allows an attacker to access sensitive...

6AI score0.00235EPSS
Exploits0References3
ATTACKERKB
ATTACKERKBadded 2026/03/03 12:0 a.m.5 views

CVE-2021-35484

Nokia IMPACT through 19.11.2.10-20210118042150283 allows an authenticated user to perform a Time-based Boolean Blind SQL Injection attack on the endpoint /ui/rest-proxy/campaign/statistic for the View Campaign page via the sortColumn HTTP GET parameter. This allows an attacker to access sensitive...

8.2CVSS6AI score0.00235EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2026/03/03 12:0 a.m.7 views

PT-2026-22759

Nokia IMPACT through 19.11.2.10-20210118042150283 allows an authenticated user to perform a Time-based Boolean Blind SQL Injection attack on the endpoint /ui/rest-proxy/campaign/statistic for the View Campaign page via the sortColumn HTTP GET parameter. This allows an attacker to access sensitive...

6AI score0.00235EPSS
Exploits0References4
CNNVD
CNNVDadded 2025/11/26 12:0 a.m.5 views

Apache Hive SQL注入漏洞

Apache Hive is a set of data warehouse software based on Hadoop Distributed Systems Infrastructure from the Apache Apache Foundation in the United States. The software provides a data integration approach and a high-level query language to support large-scale data analysis on Hadoop. Apache Hive...

5.4CVSS7.6AI score0.00343EPSS
Exploits0References2
CVE
CVEadded 2025/11/13 12:0 a.m.9 views

CVE-2025-60685

CVE-2025-60685 affects Totolink A720R router firmware V4.1.5cu.614_B20230630 in the sysconf binary (sub_401EE0). The function reads /proc/stat using fgets() into a local buffer and then parses the line with sscanf() into a single-byte variable using %s, which can overflow the stack memory. This c...

5.1CVSS7.6AI score0.00205EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder