Lucene search
+L

93 matches found

NVD
NVD
added 2026/07/10 5:16 p.m.7 views

CVE-2026-15376

A vulnerability was found in Eleveo Call Recording Software 9.7.0. Affected is an unknown function of the file /callrec/statisticReportAction.do. The manipulation results in improper authorization. The attack can be launched remotely. The exploit has been made public and could be used. The vendor...

6.5CVSS0.00256EPSS
Exploits0References5
EUVD
EUVD
added 2026/07/10 3:45 p.m.7 views

EUVD-2026-42934

A vulnerability was found in Eleveo Call Recording Software 9.7.0. Affected is an unknown function of the file /callrec/statisticReportAction.do. The manipulation results in improper authorization. The attack can be launched remotely. The exploit has been made public and could be used. The vendor...

6.5CVSS6.3AI score0.00256EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/07/10 3:45 p.m.9 views

CVE-2026-15376 Eleveo Call Recording Software statisticReportAction.do improper authorization

A vulnerability was found in Eleveo Call Recording Software 9.7.0. Affected is an unknown function of the file /callrec/statisticReportAction.do. The manipulation results in improper authorization. The attack can be launched remotely. The exploit has been made public and could be used. The vendor...

6.5CVSS6.3AI score0.00256EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/06/01 10:3 p.m.14 views

CVE-2026-10161

A vulnerability was detected in TRENDnet TEW-432BRP 3.10B20. This affects the function formResetStatistic of the file /goform/formResetStatistic. Performing a manipulation of the argument statusstatistic results in stack-based buffer overflow. The attack may be initiated remotely. The exploit is...

9CVSS6.2AI score0.00472EPSS
Exploits0References1
NVD
NVD
added 2026/05/31 3:16 a.m.17 views

CVE-2026-10161

A vulnerability was detected in TRENDnet TEW-432BRP 3.10B20. This affects the function formResetStatistic of the file /goform/formResetStatistic. Performing a manipulation of the argument statusstatistic results in stack-based buffer overflow. The attack may be initiated remotely. The exploit is...

9CVSS0.00472EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/31 1:45 a.m.15 views

EUVD-2026-33480

A vulnerability was detected in TRENDnet TEW-432BRP 3.10B20. This affects the function formResetStatistic of the file /goform/formResetStatistic. Performing a manipulation of the argument statusstatistic results in stack-based buffer overflow. The attack may be initiated remotely. The exploit is...

9CVSS7.9AI score0.00472EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2026/05/31 1:45 a.m.9 views

CVE-2026-10161

A vulnerability was detected in TRENDnet TEW-432BRP 3.10B20. This affects the function formResetStatistic of the file /goform/formResetStatistic. Performing a manipulation of the argument statusstatistic results in stack-based buffer overflow. The attack may be initiated remotely. The exploit is...

9CVSS7.9AI score0.00472EPSS
Exploits0References4Affected Software1
Vulnrichment
Vulnrichment
added 2026/05/31 1:45 a.m.10 views

CVE-2026-10161 TRENDnet TEW-432BRP formResetStatistic stack-based overflow

A vulnerability was detected in TRENDnet TEW-432BRP 3.10B20. This affects the function formResetStatistic of the file /goform/formResetStatistic. Performing a manipulation of the argument statusstatistic results in stack-based buffer overflow. The attack may be initiated remotely. The exploit is...

9CVSS6.2AI score0.00472EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/05/31 12:0 a.m.16 views

PT-2026-45165

A vulnerability was detected in TRENDnet TEW-432BRP 3.10B20. This affects the function formResetStatistic of the file /goform/formResetStatistic. Performing a manipulation of the argument status statistic results in stack-based buffer overflow. The attack may be initiated remotely. The exploit is...

9CVSS7.9AI score0.00472EPSS
Exploits0References5
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.5 views

Astra Linux – Vulnerability in imagemagick

A flaw was discovered in ImageMagick, specifically in the MagickCore/statistic.c file. An attacker who submits a crafted file processed by ImageMagick could trigger undefined behavior, resulting in values that are outside the range of the type unsigned long. This likely leads to a disruption in t...

7.8CVSS7AI score0.01183EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.4 views

Astra Linux – Vulnerability in imagemagick

A flaw was discovered in ImageMagick within MagickCore/statistic.c. An attacker who submits a crafted file processed by ImageMagick could induce undefined behavior, resulting in an excessively large value for the 64-bit type ssizet. This likely leads to a disruption in the application’s...

4.3CVSS6.5AI score0.01124EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/05/11 12:0 a.m.8 views

Unity Linux 20.1060e / 20.1070e Security Update: ImageMagick (UTSA-2026-017577)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-017577 advisory. A flaw was found in ImageMagick in MagickCore/statistic.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior i...

4.3CVSS6.7AI score0.01124EPSS
Exploits1References4
EUVD
EUVD
added 2026/03/27 3:30 p.m.5 views

EUVD-2026-16654

A vulnerability was found in Shenzhen Ruiming Technology Streamax Crocus 1.3.44. This impacts an unknown function of the file /OperateStatistic.do. The manipulation of the argument VehicleID results in sql injection. The attack can be launched remotely. The exploit has been made public and could ...

7.5CVSS6.8AI score0.00254EPSS
Exploits0References6
CVE
CVE
added 2026/03/27 2:51 p.m.14 views

CVE-2026-4955

The CVE-2026-4955 entry concerns Shenzhen Ruiming Technology Streamax Crocus 1.3.44. Affected component is the server-side function handling /OperateStatistic.do; crafting or manipulating the VehicleID parameter yields a SQL injection. Attacks are remotely executable, and the exploit has been mad...

7.5CVSS6.8AI score0.00254EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/03/27 12:0 a.m.8 views

Shenzhen Ruiming Streamax Crocus SQL注入漏洞

Shenzhen Ruiming Streamax Crocus is a vehicle monitoring device developed by Shenzhen Ruiming Corporation. Version 1.3.44 of Shenzhen Ruiming Streamax Crocus contains an SQL injection vulnerability. This vulnerability arises from improper handling of the VehicleID parameter in the...

7.5CVSS7.2AI score0.00254EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/03/27 12:0 a.m.11 views

PT-2026-28681

A vulnerability was found in Shenzhen Ruiming Technology Streamax Crocus 1.3.44. This impacts an unknown function of the file /OperateStatistic.do. The manipulation of the argument VehicleID results in sql injection. The attack can be launched remotely. The exploit has been made public and could ...

7.5CVSS5.7AI score0.00254EPSS
Exploits0References6
OSV
OSV
added 2026/03/03 6:16 p.m.5 views

CVE-2021-35484

Nokia IMPACT through 19.11.2.10-20210118042150283 allows an authenticated user to perform a Time-based Boolean Blind SQL Injection attack on the endpoint /ui/rest-proxy/campaign/statistic for the View Campaign page via the sortColumn HTTP GET parameter. This allows an attacker to access sensitive...

8.2CVSS5.8AI score0.00235EPSS
Exploits0References3
NVD
NVD
added 2026/03/03 6:16 p.m.11 views

CVE-2021-35484

Nokia IMPACT through 19.11.2.10-20210118042150283 allows an authenticated user to perform a Time-based Boolean Blind SQL Injection attack on the endpoint /ui/rest-proxy/campaign/statistic for the View Campaign page via the sortColumn HTTP GET parameter. This allows an attacker to access sensitive...

8.2CVSS0.00235EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/03/03 12:0 a.m.5 views

CVE-2021-35484

Nokia IMPACT through 19.11.2.10-20210118042150283 allows an authenticated user to perform a Time-based Boolean Blind SQL Injection attack on the endpoint /ui/rest-proxy/campaign/statistic for the View Campaign page via the sortColumn HTTP GET parameter. This allows an attacker to access sensitive...

6AI score0.00235EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/03/03 12:0 a.m.6 views

CVE-2021-35484

Nokia IMPACT through 19.11.2.10-20210118042150283 allows an authenticated user to perform a Time-based Boolean Blind SQL Injection attack on the endpoint /ui/rest-proxy/campaign/statistic for the View Campaign page via the sortColumn HTTP GET parameter. This allows an attacker to access sensitive...

8.2CVSS6AI score0.00235EPSS
Exploits0References4
Rows per page
Query Builder