Lucene search
K

4931 matches found

RedhatCVE
RedhatCVE
added 2026/05/07 8:21 p.m.11 views

CVE-2026-30815

An OS command injection vulnerability in the OpenVPN module of TP-Link Archer AX53 v1.0 allows an authenticated adjacent attacker to execute system commands when a specially crafted configuration file is processed due to insufficient input validation. Successful exploitation may allow modificatio...

8.5CVSS7.4AI score0.0116EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/05/07 8:21 p.m.10 views

CVE-2026-30817

An external configuration control vulnerability in the OpenVPN module of TP-Link AX53 v1.0 allows an authenticated adjacent attacker to read arbitrary files when a malicious configuration file is processed. Successful exploitation may allow unauthorized access to arbitrary files on the device,...

6.8CVSS5.9AI score0.00276EPSS
Exploits0References1
Talos
Talos
added 2026/05/07 12:0 a.m.14 views

Tp-Link Archer AX53 v1.0 configuration restore crt.sed vulnerability

Talos Vulnerability Report TALOS-2025-2304 Tp-Link Archer AX53 v1.0 configuration restore crt.sed vulnerability May 7, 2026 CVE Number CVE-2026-30816 SUMMARY An external config control vulnerability exists in the Openvpn configuration restore crt.sed functionality of Tp-Link Archer AX53 v1.0 1.3....

6.8CVSS6.1AI score0.00286EPSS
Exploits0
Talos
Talos
added 2026/05/07 12:0 a.m.10 views

Tp-Link Archer AX53 v1.0 Openvpn configuration restore client_disconnect OS command injection vulnerability

Talos Vulnerability Report TALOS-2025-2307 Tp-Link Archer AX53 v1.0 Openvpn configuration restore clientdisconnect OS command injection vulnerability May 7, 2026 CVE Number CVE-2026-30815 SUMMARY An os command injection vulnerability exists in the Openvpn configuration restore clientdisconnect...

8.5CVSS7.5AI score0.0116EPSS
Exploits0
Talos
Talos
added 2026/05/07 12:0 a.m.10 views

Tp-Link AX53 v1.0 tmpServer opcode 0x436 stack-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2025-2302 Tp-Link AX53 v1.0 tmpServer opcode 0x436 stack-based buffer overflow vulnerability May 7, 2026 CVE Number CVE-2026-30814 SUMMARY A stack-based buffer overflow vulnerability exists in the tmpServer opcode 0x436 functionality of Tp-Link AX53 v1.0 1.3.1 Bui...

8CVSS6.4AI score0.00418EPSS
Exploits0
Talos
Talos
added 2026/05/07 12:0 a.m.13 views

Tp-Link Archer AX53 v1.0 dnsmasq configuration restore dhcpscript OS command injection vulnerability

Talos Vulnerability Report TALOS-2025-2306 Tp-Link Archer AX53 v1.0 dnsmasq configuration restore dhcpscript OS command injection vulnerability May 7, 2026 CVE Number CVE-2026-30818 SUMMARY An os command injection vulnerability exists in the dnsmasq configuration restore dhcpscript functionality ...

8.5CVSS6.6AI score0.01232EPSS
Exploits0
Talos
Talos
added 2026/05/07 12:0 a.m.19 views

Tp-Link Archer AX53 v1.0 dnsmasq configuration restore TFTP server enable vulnerability

Talos Vulnerability Report TALOS-2025-2305 Tp-Link Archer AX53 v1.0 dnsmasq configuration restore TFTP server enable vulnerability May 7, 2026 CVE Number CVE-2026-30817 SUMMARY An external config control vulnerability exists in the Openvpn configuration restore routeup functionality of Tp-Link...

6.8CVSS6AI score0.00276EPSS
Exploits0
NVD
NVD
added 2026/05/01 5:16 p.m.3 views

CVE-2026-37535

openxc/isotp-c thru commit 5a5d19245f65189202719321facd49ce6f5d46ac 2021-08-09 contains an out-of-bounds read in the ISO-TP Single Frame receive handler, where the 4-bit payload length nibble is used directly as the memcpy size without validating it against the actual CAN data length. A malicious...

7.1CVSS0.00205EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/05/01 12:0 a.m.8 views

PT-2026-36509

Name of the Vulnerable Software and Affected Versions openxc/isotp-c versions prior to commit 5a5d19245f65189202719321facd49ce6f5d46ac Description An out-of-bounds read exists in the ISO-TP Single Frame receive handler. The issue occurs because the 4-bit payload length nibble is used directly as...

7.1CVSS5.8AI score0.00205EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2026/05/01 12:0 a.m.2 views

CVE-2026-37535

openxc/isotp-c thru commit 5a5d19245f65189202719321facd49ce6f5d46ac 2021-08-09 contains an out-of-bounds read in the ISO-TP Single Frame receive handler, where the 4-bit payload length nibble is used directly as the memcpy size without validating it against the actual CAN data length. A malicious...

7.1CVSS5.8AI score0.00205EPSS
Exploits0References3
EUVD
EUVD
added 2026/05/01 12:0 a.m.5 views

EUVD-2026-26686

AGL agl-service-can-low-level thru 17.1.12 contains a heap buffer over-read in the isotp-c library. In isotpcontinuereceive receive.c:87-89, the payloadlength for a Single Frame is extracted from a 4-bit nibble in the CAN frame data, yielding values 0-15. However, a standard CAN frame is only 8...

7.1CVSS5.8AI score0.00232EPSS
Exploits0References2
CVE
CVE
added 2026/04/23 4:10 p.m.26 views

CVE-2026-5039

CVE-2026-5039 affects TP-Link TL-WR841N v13. The issue stems from using DES-CBC encryption in the TDDPv2 debug protocol, with a cryptographic key derived from the device’s default web management credentials. This makes the key predictable when the device remains in its default configuration. A ne...

8.8CVSS5.7AI score0.0013EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/23 4:10 p.m.4 views

CVE-2026-5039

TP-Link TL-WR841N v13 uses DES-CBC encryption in the TDDPv2 debug protocol with a cryptographic key derived from default web management credentials, making the key predictable if device is left in default configuration. A network-adjacent attacker can exploit this weakness to gain unauthorized...

6.1CVSS5.7AI score0.0013EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2026/04/23 8:5 a.m.6 views

can: isotp: fix tx.buf use-after-free in isotp_sendmsg()

...

7.8CVSS5.2AI score0.00104EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2026/04/23 1:25 a.m.9 views

SUSE CVE-2026-31474

In the Linux kernel, the following vulnerability has been resolved: can: isotp: fix tx.buf use-after-free in isotpsendmsg isotpsendmsg uses only cmpxchg on so-tx.state to serialize access to so-tx.buf. isotprelease waits for ISOTPIDLE via waiteventinterruptible and then calls kfreeso-tx.buf. If a...

5.5CVSS5.6AI score0.00104EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/04/23 12:0 a.m.10 views

TP-Link TL-WR841N 安全漏洞

The TP-Link TL-WR841N is a router produced by the TP-Link company. The TP-Link TL-WR841N v13 version has a security vulnerability. This vulnerability stems from the use of DES-CBC encryption in the TDDPv2 debugging protocol, where the key is predictable. This could allow unauthorized attackers to...

8.8CVSS5.8AI score0.0013EPSS
Exploits0References2
OSV
OSV
added 2026/04/22 1:54 p.m.1 views

CVE-2026-31474 can: isotp: fix tx.buf use-after-free in isotp_sendmsg()

In the Linux kernel, the following vulnerability has been resolved: can: isotp: fix tx.buf use-after-free in isotpsendmsg isotpsendmsg uses only cmpxchg on so-tx.state to serialize access to so-tx.buf. isotprelease waits for ISOTPIDLE via waiteventinterruptible and then calls kfreeso-tx.buf. If a...

7.8CVSS6.5AI score0.00104EPSS
Exploits0References14
Vulnrichment
Vulnrichment
added 2026/04/22 7:45 a.m.5 views

CVE-2026-4128 TP Restore Categories And Taxonomies <= 1.0.1 - Missing Authorization to Authenticated (Subscriber+) Taxonomy Deletion via 'tpmcattt_delete_term' AJAX Action

The TP Restore Categories And Taxonomies plugin for WordPress is vulnerable to Missing Authorization in all versions up to, and including, 1.0.1. The deleteterm function, which handles the 'tpmcatttdeleteterm' AJAX action, does not perform any capability check e.g., currentusercan to verify the...

4.3CVSS5.8AI score0.00245EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.4 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013654)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013654 advisory. In the Linux kernel, the following vulnerability has been resolved: mips: bmips: BCM6358: disable RAC flush for TP1 RAC flush causes kernel panics on BCM6358 with...

5.7AI score0.00173EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/21 12:0 a.m.6 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-011115)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-011115 advisory. In the Linux kernel, the following vulnerability has been resolved: mips: bmips: BCM6358: disable RAC flush for TP1 RAC flush causes kernel panics on BCM6358 with...

5.9AI score0.00173EPSS
Exploits0References4
Rows per page
Query Builder