Lucene search
K

647 matches found

EUVD
EUVD
added 3 days ago9 views

EUVD-2026-43207

A flaw has been found in TRENDnet TEW-821DAP 1.11B03. The impacted element is the function sub43F2C4 of the file /goform/toolsnslookup of the component DNS Lookup Handler. This manipulation of the argument nslookuptarget/dnsserver causes os command injection. The attack can be initiated remotely...

6.5CVSS6.5AI score0.0105EPSS
Exploits0References5
NVD
NVD
added 3 days ago6 views

CVE-2026-15481

A security flaw has been discovered in Trendnet TEW-635BRM up to 1.00.03. This vulnerability affects the function ipoatest of the file /sbin/rc of the component IPoA WAN Connection Setup. Performing a manipulation of the argument ipoaipaddr results in command injection. The attack is possible to ...

9CVSS0.01514EPSS
Exploits0References5
CVE
CVE
added 3 days ago14 views

CVE-2026-15481

The CVE-2026-15481 affects Trendnet TEW-635BRM firmware up to 1.00.03, specifically the IPoA WAN Connection Setup component’s /sbin/rc function ipoa_test. A manipulation of the ipoa_ipaddr argument enables remote command injection, with network access as the attack vector and no user interaction ...

9CVSS6.7AI score0.01514EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 3 days ago10 views

PT-2026-57527

Name of the Vulnerable Software and Affected Versions TRENDnet TEW-821DAP version 1.12B01 Description A buffer overflow can be triggered remotely via the nslookup target argument in the sub 41EC14 function within the /goform/tools nslookup file of the ssi component. This issue affects products th...

9CVSS7.1AI score0.00463EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 6 days ago5 views

PT-2026-56936

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Milan Petrovic GD Rating System gd-rating-system allows Blind SQL Injection.This issue affects GD Rating System: from n/a through = 3.7...

8.5CVSS6.1AI score0.00253EPSS
Exploits0References3
CVE
CVE
added 2026/07/03 8:58 a.m.22 views

CVE-2026-4322

CVE-2026-4322 describes a Reflected XSS in Raera Destekz (Raera – Ankara Web Design and Digital Advertising Agency) due to improper neutralization of input during web page generation. Affected through 02062026; vendor reports product no longer supported. CVSSv3.1 base score 6.1 (Medium): AV:N/AC:...

6.1CVSS5.9AI score0.00149EPSS
Exploits0References1
NVD
NVD
added 2026/06/16 12:16 p.m.16 views

CVE-2026-8484

A heap buffer overflow vulnerability exists in the Jansi JNI "ioctl" wrapper due to a lack of size verification for the argument array before the system call. This can lead to heap corruption and application crashes DoS. All versions are believed to be vulnerable. This project is unmaintained at...

4.8CVSS0.0014EPSS
Exploits0References2
OSV
OSV
added 2026/06/16 12:16 p.m.5 views

DEBIAN-CVE-2026-8484

A heap buffer overflow vulnerability exists in the Jansi JNI "ioctl" wrapper due to a lack of size verification for the argument array before the system call. This can lead to heap corruption and application crashes DoS. All versions are believed to be vulnerable. This project is unmaintained at...

4.8CVSS5.7AI score0.0014EPSS
Exploits0References1
OSV
OSV
added 2026/06/16 10:32 a.m.3 views

CVE-2026-8484 Heap buffer overflow in Jansi

A heap buffer overflow vulnerability exists in the Jansi JNI "ioctl" wrapper due to a lack of size verification for the argument array before the system call. This can lead to heap corruption and application crashes DoS. All versions are believed to be vulnerable. This project is unmaintained at...

4.8CVSS6.2AI score0.0014EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/16 10:32 a.m.32 views

CVE-2026-8484 Heap buffer overflow in Jansi

A heap buffer overflow vulnerability exists in the Jansi JNI "ioctl" wrapper due to a lack of size verification for the argument array before the system call. This can lead to heap corruption and application crashes DoS. All versions are believed to be vulnerable. This project is unmaintained at...

4.8CVSS0.0014EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/16 10:32 a.m.10 views

EUVD-2026-37064

A heap buffer overflow vulnerability exists in the Jansi JNI "ioctl" wrapper due to a lack of size verification for the argument array before the system call. This can lead to heap corruption and application crashes DoS. All versions are believed to be vulnerable. This project is unmaintained at...

4.8CVSS5.6AI score0.0014EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2026/06/16 10:32 a.m.9 views

CVE-2026-8484

A heap buffer overflow vulnerability exists in the Jansi JNI "ioctl" wrapper due to a lack of size verification for the argument array before the system call. This can lead to heap corruption and application crashes DoS. All versions are believed to be vulnerable. This project is unmaintained at...

4.8CVSS5.6AI score0.0014EPSS
Exploits0
CVE
CVE
added 2026/06/16 10:32 a.m.38 views

CVE-2026-8484

The CVE-2026-8484 entry describes a heap buffer overflow in the Jansi JNI"ioctl()" wrapper caused by missing size verification of the argument array before the system call. Affected software is Jansi (JNI wrapper) and, per sources, all versions are believed vulnerable. Consequences stated are hea...

4.8CVSS5.7AI score0.0014EPSS
Exploits0References2
NVD
NVD
added 2026/06/15 12:16 p.m.21 views

CVE-2026-5482

Responsive FileManager's allows an unauthenticated attacker to upload files of any type and extension without restriction using dialog.php endpoint, leading to Remote Code Execution. This project is unmaintained at the time of CVE assignment. The vulnerability was found in the latest release 9.14...

9.3CVSS0.00445EPSS
Exploits0References2
OSV
OSV
added 2026/06/15 11:44 a.m.3 views

CVE-2026-5482 Remote Code Execution via Unrestricted File Upload in Responsive FileManager

Responsive FileManager's allows an unauthenticated attacker to upload files of any type and extension without restriction using dialog.php endpoint, leading to Remote Code Execution. This project is unmaintained at the time of CVE assignment. The vulnerability was found in the latest release 9.14...

9.3CVSS6AI score0.00445EPSS
Exploits0References4
CVE
CVE
added 2026/06/08 11:45 a.m.29 views

CVE-2026-11511

The CVE-2026-11511 affects Bolt CMS up to version 3.7.5, specifically a weakness in the file src/Storage/Field/Type/TextType.php within the HTML Attribute Handler. The issue enables remote HTML injection when an attacker manipulates the argument style. It is exploitable remotely and an exploit ha...

5.1CVSS5.3AI score0.00191EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.13 views

PT-2026-47278

Name of the Vulnerable Software and Affected Versions Bolt CMS versions prior to 3.7.6 Description An issue exists in the HTML Attribute Handler component within the file src/Storage/Field/Type/TextType.php. A remote attacker can perform HTML injection by manipulating the style argument. This...

5.1CVSS5.5AI score0.00191EPSS
Exploits0References6
RustSec
RustSec
added 2026/06/07 12:0 p.m.42 views

proc-macro-error2 is unmaintained

The author of proc-macro-error2 has confirmed that the crate is no longer maintained and recommends that users migrate away from it. proc-macro-error2 was originally created as a maintained fork of proc-macro-error see RUSTSEC-2024-0370. Both the original crate and this fork are now unmaintained...

5.5AI score
Exploits0
OSV
OSV
added 2026/06/07 12:0 p.m.78 views

RUSTSEC-2026-0173 proc-macro-error2 is unmaintained

The author of proc-macro-error2 has confirmed that the crate is no longer maintained and recommends that users migrate away from it. proc-macro-error2 was originally created as a maintained fork of proc-macro-error see RUSTSEC-2024-0370. Both the original crate and this fork are now unmaintained...

5.5AI score
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/05 7:49 p.m.11 views

CVE-2026-41873

UNSUPPORTED WHEN ASSIGNED Inconsistent Interpretation of HTTP Requests 'HTTP Request/Response Smuggling' vulnerability in Pony Mail leading to admin account takeover. This issue affects all versions of the Lua implementation of Pony Mail. There is a Python implementation under development under t...

9.8CVSS5.4AI score0.00444EPSS
Exploits0References1
Rows per page
Query Builder