Lucene search
K

3449 matches found

EUVD
EUVD
added 2026/07/03 7:30 p.m.8 views

EUVD-2026-41563

A security flaw has been discovered in RT-Thread up to 5.0.2. Affected by this issue is the function CANReceive in the library bsp/synwit/libraries/SWM341CSL/CMSIS/DeviceSupport/SWM341.h of the component SWM341 CAN Handler. Performing a manipulation results in stack-based buffer overflow. The...

8.5CVSS7.2AI score0.00141EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2026/07/03 12:0 a.m.10 views

PT-2026-55579

Name of the Vulnerable Software and Affected Versions RT-Thread versions prior to 5.0.3 Description A stack-based buffer overflow exists in the recvmsg function within the bsp/loongson/ls1cdev/libraries/ls1c can.h library of the ls1c CAN Handler component. This issue requires local access to be...

8.5CVSS7.4AI score0.00141EPSS
Exploits0References12
CVE
CVE
added 2026/07/01 5:15 p.m.20 views

CVE-2026-49090

CVE-2026-49090 affects Elasticsearch and is caused by Uncontrolled Resource Consumption (CWE-400) via the bulk API, where an authenticated user can submit specially crafted bulk requests that trigger sustained high CPU and can render a node unresponsive. The issue is publicly discussed in Elastic...

6.5CVSS5.8AI score0.00251EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/06/30 9:9 p.m.35 views

CVE-2026-35505 OFFIS DCMTK Toolkit Missing Release of Memory after Effective Lifetime

An unauthenticated remote attacker can repeatedly send crafted connection requests to leak memory. In single-process deployments the memory grows until the service is killed and the port stops responding until restart...

8.7CVSS0.00379EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/30 12:0 a.m.10 views

PT-2026-53991

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description An unauthenticated remote attacker can repeatedly send crafted connection requests to cause a memory leak. In single-process deployments, the memory consumption...

8.7CVSS6AI score0.00379EPSS
Exploits0References6
CVE
CVE
added 2026/06/29 3:30 p.m.11 views

CVE-2026-13582

The CVE concerns the Edimax EW-7478APC (firmware 1.04) where the POST request handler’s /goform/formUSBAccount function manipulates the UserName/Password arguments, causing a buffer overflow. This vulnerability enables remote execution with network access and was reported as exploitable in the wi...

9CVSS7.7AI score0.00455EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/29 3:15 p.m.6 views

EUVD-2026-40125

A vulnerability was detected in Edimax EW-7478APC 1.04. This vulnerability affects the function formStaDrvSetup of the file /goform/formStaDrvSetup of the component POST Request Handler. The manipulation of the argument rootAPmac results in os command injection. The attack can be executed remotel...

6.5CVSS6.4AI score0.01158EPSS
Exploits0References5
NVD
NVD
added 2026/06/29 12:16 p.m.8 views

CVE-2026-13561

A vulnerability was detected in Edimax EW-7478APC 1.04. The impacted element is the function formiNICbasic of the file /goform/formiNICbasic of the component POST Request Handler. The manipulation of the argument rootAPmac results in os command injection. The attack may be performed from remote...

6.5CVSS0.01158EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/06/29 11:45 a.m.6 views

CVE-2026-13564

A vulnerability was found in Edimax EW-7478APC 1.04. Affected is the function formPPPoESetup of the file /goform/formPPPoESetup of the component POST Request Handler. Performing a manipulation of the argument pppUserName results in stack-based buffer overflow. The attack can be initiated remotely...

9CVSS7.9AI score0.00751EPSS
Exploits0References5Affected Software1
EUVD
EUVD
added 2026/06/29 11:30 a.m.7 views

EUVD-2026-40074

A vulnerability has been found in Edimax EW-7478APC 1.04. This impacts the function formL2TPSetup of the file /goform/formL2TPSetup of the component POST Request Handler. Such manipulation of the argument L2TPUserName leads to stack-based buffer overflow. It is possible to launch the attack...

9CVSS7.8AI score0.00445EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/29 11:15 a.m.7 views

EUVD-2026-40073

A flaw has been found in Edimax EW-7478APC 1.04. This affects the function formiNICSiteSurvey of the file /goform/formiNICSiteSurvey of the component POST Request Handler. This manipulation of the argument selSSID causes buffer overflow. It is possible to initiate the attack remotely. The exploit...

9CVSS7.5AI score0.00445EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/29 11:0 a.m.8 views

EUVD-2026-40072

A vulnerability was detected in Edimax EW-7478APC 1.04. The impacted element is the function formiNICbasic of the file /goform/formiNICbasic of the component POST Request Handler. The manipulation of the argument rootAPmac results in os command injection. The attack may be performed from remote...

6.5CVSS6.3AI score0.01158EPSS
Exploits0References5
NVD
NVD
added 2026/06/29 4:16 a.m.10 views

CVE-2026-13529

A vulnerability was determined in YzmCMS up to 7.5. This affects an unknown function of the file /application/install/index.php. Executing a manipulation of the argument siteurl can lead to sql injection. The attack can be executed remotely. A high complexity level is associated with this attack...

6.3CVSS0.00239EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/28 2:45 p.m.10 views

EUVD-2026-40000

A flaw has been found in antlr ANTLR4 up to 4.13.2. This affects the function ObjectInputStream.readObject of the file antlr4-maven-plugin/src/main/java/org/antlr/mojo/antlr4/GrammarDependencies.java of the component Maven Plugin. This manipulation causes time-of-check time-of-use. The attack is...

4.5CVSS5.2AI score0.00091EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/06/28 12:0 a.m.12 views

PT-2026-53111

Name of the Vulnerable Software and Affected Versions ANTLR4 versions prior to 4.13.3 Description An issue exists in the Grammar Action Block Handler component within the file tool/src/org/antlr/v4/codegen/model/OutputFile.java. A remote attacker can perform a manipulation that leads to code...

7.5CVSS7.5AI score0.00311EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2026/06/26 9:30 a.m.6 views

CVE-2026-53197

A flaw was found in the iptfs module of the Linux kernel. This issue, an ABBA deadlock, occurs when iptfsdestroystate attempts to cancel a timer while holding a spinlock that the timer's callback also tries to acquire. This circular dependency can cause the system to become unresponsive, leading ...

5.5CVSS5.8AI score0.00097EPSS
Exploits0References4
EUVD
EUVD
added 2026/06/22 12:31 a.m.9 views

EUVD-2026-38198

A security vulnerability has been detected in Radware Cyber Controller up to 10.11.0. This affects an unknown part of the component HTML Report Generation. The manipulation leads to HTML injection. Remote exploitation of the attack is possible. The exploit has been disclosed publicly and may be...

5.1CVSS5.3AI score0.00195EPSS
Exploits0References5
EUVD
EUVD
added 2026/06/22 12:31 a.m.9 views

EUVD-2026-38200

A flaw has been found in Comfast CF-WR631AX V3 up to 2.7.0.8. This issue affects the function system of the file /cgi-bin/mbox-config?section=pingconfig of the component API Endpoint. This manipulation of the argument destination causes os command injection. The attack is possible to be carried o...

6.5CVSS6.1AI score0.01182EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/22 12:31 a.m.9 views

EUVD-2026-38196

A security flaw has been discovered in Edimax BR-6478AC V2 1.23. Affected by this vulnerability is the function mp of the file /goform/mp of the component POST Request Handler. Performing a manipulation of the argument command results in command injection. The attack may be initiated remotely. Th...

6.5CVSS6.4AI score0.01158EPSS
Exploits0References6
NVD
NVD
added 2026/06/22 12:16 a.m.10 views

CVE-2026-12822

A vulnerability was identified in langflow-ai langflow up to 1.9.3. This affects an unknown function of the component Bundle URL Loader. The manipulation leads to code injection. The attack needs to be performed locally. The vendor was contacted early about this disclosure but did not respond in...

7.8CVSS0.00188EPSS
Exploits1References5
Rows per page
Query Builder