Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

81 matches found

Vulnrichment
Vulnrichmentadded 2026/05/02 5:29 a.m.4 views

CVE-2026-7049 PixelYourSite Pro <= 12.5.0.1 - Unauthenticated Blind Server-Side Request Forgery via 'urls[]' Parameter

The PixelYourSite Pro – Your smart PIXEL TAG Manager plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 12.5.0.1 via the scanvideo. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating fro...

7.2CVSS5.9AI score0.00392EPSS
Exploits0References10
Cvelist
Cvelistadded 2026/05/02 5:29 a.m.28 views

CVE-2026-7049 PixelYourSite Pro <= 12.5.0.1 - Unauthenticated Blind Server-Side Request Forgery via 'urls[]' Parameter

The PixelYourSite Pro – Your smart PIXEL TAG Manager plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 12.5.0.1 via the scanvideo. This makes it possible for unauthenticated attackers to make web requests to arbitrary locations originating fro...

7.2CVSS0.00392EPSS
Exploits0References10
CVE
CVEadded 2026/05/02 5:29 a.m.22 views

CVE-2026-7049

CVE-2026-7049 concerns the PixelYourSite Pro – Your smart PIXEL (TAG) Manager plugin for WordPress. All versions up to and including 12.5.0.1 are affected by a Server-Side Request Forgery via the scan_video parameter. The vulnerability allows unauthenticated attackers to cause the web application...

7.2CVSS5.9AI score0.00392EPSS
Exploits0References10
RedhatCVE
RedhatCVEadded 2026/01/09 12:34 p.m.4 views

CVE-2023-45482

Tenda AC10 version USAC10V4.0siV16.03.10.13cn was discovered to contain a stack overflow via the urls parameter in the function getparentControllistInfo...

9.8CVSS7.9AI score0.00976EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2026/01/09 11:24 a.m.8 views

CVE-2021-31624

Buffer Overflow vulnerability in Tenda AC9 V1.0 through V15.03.05.196318, and AC9 V3.0 V15.03.06.42multi, allows attackers to execute arbitrary code via the urls parameter...

8.8CVSS7.9AI score0.01231EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2025/11/21 12:18 a.m.11 views

CVE-2025-65223

Tenda AC21 V16.03.08.16 is vulnerable to Buffer Overflow via the urls parameter of /goform/saveParentControlInfo...

4.3CVSS7.2AI score0.00272EPSS
Exploits1References1
OSV
OSVadded 2025/11/20 3:17 p.m.3 views

CVE-2025-65223

Tenda AC21 V16.03.08.16 is vulnerable to Buffer Overflow via the urls parameter of /goform/saveParentControlInfo...

4.3CVSS5.8AI score0.00272EPSS
Exploits1References1
NVD
NVDadded 2025/11/20 3:17 p.m.6 views

CVE-2025-65223

Tenda AC21 V16.03.08.16 is vulnerable to Buffer Overflow via the urls parameter of /goform/saveParentControlInfo...

4.3CVSS0.00272EPSS
Exploits1References1
EUVD
EUVDadded 2025/11/20 12:0 a.m.5 views

EUVD-2025-198266

Tenda AC21 V16.03.08.16 is vulnerable to Buffer Overflow via the urls parameter of /goform/saveParentControlInfo...

4.3CVSS6.7AI score0.00272EPSS
Exploits1References2
Positive Technologies
Positive Technologiesadded 2025/11/20 12:0 a.m.7 views

PT-2025-47588

Tenda AC21 V16.03.08.16 is vulnerable to Buffer Overflow via the urls parameter of /goform/saveParentControlInfo...

4.3CVSS7.2AI score0.00272EPSS
Exploits1References2
CVE
CVEadded 2025/11/20 12:0 a.m.18 views

CVE-2025-65223

CVE-2025-65223 affects Tenda AC21 (V16.03.08.16). The vulnerability is a buffer overflow in the input handling of the /goform/saveParentControlInfo endpoint, caused by insufficient validation of the urls parameter length/size. This leads to a denial of service. Public sources consistently describ...

4.3CVSS6.8AI score0.00272EPSS
Exploits1References1Affected Software1
RedhatCVE
RedhatCVEadded 2025/11/11 12:11 a.m.3 views

CVE-2025-63149

Tenda AX3 V16.03.12.10CN was discovered to contain a stack overflow in the urls parameter of the getparentControllistInfo function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

7.5CVSS7.6AI score0.00324EPSS
Exploits1References1
EUVD
EUVDadded 2025/11/10 9:30 p.m.3 views

EUVD-2025-50808

Tenda AX3 V16.03.12.10CN was discovered to contain a stack overflow in the urls parameter of the getparentControllistInfo function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

7.1AI score0.00324EPSS
Exploits1References2
CVE
CVEadded 2025/11/10 12:0 a.m.7 views

CVE-2025-63149

CVE-2025-63149 affects Tenda AX3 router (V16.03.12.10_CN). The vulnerability is a stack overflow in the urls parameter of the get_parentControl_list_Info function, caused by improper input length validation. This can be exploited by a crafted request to trigger a Denial of Service (DoS). Public s...

7.5CVSS7.2AI score0.00324EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichmentadded 2025/11/10 12:0 a.m.2 views

CVE-2025-63149

Tenda AX3 V16.03.12.10CN was discovered to contain a stack overflow in the urls parameter of the getparentControllistInfo function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

7.2AI score0.00324EPSS
Exploits1References1
Cvelist
Cvelistadded 2025/11/10 12:0 a.m.4 views

CVE-2025-63149

Tenda AX3 V16.03.12.10CN was discovered to contain a stack overflow in the urls parameter of the getparentControllistInfo function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

0.00324EPSS
Exploits1References1
Positive Technologies
Positive Technologiesadded 2025/11/10 12:0 a.m.3 views

PT-2025-46188

Name of the Vulnerable Software and Affected Versions Tenda AX3 version 16.03.12.10 CN Description The Tenda AX3 router contains a stack overflow in the urls parameter of the get parentControl list Info function. A crafted request can lead to a Denial of Service DoS. Recommendations At the moment...

6.9AI score0.00324EPSS
Exploits1References5
CNNVD
CNNVDadded 2025/11/10 12:0 a.m.4 views

Tenda AX3 安全漏洞

Tenda AX3 is a home dual-band Gigabit wireless router from Tenda Technology that supports Wi-Fi6 802.11ax standard and focuses on high-performance network coverage and stable connection. The Tenda AX3 suffers from a stack buffer overflow vulnerability that originates from the urls parameter in th...

7.5CVSS7.1AI score0.00324EPSS
Exploits1References2
EUVD
EUVDadded 2025/10/03 8:7 p.m.3 views

EUVD-2022-49354

Malicious code in bioql PyPI...

7.5CVSS7.6AI score0.00815EPSS
Exploits1References1
EUVD
EUVDadded 2025/10/03 8:7 p.m.2 views

EUVD-2022-40904

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.00938EPSS
Exploits1References1
Rows per page
Query Builder