Lucene search
K

10 matches found

NVD
NVD
added 2026/03/19 11:16 p.m.6 views

CVE-2026-30874

OpenWrt Project is a Linux operating system targeting embedded devices. In versions prior to 24.10.6, a vulnerability in the hotplugcall function allows an attacker to bypass environment variable filtering and inject an arbitrary PATH variable, potentially leading to privilege escalation. The...

7.8CVSS0.00296EPSS
Exploits0References2
EUVD
EUVD
added 2026/03/19 10:36 p.m.3 views

EUVD-2026-13378

OpenWrt Project is a Linux operating system targeting embedded devices. In versions prior to 24.10.6, a vulnerability in the hotplugcall function allows an attacker to bypass environment variable filtering and inject an arbitrary PATH variable, potentially leading to privilege escalation. The...

1.8CVSS5.8AI score0.00296EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/03/19 10:36 p.m.1 views

CVE-2026-30874

OpenWrt Project is a Linux operating system targeting embedded devices. In versions prior to 24.10.6, a vulnerability in the hotplugcall function allows an attacker to bypass environment variable filtering and inject an arbitrary PATH variable, potentially leading to privilege escalation. The...

1.8CVSS5.8AI score0.00296EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2026/03/19 10:16 p.m.10 views

CVE-2026-30872

OpenWrt Project is a Linux operating system targeting embedded devices. In versions prior to 24.10.6 and 25.12.1, the mdns daemon has a Stack-based Buffer Overflow vulnerability in the matchipv6addresses function, triggered when processing PTR queries for IPv6 reverse DNS domains .ip6.arpa receiv...

9.8CVSS0.02221EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/03/19 10:1 p.m.24 views

CVE-2026-30873 OpenWrt Project jsonpath: Memory leak when processing strings, labels, and regexp tokens

OpenWrt Project is a Linux operating system targeting embedded devices. In versions prior to both 24.10.6 and 25.12.1, the jpgettoken function, which performs lexical analysis by breaking input expressions into tokens, contains a memory leak vulnerability when extracting string literals, field...

2.4CVSS0.00515EPSS
Exploits0References3
OSV
OSV
added 2026/03/19 10:1 p.m.10 views

CVE-2026-30873 OpenWrt Project jsonpath: Memory leak when processing strings, labels, and regexp tokens

OpenWrt Project is a Linux operating system targeting embedded devices. In versions prior to both 24.10.6 and 25.12.1, the jpgettoken function, which performs lexical analysis by breaking input expressions into tokens, contains a memory leak vulnerability when extracting string literals, field...

2.4CVSS5.8AI score0.00515EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/03/19 12:0 a.m.4 views

PT-2026-26382

OpenWrt Project is a Linux operating system targeting embedded devices. In versions prior to both 24.10.6 and 25.12.1, the jp get token function, which performs lexical analysis by breaking input expressions into tokens, contains a memory leak vulnerability when extracting string literals, field...

2.4CVSS5.7AI score0.00515EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2026/03/19 12:0 a.m.5 views

PT-2026-26380

Name of the Vulnerable Software and Affected Versions OpenWrt Project versions prior to 24.10.6 and versions prior to 25.12.1 Description The OpenWrt Project, a Linux operating system for embedded devices, is affected by a Stack-based Buffer Overflow in the mdns daemon. The issue resides within t...

9.8CVSS6.1AI score0.01211EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/03/19 12:0 a.m.9 views

OpenWrt 安全漏洞

OpenWrt is an open-source Linux operating system designed for embedded devices. Versions of OpenWrt prior to 24.10.6 contained security vulnerabilities. These vulnerabilities were caused by a bypass of environment variable filtering in the hotplugcall function, which could lead to privilege...

7.8CVSS5.8AI score0.00296EPSS
Exploits0References3
OSV
OSV
added 2025/10/27 10:8 a.m.6 views

CVE-2025-8432 CentreonBI user account on the MBI server can execute commands as root by modifying script runned by the CRON

Incorrect Default Permissions vulnerability in Centreon Infra Monitoring MBI modules allows Embedding Scripts within Scripts by CentreonBI user account on the MBI server This issue affects Infra Monitoring: from 24.10.0 before 24.10.6, from 24.04.0 before 24.04.9, from 23.10.0 before 23.10.15...

8.4CVSS6.7AI score0.00378EPSS
Exploits0References4
Rows per page
Query Builder