Lucene search
K

895 matches found

Nuclei
Nuclei
added 2 days ago24 views

W&B Weave Server - Remote Arbitrary File Leak

The Weave server API allows remote users to fetch files from a specific directory, but due to a lack of input validation, it is possible to traverse and leak arbitrary files remotely. In various common scenarios, this allows a low-privileged user to assume the role of the server admin. id:...

8.8CVSS7.7AI score0.04974EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.17 views

PT-2026-48200

Shenzhen Tenda Technology Co., Ltd Tenda W15E v15.11.0.10 was discovered to contain a buffer overflow in the webAuthWhiteID parameter of the formModifyWebAuthWhiteUser function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted HTTP request...

5.9AI score0.00309EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.9 views

Tenda W3 安全漏洞

The Tenda W3 is a wireless access point device produced by the Chinese company Tenda. Version 1.0.0.32204 of the Tenda W3 Wireless Router contains a security vulnerability. This vulnerability stems from a stack overflow in the param1 parameter within the formSetCfm function, which could allow...

6.5CVSS5.5AI score0.00217EPSS
Exploits0References1
OSV
OSV
added 2026/06/05 4:52 p.m.5 views

MINI-G7J4-CMRH-W899

Bulletin has no description...

5.3CVSS5.2AI score0.0037EPSS
Exploits0
NVD
NVD
added 2026/05/31 5:16 p.m.13 views

CVE-2026-10192

A vulnerability was identified in Tenda W12 3.0.0.74763. The affected element is the function setlocaltime0 of the file /bin/httpd. Such manipulation of the argument Time leads to stack-based buffer overflow. The attack can be launched remotely. The exploit is publicly available and might be used...

9CVSS0.00503EPSS
Exploits0References6
OSV
OSV
added 2026/05/11 9:47 a.m.6 views

MINI-QCMF-5Q35-F56W

Bulletin has no description...

7.5CVSS5.7AI score0.00768EPSS
Exploits0
OSV
OSV
added 2026/04/18 5:31 p.m.4 views

MINI-JC72-RF4W-99MP

Bulletin has no description...

7.1CVSS5.6AI score0.00261EPSS
Exploits0
OSV
OSV
added 2026/04/12 2:32 a.m.4 views

MINI-CRC9-G57F-W7MF

Bulletin has no description...

9CVSS5.7AI score0.00658EPSS
Exploits0
OSV
OSV
added 2026/04/11 3:18 p.m.1 views

MINI-QXM4-5W44-P25X

Bulletin has no description...

6.1CVSS5.7AI score0.0029EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/03/26 2:58 p.m.4 views

CVE-2026-4008

A flaw has been found in Tenda W3 1.0.0.32204. This issue affects some unknown processing of the file /goform/wifiSSIDset of the component POST Parameter Handler. Executing a manipulation of the argument index/GO can lead to stack-based buffer overflow. It is possible to launch the attack remotel...

9CVSS8AI score0.00635EPSS
Exploits1References1
Snyk
Snyk
added 2026/03/16 3:51 p.m.3 views

Malicious Package

Overview alinet-w is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this package authorship...

9.8CVSS5.8AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/10 8:29 a.m.6 views

Malicious code in alinet-w (npm)

Package is malware due to ransomware-like behavior: file encryption, key exfiltration, terminal locking, ransom note, and persistence attempts. --- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5c18fd7e3ffa16f370fa25fcc489c381958d8200bf01cd8bf3627c91301eb397 The...

5.7AI score
Exploits0References2
Intel
Intel
added 2026/03/10 12:0 a.m.9 views

2026.1 IPU, UEFI Reference Firmware Advisory

Summary: A potential security vulnerability in UEFI for some Intel Reference Platforms may allow escalation of privilege. Intel is releasing firmware updates to mitigate these potential vulnerability. Vulnerability Details: CVEID: CVE-2025-20096 Description: Improper input validation in the UEFI...

5.9CVSS5.7AI score0.00137EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/01/27 12:0 a.m.6 views

Unity Linux 20.1050e Security Update: kernel (UTSA-2026-005142)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-005142 advisory. In the Linux kernel, the following vulnerability has been resolved: mm: call the securitymmapfile LSM hook in remapfilepages The remapfilepages syscall handler call...

7.8CVSS6.7AI score0.00283EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.6 views

Azure Linux 3.0 Security Update: kernel (CVE-2024-47745)

"The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-47745 advisory. - In the Linux kernel, the following vulnerability has been resolved: mm: call the securitymmapfile LSM hook ...

7.8CVSS6.7AI score0.00283EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/01/15 12:0 a.m.5 views

PT-2026-3042

Kmaleon 1.1.0.205 contains an authenticated SQL injection vulnerability in the 'tipocomb' parameter of kmaleonW.php that allows attackers to manipulate database queries. Attackers can exploit this vulnerability using boolean-based, error-based, and time-based blind SQL injection techniques to...

7.1CVSS7.8AI score0.00239EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/01/15 12:0 a.m.3 views

Unity Linux 20.1060e / 20.1070e Security Update: kernel (UTSA-2026-001872)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-001872 advisory. The aiomount function in fs/aio.c in the Linux kernel before 4.7.7 does not properly restrict execute access, which makes it easier for local users to bypass intende...

7.8CVSS6.5AI score0.00299EPSS
Exploits0References9
OSV
OSV
added 2025/12/09 2:11 p.m.6 views

CLSA-2025-1765289483 elfutils: Fix of 3 CVEs

CVE-2025-1352: fix memory corruption when using -w option with a specially crafted input file - CVE-2025-1365: fix buffer overflow when using the -D and -a options with a specially crafted input file - CVE-2025-1372: fix buffer overflow when using the -z and -x options with a specially crafted...

7.8CVSS6.6AI score0.00614EPSS
Exploits3References1
Circl
Circl
added 2025/12/02 3:16 a.m.3 views

GHSA-5J98-MCP5-4VW2

creationtimestamp| type| source ---|---|--- 2025-12-02 03:16:32+00:00| seen| https://gist.github.com/deepak-chowdry/3da737fb0b4c63ed1bfe586c677e4860 2025-12-07 15:01:49+00:00| seen| https://gist.github.com/pxlvoid/2dee87e481533f31473871df69b485dc...

5.8AI score
Exploits0References2
Cvelist
Cvelist
added 2025/11/26 10:14 p.m.9 views

CVE-2019-25226 Dongyoung Media DM-AP240T/W Unauthenticated Configuration Disclosure

Dongyoung Media DM-AP240T/W wireless access points contain an unauthenticated configuration disclosure vulnerability in the /cgi-bin/syssystemconfig management endpoint. The endpoint allows remote retrieval of a compressed configuration archive without requiring authentication or authorization. T...

8.7CVSS0.0048EPSS
Exploits0References4
Rows per page
Query Builder