Lucene search
K

2766 matches found

Vulnrichment
Vulnrichment
added 2026/06/09 12:0 a.m.9 views

CVE-2026-36815

Shenzhen Tenda Technology Co., Ltd Tenda W15E v15.11.0.10 was discovered to contain a buffer overflow in the hostname parameter of the formSetNetCheckTools function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted HTTP request...

5.9AI score0.00309EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/09 12:0 a.m.11 views

CVE-2026-36793

Shenzhen Tenda Technology Co., Ltd Tenda W3 Wireless Router v1.0.0.32204 was discovered to contain multiple stack overflows in the formwrlSSIDset function via the mitssid and misssidindex parameters. These vulnerabilities allow attackers to cause a Denial of Service DoS via a crafted HTTP request...

5.5AI score0.00397EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/09 12:0 a.m.8 views

CVE-2026-36819

Shenzhen Tenda Technology Co., Ltd Tenda W20E v15.11.0.6 was discovered to contain a buffer overflow in the bindMACAddr parameter of the fromSetDhcpRules function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted HTTP request...

5.9AI score0.00309EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/09 12:0 a.m.9 views

CVE-2026-36784

Shenzhen Tenda Technology Co., Ltd Tenda O3 Wireless Router v1.0.0.54180 was discovered to contain a stack overflow in the ip parameter of the fromNetToolGet function. This vulnerability allows attackers to cause a Denial of Service DoS via a HTTP request...

5.5AI score0.00329EPSS
Exploits0References1
CVE
CVE
added 2026/06/09 12:0 a.m.17 views

CVE-2026-36808

CVE-2026-36808 affects Shenzhen Tenda Technology Co., Ltd Tenda W15E v15.11.0.10. The issue is a buffer overflow in the webAuthUserInfo parameter of the formAddWebAuthUser function, leading to Denial of Service via a crafted HTTP request. Connected sources (Red Hat, NVD, CVE lists) confirm the sa...

7.5CVSS5.9AI score0.00309EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/08 12:0 a.m.15 views

PT-2026-47297

Shenzhen Tenda Technology Co., Ltd Tenda AC1206 v15.03.06.23 was discovered to contain multiple stack overflows in the fromGstDhcpSetSer function via the username and password parameters. These vulnerabilities allow attackers to cause a Denial of Service DoS via a crafted HTTP request...

5.5AI score0.00529EPSS
Exploits0References2
EUVD
EUVD
added 2026/06/08 12:0 a.m.12 views

EUVD-2026-35076

Shenzhen Tenda Technology Co., Ltd Tenda AC1206 v15.03.06.23 was discovered to contain multiple stack overflows in the fromGstDhcpSetSer function via the username and password parameters. These vulnerabilities allow attackers to cause a Denial of Service DoS via a crafted HTTP request...

7.5CVSS5.5AI score0.00529EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/08 12:0 a.m.42 views

CVE-2026-36789

Shenzhen Tenda Technology Co., Ltd Tenda AC1206 v15.03.06.23 was discovered to contain multiple stack overflows in the fromGstDhcpSetSer function via the username and password parameters. These vulnerabilities allow attackers to cause a Denial of Service DoS via a crafted HTTP request...

0.00529EPSS
Exploits0References1
CVE
CVE
added 2026/06/08 12:0 a.m.24 views

CVE-2026-36786

CVE-2026-36786 affects Shenzhen Tenda Technology Co., Ltd Tenda FH451 V1.0.0.9. The issue is a stack overflow in the list1 parameter of the fromDhcpListClient function, enabling a Denial of Service via a crafted HTTP request. Affected component is the fromDhcpListClient path handling DHCP list da...

7.5CVSS5.6AI score0.00415EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/07 7:15 a.m.13 views

EUVD-2026-34986

A vulnerability was identified in Chanjet CRM 1.0. This affects an unknown part of the file /tools/jxfdumpsystable.php of the component HTTP GET Request Handler. Such manipulation of the argument gblOrgID leads to sql injection. The attack may be launched remotely. The exploit is publicly availab...

7.5CVSS7AI score0.0026EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/06/07 12:0 a.m.11 views

Chanjet CRM SQL注入漏洞

Chanjet CRM is a customer relationship management system developed by Chanjet Corporation. Version 1.0 of Chanjet CRM has a SQL injection vulnerability. This vulnerability stems from incorrect handling of the parameter gblOrgID in the HTTP GET Request Handler component...

7.5CVSS7.5AI score0.0026EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/06/06 6:43 p.m.21 views

CVE-2026-44902

A flaw was found in opentelemetry-js, specifically within the OpenTelemetry JavaScript JS Prometheus exporter. A remote attacker could exploit this vulnerability by sending a single malformed HTTP request to the metrics endpoint. This lack of proper error handling during URL parsing can cause an...

7.5CVSS5.9AI score0.00455EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/06/05 7:48 p.m.11 views

CVE-2026-36957

Dbit N300 T1 Pro Easy Setup Wireless Wi-Fi Router V1.0.0 is vulnerable to Denial of Service via the boa web server URI handler. By initiating a high-volume flood of HTTP GET requests to non-existent URIs, an attacker can exhaust critical system resources, including file descriptors and memory...

7.5CVSS5.5AI score0.00323EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:44 p.m.9 views

CVE-2026-26461

A Command Injection vulnerability in the web management interface in Aver PTC320UV2 0.1.0000.65 allows an unauthenticated attacker to execute arbitrary commands via a crafted web request...

6.5CVSS5.9AI score0.00816EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:37 p.m.10 views

CVE-2026-41691

Copilot said: i18nextify is a JavaScript library that adds i18nextify is a JavaScript library that adds website internationalization via a script tag, without source code changes. Versions prior to 3.0.5 interpolate the lng and ns values directly into the configured loadPath / addPath URL templat...

9.1CVSS5.4AI score0.00251EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:29 p.m.13 views

CVE-2026-20060

A vulnerability in the web-based management interface of Cisco Unity Connection could allow an unauthenticated, remote attacker to redirect a user to a malicious web page. This vulnerability is due to improper input validation of HTTP request parameters. An attacker could exploit this vulnerabili...

4.7CVSS5.5AI score0.00202EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:22 p.m.12 views

CVE-2026-7256

UNSUPPORTED WHEN ASSIGNED A command injection vulnerability in the CGI program of Zyxel WRE6505 v2 firmware version V1.00ABDV.3C0 could allow an adjacent attacker on the LAN to execute operating system OS commands on a vulnerable device by sending a crafted HTTP request...

8.8CVSS5.7AI score0.01007EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:22 p.m.9 views

CVE-2026-7287

UNSUPPORTED WHEN ASSIGNED A buffer overflow vulnerability in the formWep, formWlAc, formPasswordSetup, formUpgradeCert, and formDelcert functions of the “webs” binary in Zyxel NWA1100-N customized firmware version 1.00AACE.1C0 could allow an attacker to trigger a denial-of-service DoS condition b...

7.5CVSS5.8AI score0.00309EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/05 11:31 a.m.13 views

EUVD-2026-34825

A Server-Side Request Forgery SSRF vulnerability in the custom process creation feature of linqi allows an authenticated attacker to probe internal network components. By crafting a specific process containing an HTTP Request component, an attacker can force the server to send arbitrary HTTP...

5.3CVSS5.6AI score0.00226EPSS
Exploits0References1
CVE
CVE
added 2026/06/05 12:0 a.m.21 views

CVE-2026-36785

CVE-2026-36785 affects Tenda FH451 V1.0.0.9. A stack overflow in the fromDhcpListClient function’s handling of the page parameter can cause a Denial of Service via a crafted HTTP request. Public sources in the provided documents confirm the vulnerable component/function and the DoS impact; no rem...

7.5CVSS5.5AI score0.00357EPSS
Exploits0References2
Rows per page
Query Builder