Lucene search
K

62 matches found

NVD
NVD
added 2026/02/25 7:16 a.m.9 views

CVE-2026-3168

A weakness has been identified in Tenda F453 1.0.0.3. This affects the function fromNatStaticSetting of the file /goform/NatStaticSetting of the component httpd. Executing a manipulation of the argument page can lead to buffer overflow. The attack may be launched remotely. The exploit has been ma...

9CVSS0.03248EPSS
Exploits2References5
RedhatCVE
RedhatCVE
added 2026/01/08 3:14 a.m.3 views

CVE-2025-15472

A flaw has been found in TRENDnet TEW-811DRU 1.0.2.0. This affects the function setDeviceURL of the file uapply.cgi of the component httpd . This manipulation of the argument DeviceURL causes os command injection. The attack can be initiated remotely. The exploit has been published and may be use...

8.6CVSS6.6AI score0.20097EPSS
Exploits1References1
NVD
NVD
added 2026/01/07 12:16 p.m.5 views

CVE-2025-15472

A flaw has been found in TRENDnet TEW-811DRU 1.0.2.0. This affects the function setDeviceURL of the file uapply.cgi of the component httpd . This manipulation of the argument DeviceURL causes os command injection. The attack can be initiated remotely. The exploit has been published and may be...

8.6CVSS0.20097EPSS
Exploits1References4
NVD
NVD
added 2025/12/30 4:15 p.m.9 views

CVE-2025-15255

A vulnerability was determined in Tenda W6-S 1.0.0.4510. This impacts an unknown function of the file /bin/httpd of the component R7websSsecurityHandler. Executing a manipulation of the argument Cookie can lead to stack-based buffer overflow. The attack may be launched remotely. The exploit has...

10CVSS0.03923EPSS
Exploits1References5
CNNVD
CNNVD
added 2025/12/30 12:0 a.m.5 views

Tenda W6-S 安全漏洞

Tenda W6-S is a wireless access point device from Tenda China. A security vulnerability exists in Tenda W6-S version 1.0.0.4, which originates from an incorrect manipulation of the file /bin/httpd parameter cookie in the component R7websSecurityHandler, which could result in a stack buffer overfl...

10CVSS7.6AI score0.03923EPSS
Exploits1References5
NVD
NVD
added 2025/12/13 7:15 p.m.6 views

CVE-2025-14636

A security flaw has been discovered in Tenda AX9 22.03.01.46. This affects the function imagecheck of the component httpd. The manipulation results in use of weak hash. It is possible to launch the attack remotely. A high complexity level is associated with this attack. It is indicated that the...

6.3CVSS0.00249EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2025/12/13 7:2 p.m.3 views

CVE-2025-14636

A security flaw has been discovered in Tenda AX9 22.03.01.46. This affects the function imagecheck of the component httpd. The manipulation results in use of weak hash. It is possible to launch the attack remotely. A high complexity level is associated with this attack. It is indicated that the...

6.3CVSS4.8AI score0.00249EPSS
Exploits1References5Affected Software1
Positive Technologies
Positive Technologies
added 2025/10/22 12:0 a.m.5 views

PT-2025-43381

Name of the Vulnerable Software and Affected Versions Devolutions Server versions 2025.2.15.0 and earlier Description An improper input validation exists in the Security Dashboard's ignored-tasks API. An authenticated user can send a crafted request to cause a denial of service to the Security...

5.1CVSS6.3AI score0.00406EPSS
Exploits0References8
OSV
OSV
added 2025/10/21 8:20 p.m.6 views

CVE-2025-62287

Vulnerability in the Oracle Life Sciences InForm product of Oracle Health Sciences Applications component: Web Server. The supported version that is affected is 7.0.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Life Science...

6.1CVSS5.8AI score0.00175EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-52427

Malicious code in bioql PyPI...

9CVSS9.1AI score0.00843EPSS
Exploits0References3
NVD
NVD
added 2025/08/14 7:15 a.m.42 views

CVE-2025-8949

A vulnerability was identified in D-Link DIR-825 2.10. Affected by this vulnerability is the function getpingappstat of the file pingresponse.cgi of the component httpd. The manipulation of the argument pingipaddr leads to stack-based buffer overflow. The attack can be launched remotely. The...

9.8CVSS0.00858EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/07/27 4:14 p.m.15 views

CVE-2025-34136

An SQL injection vulnerability exists in Commvault 11.32.0 - 11.32.93, 11.36.0 - 11.36.51, and 11.38.0 - 11.38.19 Web Server component that allows a remote, unauthenticated attacker to perform SQL Injection. The vulnerability impacts systems where the CommServe and Web Server roles are installed...

6.9CVSS7.5AI score0.00464EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/07/25 12:0 a.m.6 views

PT-2025-30892 · Commvault · Commvault

Name of the Vulnerable Software and Affected Versions: Commvault versions 11.32.0 through 11.32.93 Commvault versions 11.36.0 through 11.36.51 Commvault versions 11.38.0 through 11.38.19 Description: An SQL injection vulnerability exists in the Web Server component that could allow a remote,...

6.9CVSS7.1AI score0.00464EPSS
Exploits0References4
OSV
OSV
added 2025/05/11 7:15 p.m.3 views

CVE-2025-4544

A vulnerability was found in D-Link DI-8100 up to 16.07.26A1 and classified as critical. This issue affects some unknown processing of the file /ddos.asp of the component jhttpd. The manipulation of the argument defmax/deftime/deftcpmax/deftcptime/defudpmax/defudptime/deficmpmax leads to...

7.2CVSS5.9AI score0.0654EPSS
Exploits1References5
OSV
OSV
added 2024/04/09 5:15 p.m.2 views

CVE-2024-26219

HTTP.sys Denial of Service Vulnerability...

7.5CVSS7.3AI score0.03137EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/02/08 12:0 a.m.5 views

PT-2024-20319 · Cellinx · Cellinx Nvt Web Server

Name of the Vulnerable Software and Affected Versions: Cellinx NVT Web Server version 5.0.0.014 Description: An issue in the component /cgi-bin/GetJsonValue.cgi allows attackers to leak configuration information via a crafted POST request to the "GetJsonValue.cgi" endpoint. Recommendations: For...

5.3CVSS5AI score0.005EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2023/07/11 6:15 p.m.5 views

CVE-2023-35298

HTTP.sys Denial of Service Vulnerability...

7.5CVSS5.8AI score0.01564EPSS
Exploits0References2Affected Software3
OSV
OSV
added 2023/02/01 2:15 p.m.3 views

CVE-2023-0613

A vulnerability has been found in TRENDnet TEW-811DRU 1.0.10.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /wireless/security.asp of the component httpd. The manipulation leads to memory corruption. The attack can be launched remotely. The...

7.5CVSS6.6AI score0.00933EPSS
Exploits1References2
OSV
OSV
added 2022/09/21 6:15 p.m.6 views

CVE-2022-30578

The Web Server component of TIBCO Software Inc.'s TIBCO EBX Add-ons contains an easily exploitable vulnerability that allows a low privileged attacker with network access to execute Stored Cross Site Scripting XSS on the affected system. A successful attack using this vulnerability requires human...

9CVSS5.9AI score0.00843EPSS
Exploits0References3
OSV
OSV
added 2022/05/18 5:15 p.m.8 views

CVE-2022-22776

The Web Server component of TIBCO Software Inc.'s TIBCO BusinessConnect Trading Community Management contains easily exploitable vulnerabilities that allows a low privileged attacker with network access to execute Stored Cross Site Scripting XSS on the affected system. A successful attack using...

5.4CVSS6.2AI score0.00526EPSS
Exploits0References2
Rows per page
Query Builder