Lucene search
K

19025 matches found

CNNVD
CNNVD
added 2026/04/30 12:0 a.m.8 views

Dbit N300 T1 Pro 资源管理错误漏洞

The Dbit N300 T1 Pro is a wireless router device produced by the Dbit company. The Dbit N300 T1 Pro V1.0.0 version has a resource management vulnerability. This vulnerability stems from a denial-of-service attack in the boa Web server URI handler, which could allow attackers to exhaust system...

7.5CVSS5.8AI score0.00344EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2026/04/30 12:0 a.m.4 views

CVE-2026-36957

Dbit N300 T1 Pro Easy Setup Wireless Wi-Fi Router V1.0.0 is vulnerable to Denial of Service via the boa web server URI handler. By initiating a high-volume flood of HTTP GET requests to non-existent URIs, an attacker can exhaust critical system resources, including file descriptors and memory...

5.4AI score0.00344EPSS
Exploits2References2
Positive Technologies
Positive Technologies
added 2026/04/30 12:0 a.m.6 views

PT-2026-36089

Name of the Vulnerable Software and Affected Versions JetBrains IntelliJ IDEA versions prior to 2024.3.7.1 JetBrains IntelliJ IDEA versions prior to 2025.1.7.1 JetBrains IntelliJ IDEA versions prior to 2025.2.6.2 JetBrains IntelliJ IDEA versions prior to 2025.3.4.1 JetBrains IntelliJ IDEA version...

7.5CVSS5.9AI score0.00401EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/04/30 12:0 a.m.9 views

HP Printer Cross-Site Request Forgery (CVE-2009-0940)

Multiple cross-site request forgery CSRF vulnerabilities in the HP Embedded Web Server EWS on HP LaserJet Printers, Edgeline Printers, and Digital Senders allow remote attackers to hijack the intranet connectivity of arbitrary users for requests that 1 print documents via unknown vectors, 2 modif...

5.1CVSS5.8AI score0.01082EPSS
Exploits1References2
ATTACKERKB
ATTACKERKB
added 2026/04/30 12:0 a.m.5 views

CVE-2026-36957

Dbit N300 T1 Pro Easy Setup Wireless Wi-Fi Router V1.0.0 is vulnerable to Denial of Service via the boa web server URI handler. By initiating a high-volume flood of HTTP GET requests to non-existent URIs, an attacker can exhaust critical system resources, including file descriptors and memory...

7.5CVSS5.4AI score0.00344EPSS
Exploits2References3
CNNVD
CNNVD
added 2026/04/30 12:0 a.m.11 views

JetBrains IntelliJ IDEA 后置链接漏洞

JetBrains IntelliJ IDEA is an integrated development environment for Java language developed by the Czech company JetBrains. Versions of JetBrains IntelliJ IDEA prior to 2024.3.7.1, 2025.1.7.1, 2025.2.6.2, 2025.3.4.1, and 2026.1.1 have a post-link vulnerability. This vulnerability stems from issu...

7.5CVSS5.9AI score0.00401EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/30 12:0 a.m.5 views

PT-2026-36104

A denial-of-service vulnerability exists in the U-SPEED N300 V1.0.0 wireless router. By sending a large number of concurrent HTTP requests to random or non-existent endpoints on the web management interface, an attacker can exhaust system resources in the embedded Boa HTTP server. This causes the...

7.5CVSS5.3AI score0.00344EPSS
Exploits2References3
EUVD
EUVD
added 2026/04/30 12:0 a.m.4 views

EUVD-2026-26379

A denial-of-service vulnerability exists in the U-SPEED N300 V1.0.0 wireless router. By sending a large number of concurrent HTTP requests to random or non-existent endpoints on the web management interface, an attacker can exhaust system resources in the embedded Boa HTTP server. This causes the...

7.5CVSS5.4AI score0.00344EPSS
Exploits2References2
Tenable Nessus
Tenable Nessus
added 2026/04/30 12:0 a.m.3 views

HP Printer Weak Password Requirement (CVE-2009-0941)

The HP Embedded Web Server EWS on HP LaserJet Printers, Edgeline Printers, and Digital Senders has no management password by default, which makes it easier for remote attackers to obtain access. This plugin only works with Tenable.ot. Please visit https://www.tenable.com/products/tenable-ot for...

7.6CVSS5.8AI score0.0302EPSS
Exploits0References2
GithubExploit
GithubExploit
added 2026/04/29 8:33 p.m.74 views

Exploit for CVE-2026-36957

CVE-2026-36957: Denial of Service via HTTP Flood on Boa Web Se...

5.5AI score0.00344EPSS
Exploits2
RedhatCVE
RedhatCVE
added 2026/04/29 2:49 p.m.7 views

CVE-2026-7102

A vulnerability was found in Tenda F456 1.0.0.5. This impacts the function FromWriteFacMac of the file /goform/WriteFacMac of the component httpd. The manipulation of the argument mac results in command injection. The attack can be executed remotely. The exploit has been made public and could be...

8.8CVSS6.2AI score0.03024EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/04/29 2:48 p.m.7 views

CVE-2026-7202

A vulnerability has been found in Totolink A8000RU 7.1cu.643b20200521. This affects the function setWiFiWpsStart of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument wscDisabled leads to os command injection. The attack can be initiated remotely. The...

10CVSS8.1AI score0.02448EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/29 12:0 a.m.11 views

Starman 环境问题漏洞

Starman is a high-performance pre-derived web server developed by Tatsuhiko Miyagawa. Versions of Starman prior to 0.4018 contained an environmental issue vulnerability. This vulnerability stemmed from the HTTP request intercalation technique. Due to improper handling of header priorities, Starma...

7.5CVSS5.8AI score0.00487EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2026/04/29 12:0 a.m.7 views

CVE-2026-40560

Starman versions before 0.4018 for Perl allows HTTP Request Smuggling via Improper Header Precedence. Starman incorrectly prioritizes "Content-Length" over "Transfer-Encoding: chunked" when both headers are present in an HTTP request. Per RFC 7230 3.3.3, Transfer-Encoding must take precedence. An...

7.5CVSS5.8AI score0.00487EPSS
Exploits0References2
NVD
NVD
added 2026/04/28 8:16 a.m.12 views

CVE-2024-54013

Penetration Testing engineers at Amazon have identified a security flaw related to request handling in the web server component that could, under certain conditions, lead to unintended access to protected functions. The manufacturer has released patch firmware for the flaw, please refer to the...

8.8CVSS0.00193EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/04/28 7:6 a.m.35 views

CVE-2024-54013 Authentication Bypass

Penetration Testing engineers at Amazon have identified a security flaw related to request handling in the web server component that could, under certain conditions, lead to unintended access to protected functions. The manufacturer has released patch firmware for the flaw, please refer to the...

8.7CVSS0.00193EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/04/28 7:6 a.m.4 views

CVE-2024-54013

Penetration Testing engineers at Amazon have identified a security flaw related to request handling in the web server component that could, under certain conditions, lead to unintended access to protected functions. The manufacturer has released patch firmware for the flaw, please refer to the...

8.7CVSS5.4AI score0.00193EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/04/28 7:6 a.m.4 views

CVE-2024-54013 Authentication Bypass

Penetration Testing engineers at Amazon have identified a security flaw related to request handling in the web server component that could, under certain conditions, lead to unintended access to protected functions. The manufacturer has released patch firmware for the flaw, please refer to the...

8.7CVSS5.3AI score0.00193EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/28 7:6 a.m.14 views

EUVD-2024-55560

Penetration Testing engineers at Amazon have identified a security flaw related to request handling in the web server component that could, under certain conditions, lead to unintended access to protected functions. The manufacturer has released patch firmware for the flaw, please refer to the...

8.7CVSS5.3AI score0.00193EPSS
Exploits0References1
CVE
CVE
added 2026/04/28 7:6 a.m.13 views

CVE-2024-54013

CVE-2024-54013 affects the web server component of Hanwha Vision products, where a flaw in request handling could allow unauthorized access to protected functions. The issue is supported by a manufacturer-reported patch/firmware update; the CVSS 4.0 base score is 8.7 (HIGH), with adjacent attack ...

8.8CVSS5.4AI score0.00193EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder