19025 matches found
CVE-2026-32649
A command injection vulnerability exists in the web server of specific firmware versions of Milesight cameras...
OpenClaw 安全漏洞
OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.3.28 contained security vulnerabilities. These vulnerabilities stemmed from an issue in chat.send, which allowed for privilege escalation. This could potentially allow attackers t...
PT-2026-35675
Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description A security flaw exists in the request handling of the web server component. Under certain conditions, this issue could allow unintended access to protected...
Milesight Cameras 操作系统命令注入漏洞
Milesight Cameras are a series of network video monitoring cameras produced by the Chinese company Milesight. The Milesight Cameras have a vulnerability related to operating system command injection, which stems from command injections occurring on the web server...
EUVD-2026-25958
A command injection vulnerability exists in the web server of specific firmware versions of Milesight cameras...
CVE-2026-32649
CVE-2026-32649 describes a command injection vulnerability in the web server of specific firmware versions on Milesight cameras. The affected surface is the camera web server, with the root cause stated as a command injection flaw. Impact metrics indicate high impact to confidentiality, integrity...
CVE-2026-32649
A command injection vulnerability exists in the web server of specific firmware versions of Milesight cameras...
CVE-2026-32649 Milesight Cameras OS Command Injection
A command injection vulnerability exists in the web server of specific firmware versions of Milesight cameras...
CVE-2026-32649 Milesight Cameras OS Command Injection
A command injection vulnerability exists in the web server of specific firmware versions of Milesight cameras...
CVE-2026-7139
A flaw has been found in Totolink A8000RU 7.1cu.643b20200521. This issue affects the function setWiFiAclRules of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulation of the argument mode causes os command injection. The attack is possible to be carried out remotely. The...
CVE-2026-41465
ProjeQtor versions 7.0 through 12.4.3 contain a path traversal vulnerability in the log file viewer at dynamicDialog.php where the logname parameter is not validated against directory traversal sequences before constructing file paths. Authenticated attackers can inject directory traversal...
CVE-2026-7035
A vulnerability was determined in Tenda FH1202 1.2.0.14. This affects the function fromWrlclientSet of the file /goform/WrlclientSet of the component httpd. Executing a manipulation of the argument Go can lead to stack-based buffer overflow. The attack may be launched remotely. The exploit has be...
GHSA-27VM-5VPJ-RP5G Apache Camel Vulnerable to Authentication Bypass Using an Alternate Path or Channel
When authentication is enabled on the Apache Camel embedded HTTP server or embedded management server camel-platform-http-main and a non-root context path such as /api or /admin is configured via camel.server.path or camel.management.path, the BasicAuthenticationConfigurer and...
CVE-2026-7102
A vulnerability was found in Tenda F456 1.0.0.5. This impacts the function FromWriteFacMac of the file /goform/WriteFacMac of the component httpd. The manipulation of the argument mac results in command injection. The attack can be executed remotely. The exploit has been made public and could be...
CLSA-2026-1777279578 java-11-openjdk: Fix of 6 CVEs
Upgrade to openjdk-11.0.30+7 GA. The following CVEs were fixed: - CVE-2026-21945: enhance certificate checking - CVE-2026-21932: enhance handling of URIs - CVE-2026-21933: improve HttpServer request handling - CVE-2026-21925: improve JMX connections - CVE-2025-64720: update libpng to 1.6.51 -...
CVE-2026-7100 Tenda F456 httpd Natlimit fromNatlimitof buffer overflow
A flaw has been found in Tenda F456 1.0.0.5. The impacted element is the function fromNatlimitof of the file /goform/Natlimit of the component httpd. Executing a manipulation can lead to buffer overflow. The attack may be launched remotely. The exploit has been published and may be used...
EUVD-2026-25800
A flaw has been found in Tenda F456 1.0.0.5. The impacted element is the function fromNatlimitof of the file /goform/Natlimit of the component httpd. Executing a manipulation can lead to buffer overflow. The attack may be launched remotely. The exploit has been published and may be used...
CVE-2026-7100 Tenda F456 httpd Natlimit fromNatlimitof buffer overflow
A flaw has been found in Tenda F456 1.0.0.5. The impacted element is the function fromNatlimitof of the file /goform/Natlimit of the component httpd. Executing a manipulation can lead to buffer overflow. The attack may be launched remotely. The exploit has been published and may be used...
EUVD-2026-25765
A flaw has been found in Tenda F456 1.0.0.5. Affected by this vulnerability is the function formWrlExtraSet of the file /goform/WrlExtraSet of the component httpd. Executing a manipulation of the argument Go can lead to buffer overflow. The attack can be executed remotely. The exploit has been...
EUVD-2026-25764
A vulnerability was detected in Tenda F456 1.0.0.5. Affected is the function fromGstDhcpSetSer of the file /goform/GstDhcpSetSer of the component httpd. Performing a manipulation of the argument dips results in buffer overflow. Remote exploitation of the attack is possible. The exploit is now...