Lucene search
K

19025 matches found

NVD
NVD
added 2026/04/28 1:16 a.m.6 views

CVE-2026-32649

A command injection vulnerability exists in the web server of specific firmware versions of Milesight cameras...

7.3CVSS0.00863EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/04/28 12:0 a.m.9 views

OpenClaw 安全漏洞

OpenClaw is an open-source intelligent artificial assistant developed by OpenClaw. Versions of OpenClaw prior to 2026.3.28 contained security vulnerabilities. These vulnerabilities stemmed from an issue in chat.send, which allowed for privilege escalation. This could potentially allow attackers t...

8.5CVSS5.8AI score0.00255EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/04/28 12:0 a.m.8 views

PT-2026-35675

Name of the Vulnerable Software and Affected Versions The product name cannot be determined affected versions not specified Description A security flaw exists in the request handling of the web server component. Under certain conditions, this issue could allow unintended access to protected...

8.8CVSS5.8AI score0.00193EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/04/28 12:0 a.m.9 views

Milesight Cameras 操作系统命令注入漏洞

Milesight Cameras are a series of network video monitoring cameras produced by the Chinese company Milesight. The Milesight Cameras have a vulnerability related to operating system command injection, which stems from command injections occurring on the web server...

7.3CVSS5.8AI score0.00863EPSS
Exploits0References1
EUVD
EUVD
added 2026/04/27 11:42 p.m.6 views

EUVD-2026-25958

A command injection vulnerability exists in the web server of specific firmware versions of Milesight cameras...

7.3CVSS5.2AI score0.00863EPSS
Exploits0References3
CVE
CVE
added 2026/04/27 11:42 p.m.9 views

CVE-2026-32649

CVE-2026-32649 describes a command injection vulnerability in the web server of specific firmware versions on Milesight cameras. The affected surface is the camera web server, with the root cause stated as a command injection flaw. Impact metrics indicate high impact to confidentiality, integrity...

7.3CVSS5.3AI score0.00863EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/04/27 11:42 p.m.3 views

CVE-2026-32649

A command injection vulnerability exists in the web server of specific firmware versions of Milesight cameras...

7.3CVSS5.2AI score0.00863EPSS
Exploits0References4
Cvelist
Cvelist
added 2026/04/27 11:42 p.m.30 views

CVE-2026-32649 Milesight Cameras OS Command Injection

A command injection vulnerability exists in the web server of specific firmware versions of Milesight cameras...

7.3CVSS0.00863EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/04/27 11:42 p.m.10 views

CVE-2026-32649 Milesight Cameras OS Command Injection

A command injection vulnerability exists in the web server of specific firmware versions of Milesight cameras...

7.3CVSS5.2AI score0.00863EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/04/27 4:15 p.m.8 views

CVE-2026-7139

A flaw has been found in Totolink A8000RU 7.1cu.643b20200521. This issue affects the function setWiFiAclRules of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. This manipulation of the argument mode causes os command injection. The attack is possible to be carried out remotely. The...

10CVSS5.2AI score0.01766EPSS
Exploits0References5Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/04/27 3:10 p.m.3 views

CVE-2026-41465

ProjeQtor versions 7.0 through 12.4.3 contain a path traversal vulnerability in the log file viewer at dynamicDialog.php where the logname parameter is not validated against directory traversal sequences before constructing file paths. Authenticated attackers can inject directory traversal...

7.1CVSS5.9AI score0.00541EPSS
Exploits0References5Affected Software1
RedhatCVE
RedhatCVE
added 2026/04/27 1:22 p.m.7 views

CVE-2026-7035

A vulnerability was determined in Tenda FH1202 1.2.0.14. This affects the function fromWrlclientSet of the file /goform/WrlclientSet of the component httpd. Executing a manipulation of the argument Go can lead to stack-based buffer overflow. The attack may be launched remotely. The exploit has be...

9CVSS8.9AI score0.00619EPSS
Exploits1References1
OSV
OSV
added 2026/04/27 12:30 p.m.4 views

GHSA-27VM-5VPJ-RP5G Apache Camel Vulnerable to Authentication Bypass Using an Alternate Path or Channel

When authentication is enabled on the Apache Camel embedded HTTP server or embedded management server camel-platform-http-main and a non-root context path such as /api or /admin is configured via camel.server.path or camel.management.path, the BasicAuthenticationConfigurer and...

8.2CVSS5.8AI score0.00622EPSS
Exploits0References10
NVD
NVD
added 2026/04/27 9:16 a.m.6 views

CVE-2026-7102

A vulnerability was found in Tenda F456 1.0.0.5. This impacts the function FromWriteFacMac of the file /goform/WriteFacMac of the component httpd. The manipulation of the argument mac results in command injection. The attack can be executed remotely. The exploit has been made public and could be...

8.8CVSS0.03024EPSS
Exploits1References5
OSV
OSV
added 2026/04/27 8:46 a.m.7 views

CLSA-2026-1777279578 java-11-openjdk: Fix of 6 CVEs

Upgrade to openjdk-11.0.30+7 GA. The following CVEs were fixed: - CVE-2026-21945: enhance certificate checking - CVE-2026-21932: enhance handling of URIs - CVE-2026-21933: improve HttpServer request handling - CVE-2026-21925: improve JMX connections - CVE-2025-64720: update libpng to 1.6.51 -...

7.5CVSS6.4AI score0.00864EPSS
Exploits6References1
Vulnrichment
Vulnrichment
added 2026/04/27 7:45 a.m.5 views

CVE-2026-7100 Tenda F456 httpd Natlimit fromNatlimitof buffer overflow

A flaw has been found in Tenda F456 1.0.0.5. The impacted element is the function fromNatlimitof of the file /goform/Natlimit of the component httpd. Executing a manipulation can lead to buffer overflow. The attack may be launched remotely. The exploit has been published and may be used...

9CVSS8.6AI score0.00619EPSS
Exploits1References5
EUVD
EUVD
added 2026/04/27 7:45 a.m.7 views

EUVD-2026-25800

A flaw has been found in Tenda F456 1.0.0.5. The impacted element is the function fromNatlimitof of the file /goform/Natlimit of the component httpd. Executing a manipulation can lead to buffer overflow. The attack may be launched remotely. The exploit has been published and may be used...

9CVSS5.9AI score0.00619EPSS
Exploits1References5
Cvelist
Cvelist
added 2026/04/27 7:45 a.m.29 views

CVE-2026-7100 Tenda F456 httpd Natlimit fromNatlimitof buffer overflow

A flaw has been found in Tenda F456 1.0.0.5. The impacted element is the function fromNatlimitof of the file /goform/Natlimit of the component httpd. Executing a manipulation can lead to buffer overflow. The attack may be launched remotely. The exploit has been published and may be used...

9CVSS0.00619EPSS
Exploits1References5
EUVD
EUVD
added 2026/04/27 3:15 a.m.6 views

EUVD-2026-25765

A flaw has been found in Tenda F456 1.0.0.5. Affected by this vulnerability is the function formWrlExtraSet of the file /goform/WrlExtraSet of the component httpd. Executing a manipulation of the argument Go can lead to buffer overflow. The attack can be executed remotely. The exploit has been...

9CVSS6AI score0.00619EPSS
Exploits1References5
EUVD
EUVD
added 2026/04/27 3:0 a.m.5 views

EUVD-2026-25764

A vulnerability was detected in Tenda F456 1.0.0.5. Affected is the function fromGstDhcpSetSer of the file /goform/GstDhcpSetSer of the component httpd. Performing a manipulation of the argument dips results in buffer overflow. Remote exploitation of the attack is possible. The exploit is now...

9CVSS5.7AI score0.00619EPSS
Exploits1References5
Rows per page
Query Builder