19026 matches found
EUVD-2026-21990
Improper Neutralization of Special Elements used in an OS Command vulnerability allows OS Command Injection via WebServerModuleDebug. This issue affects Pandora FMS: from 777 through 800...
CVE-2026-30809
Improper Neutralization of Special Elements used in an OS Command vulnerability allows OS Command Injection via WebServerModuleDebug. This issue affects Pandora FMS: from 777 through 800...
CVE-2026-30809
The vulnerability CVE-2026-30809 affects Pandora FMS with WebServerModuleDebug in versions 777–800, caused by improper neutralization of special elements in OS commands (OS Command Injection). The CVE List also notes that this can lead to remote code execution. Attack vector is network with no us...
CVE-2026-33858
Dag Authors, who normally should not be able to execute code in the webserver context could craft XCom payload causing the webserver to execute arbitrary code. Since Dag Authors are already highly trusted, severity of this issue is Low. Users are recommended to upgrade to Apache Airflow 3.2.0,...
EUVD-2026-21908
LibreNMS versions before 26.3.0 are affected by an authenticated remote code execution vulnerability by abusing the Binary Locations config and the Netcommand feature. Successful exploitation requires administrative privileges. Exploitation could result in compromise of the underlying web server...
GHSA-7549-GGPQ-22W8 Duplicate Advisory: LibreNMS is Vulnerable to Remote Code Execution by Arbitrary File Write
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-pr3g-phhr-h8fh. This link is maintained to preserve external references. Original Description LibreNMS versions before 26.3.0 are affected by an authenticated remote code execution vulnerability by abusing...
CVE-2026-6204
LibreNMS versions before 26.3.0 are affected by an authenticated remote code execution vulnerability by abusing the Binary Locations config and the Netcommand feature. Successful exploitation requires administrative privileges. Exploitation could result in compromise of the underlying web server...
CVE-2026-6204
LibreNMS is affected (versions before 26.3.0) by an authenticated remote code execution vulnerability via the Binary Locations config and Netcommand feature. Exploitation requires administrative privileges and could compromise the underlying web server. Affected component is the software’s web in...
CVE-2026-6204
LibreNMS versions before 26.3.0 are affected by an authenticated remote code execution vulnerability by abusing the Binary Locations config and the Netcommand feature. Successful exploitation requires administrative privileges. Exploitation could result in compromise of the underlying web server...
CVE-2026-6204
LibreNMS versions before 26.3.0 are affected by an authenticated remote code execution vulnerability by abusing the Binary Locations config and the Netcommand feature. Successful exploitation requires administrative privileges. Exploitation could result in compromise of the underlying web server...
PT-2026-32331
LibreNMS versions before 26.3.0 are affected by an authenticated remote code execution vulnerability by abusing the Binary Locations config and the Netcommand feature. Successful exploitation requires administrative privileges. Exploitation could result in compromise of the underlying web server...
EUVD-2026-21722
A vulnerability has been found in Tenda F451 1.0.0.7. Affected by this issue is the function frmL7ProtForm of the file /goform/L7Prot of the component httpd. Such manipulation of the argument page leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been...
CVE-2026-6124 Tenda F451 httpd SafeMacFilter fromSafeMacFilter stack-based overflow
A vulnerability was determined in Tenda F451 1.0.0.7. This vulnerability affects the function fromSafeMacFilter of the file /goform/SafeMacFilter of the component httpd. Executing a manipulation of the argument page/menufacturer can lead to stack-based buffer overflow. The attack can be executed...
CVE-2026-6122
A vulnerability has been found in Tenda F451 1.0.0.7. Affected by this issue is the function frmL7ProtForm of the file /goform/L7Prot of the component httpd. Such manipulation of the argument page leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been...
CVE-2026-6123 Tenda F451 httpd addressNat fromAddressNat stack-based overflow
A vulnerability was found in Tenda F451 1.0.0.7. This affects the function fromAddressNat of the file /goform/addressNat of the component httpd. Performing a manipulation of the argument entrys results in stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has...
CVE-2026-6122
A vulnerability has been found in Tenda F451 1.0.0.7. Affected by this issue is the function frmL7ProtForm of the file /goform/L7Prot of the component httpd. Such manipulation of the argument page leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been...
CVE-2026-6122
CVE-2026-6122 affects Tenda F451 1.0.0.7. The issue occurs in the httpd component, specifically the function frmL7ProtForm in /goform/L7Prot, where manipulation of the argument page leads to a stack-based buffer overflow. The vulnerability is remotely exploitable over the network, and public disc...
Tenda F451 安全漏洞
The Tenda F451 is a wireless router produced by the Chinese company Tenda. Version 1.0.0.7 of the Tenda F451 contains a security vulnerability. This vulnerability stems from the improper handling of the page parameter in the fmtL7ProtForm function within the httpd component, which may lead to a...
PT-2026-32153
A vulnerability was detected in Tenda F451 1.0.0.7. Affected is the function fromDhcpListClient of the file /goform/DhcpListClient of the component httpd. The manipulation of the argument page results in stack-based buffer overflow. The attack can be launched remotely. The exploit is now public a...
Tenda F451 安全漏洞
The Tenda F451 is a wireless router produced by the Chinese company Tenda. Version 1.0.0.7 of the Tenda F451 contains a security vulnerability. This vulnerability stems from the improper handling of the parameter entrys in the fromAddressNat function within the httpd component, potentially leadin...