CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

A cross-site scripting XSS vulnerability in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the name of a visiting Wi-Fi network...

7.3CVSS5.5AI score0.00412EPSS

Exploits1References1

Vulnrichment•added 2025/08/04 12:0 a.m.•4 views

CVE-2025-26065

5.6AI score0.00412EPSS

Exploits1References3

NVD•added 2025/05/30 3:15 a.m.•8 views

CVE-2025-44619

Tinxy WiFi Lock Controller v1 RF was discovered to be configured to transmit on an open Wi-Fi network, allowing attackers to join the network without authentication...

9.1CVSS0.00212EPSS

Exploits0References2

Cvelist•added 2025/05/30 12:0 a.m.•13 views

CVE-2025-44619

Tinxy WiFi Lock Controller v1 RF was discovered to be configured to transmit on an open Wi-Fi network, allowing attackers to join the network without authentication...

0.00212EPSS

Exploits0References2

CVE•added 2025/05/30 12:0 a.m.•48 views

CVE-2025-44619

The CVE-2025-44619 entry concerns Tinxy WiFi Lock Controller v1 RF, which is reported to be configured to transmit on an open Wi‑Fi network. Root cause: device configured for unauthenticated network access. Impact: attackers could join the network without authentication, potentially leading to un...

9.1CVSS7.4AI score0.00212EPSS

Exploits0References2Affected Software1

RedhatCVE•added 2025/05/23 9:42 a.m.•8 views

CVE-2024-23726

Ubee DDW365 XCNDDW365 devices have predictable default WPA2 PSKs that could lead to unauthorized remote access. A remote attacker in proximity to a Wi-Fi network can derive the default WPA2-PSK value by observing a beacon frame. A PSK is generated by using the first six characters of the SSID and...

8.8CVSS7AI score0.00703EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 8:49 a.m.•5 views

CVE-2024-41689

This vulnerability exists in SyroTech SY-GPON-1110-WDONT Router due to unencrypted storing of WPA/ WPS credentials within the router's firmware/ database. An attacker with physical access could exploit this by extracting the firmware and reverse engineer the binary data to access the plaintext WP...

5.2CVSS6.9AI score0.00012EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 11:16 p.m.•3 views

CVE-2022-36381

OS command injection vulnerability in Nintendo Wi-Fi Network Adaptor WAP-001 All versions allows an attacker with an administrative privilege to execute arbitrary OS commands via unspecified vectors...

7.2CVSS8.2AI score0.05059EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 10:51 p.m.•5 views

CVE-2022-36293

Buffer overflow vulnerability in Nintendo Wi-Fi Network Adaptor WAP-001 All versions allows an attacker with an administrative privilege to execute arbitrary code via unspecified vectors...

7.2CVSS8.2AI score0.02278EPSS

Exploits0References1

RedhatCVE•added 2025/05/22 3:34 p.m.•4 views

CVE-2020-36245

GramAddict through 1.2.3 allows remote attackers to execute arbitrary code because of use of UIAutomator2 and ATX-Agent. The attacker must be able to reach TCP port 7912, e.g., by being on the same Wi-Fi network...

8.8CVSS7.9AI score0.0036EPSS

Exploits1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by