Search
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-9521 | high | 7.3 | 7.3 | 11d ago | A security vulnerability has been detected in fraillt bitsery up to 5.2.4. Affected is the function loadFromSharedState in the library include/bitsery/ext/std_smart_ptr.h. Such manipulation leads to … | |||
| CVE-2026-42497 | high | 7.5 | 7.5 | debian windows | archive\ | 11d ago | Archive::Tar versions before 3.08 for Perl extract hardlinks to attacker controlled paths outside the extraction directory. _make_special_file() passes the tar header's linkname to link() without va… | |
| CVE-2026-9517 | high | 7.3 | 7.3 | 11d ago | A vulnerability was determined in hemant6488 CodeIgniter-StudentManagementSystem. The affected element is an unknown function of the file /index.php/students/addStudentView of the component Student M… | |||
| CVE-2026-8092 | high | 8.1 | 8.1 | FIX | rhel debian sles | mozilla | 11d ago | Memory safety bugs present in Firefox ESR 115.35.1, Firefox ESR 140.10.1 and Firefox 150.0.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of th… |
| CVE-2026-8090 | high | 7.3 | 7.3 | FIX | rhel debian sles | mozilla | 11d ago | Use-after-free in the DOM: Networking component. This vulnerability was fixed in Firefox 150.0.2, Firefox ESR 140.10.2, Firefox ESR 115.35.2, Thunderbird 150.0.2, and Thunderbird 140.10.2. |
| CVE-2026-42014 | high | — | 8.0 | FIX | debian sles rhel | 11d ago | RHSA-2026:20612: gnutls security update (Important) | |
| CVE-2026-48837 | high | 8.5 | 8.5 | 11d ago | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Unlimited Elements For Elementor allows Blind SQL Injection. This issue affects Unlimited Elemen… | |||
| CVE-2026-45438 | high | 7.5 | 7.5 | 11d ago | Missing Authorization vulnerability in WebToffee Smart Coupons for WooCommerce allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Smart Coupons for WooCommer… | |||
| CVE-2026-45216 | high | 8.8 | 8.8 | 11d ago | Incorrect Privilege Assignment vulnerability in StoreApps Smart Manager allows Privilege Escalation. This issue affects Smart Manager: from n/a through 8.85.0. | |||
| CVE-2026-45209 | high | 7.5 | 7.5 | 11d ago | Missing Authorization vulnerability in edward_plainview MyCryptoCheckout allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects MyCryptoCheckout: from n/a throug… | |||
| CVE-2026-39436 | high | 7.1 | 7.1 | 11d ago | Cross-Site Request Forgery (CSRF) vulnerability in bgermann CformsII allows Cross Site Request Forgery. This issue affects CformsII: from n/a through 15.1.3. | |||
| CVE-2026-24937 | high | 7.2 | 7.2 | 11d ago | Improper Control of Generation of Code ('Code Injection') vulnerability in VideoWhisper.Com Broadcast Live Video allows Code Injection. This issue affects Broadcast Live Video: from n/a before 7.1.3. | |||
| CVE-2026-48848 | high | 7.2 | 7.2 | FIX | debian | 11d ago | Roundcube Webmail 1.6.x before 1.6.16 and 1.7.x before 1.7 has insufficient HTML sanitization that could lead to Cascading Style Sheets (CSS) injection via an SVG document that has an animate element… | |
| CVE-2026-48844 | high | 7.5 | 7.5 | FIX | debian | 11d ago | Roundcube Webmail 1.6.x before 1.6.16 and 1.7.x before 1.7.1 has insecure code evaluation logic in LDAP the autovalues option that could lead to code injection. (Support for code evaluation has been … | |
| CVE-2026-48843 | high | 7.2 | 7.2 | FIX | debian | 11d ago | Roundcube Webmail 1.6.x between 1.6.14 and 1.6.16,and 1.7.x before 1.7.1 has Insufficient Cascading Style Sheets (CSS) sanitization in HTML e-mail messages may lead to SSRF or Information Disclosure,… | |
| CVE-2026-48842 | high | 8.1 | 8.1 | FIX | debian | 11d ago | Roundcube Webmail 1.6.x before 1.6.16 and 1.7.x before 1.7.1 has Pre-authentication SQL injection in the virtuser_query plugin via a preg_replace() backslash escape bypass. | |
| CVE-2026-9482 | high | 8.8 | 8.8 | 11d ago | A vulnerability has been found in Edimax EW-7438RPn 1.31. This impacts the function formSDHCP of the file /goform/formSDHCP. Such manipulation of the argument submit-url leads to stack-based buffer o… | |||
| CVE-2026-9481 | high | 8.8 | 8.8 | 11d ago | A flaw has been found in Edimax EW-7438RPn 1.31. This affects the function formStats of the file /goform/formStats. This manipulation of the argument submit-url causes stack-based buffer overflow. Th… | |||
| CVE-2026-9480 | high | 8.8 | 8.8 | 11d ago | A vulnerability was detected in Edimax EW-7438RPn 1.31. The impacted element is the function formrefresh of the file /goform/formrefresh. The manipulation of the argument submit-url results in stack-… | |||
| CVE-2026-9479 | high | 8.8 | 8.8 | 11d ago | A security vulnerability has been detected in Edimax EW-7438RPn 1.31. The affected element is the function formLogout of the file /goform/formLogout. The manipulation of the argument submit-url leads… | |||
| CVE-2026-9474 | high | 7.3 | 7.3 | 12d ago | A vulnerability was found in yashpokharna2555 StudentManagementSystem up to cb2f558ddf8d19396de0f92abf2d224d46a0a203. Affected by this issue is the function confirm_logged_in of the file /studentdel.… | |||
| CVE-2026-9470 | high | 7.3 | 7.3 | 12d ago | A security vulnerability has been detected in yashpokharna2555 StudentManagementSystem cb2f558ddf8d19396de0f92abf2d224d46a0a203. This affects the function confirm_logged_in of the file student_trans.… | |||
| CVE-2026-9469 | high | 7.3 | 7.3 | 12d ago | A weakness has been identified in yashpokharna2555 StudentManagementSystem cb2f558ddf8d19396de0f92abf2d224d46a0a203. The impacted element is an unknown function of the file /success.php. This manipul… | |||
| CVE-2026-42782 | high | 7.2 | 7.2 | apache | 12d ago | Improper Isolation or Compartmentalization vulnerability in Apache Syncope. An administrator with adequate entitlements for Implementations can create a malicious Groovy class containing untrusted c… | ||
| CVE-2026-9465 | high | 7.3 | 7.3 | 12d ago | A vulnerability was found in Tiandy Easy7 Integrated Management Platform 7.17.0. This vulnerability affects unknown code of the file /Easy7/apps/WebService/GetDBDataEx.jsp. Performing a manipulation … | |||
| CVE-2026-9463 | high | 8.8 | 8.8 | 12d ago | A flaw has been found in Edimax EW-7438RPn 1.31. Affected by this issue is the function formLicence of the file /goform/formLicence. This manipulation of the argument submit-url causes stack-based bu… | |||
| CVE-2026-9462 | high | 8.8 | 8.8 | 12d ago | A vulnerability was detected in Edimax EW-7438RPn 1.31. Affected by this vulnerability is the function formWpsProxyEnable of the file /goform/formWpsProxyEnable. The manipulation of the argument subm… | |||
| CVE-2018-25381 | high | 7.1 | 7.1 | 12d ago | Joomla Responsive Portfolio 1.6.1 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL commands through multiple filter parameters. Attackers can injec… | |||
| CVE-2018-25380 | high | 7.1 | 7.1 | 12d ago | Joomla Component eXtroForms 2.1.5 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL commands through the filter_type_id, filter_pid_id, and filter_s… | |||
| CVE-2018-25377 | high | 8.4 | 8.4 | 12d ago | Flash Slideshow Maker Professional 5.20 contains a buffer overflow vulnerability in the registration dialog that allows local attackers to execute arbitrary code by exploiting structured exception ha… | |||
| CVE-2018-25376 | high | 8.4 | 8.4 | 12d ago | Socusoft 3GP Photo Slideshow 8.05 contains a buffer overflow vulnerability in the registration dialog that allows local attackers to execute arbitrary code by exploiting structured exception handling… | |||
| CVE-2018-25375 | high | 8.4 | 8.4 | 12d ago | SocuSoft iPod Photo Slideshow 8.05 contains a buffer overflow vulnerability in the registration dialog that allows local attackers to execute arbitrary code by overwriting the structured exception ha… | |||
| CVE-2018-25374 | high | 7.5 | 7.5 | 12d ago | Softneta MedDream PACS Server Premium 6.7.1.1 contains a directory traversal vulnerability that allows unauthenticated attackers to read arbitrary files by manipulating the path parameter. Attackers … | |||
| CVE-2018-25372 | high | 8.2 | 8.2 | 12d ago | MedDream PACS Server Premium 6.7.1.1 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the email param… | |||
| CVE-2018-25371 | high | 8.2 | 8.2 | 12d ago | mooSocial Store Plugin 2.6 contains a blind SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries through the product parameter in URL rewrite functionality… | |||
| CVE-2018-25368 | high | 7.5 | 7.5 | 12d ago | Nord VPN 6.14.31 contains a denial of service vulnerability that allows unauthenticated attackers to crash the application by submitting an excessively long string in the password field. Attackers ca… | |||
| CVE-2018-25366 | high | 8.4 | 8.4 | 12d ago | CuteFTP 5.0 XP contains a buffer overflow vulnerability that allows local attackers to execute arbitrary code by injecting malicious payload into the Site Manager label field. Attackers can craft a p… | |||
| CVE-2018-25365 | high | 7.5 | 7.5 | 12d ago | PCViewer vt1000 contains a directory traversal vulnerability that allows unauthenticated attackers to read arbitrary files by submitting relative path sequences in GET requests. Attackers can use pat… | |||
| CVE-2018-25364 | high | 8.2 | 8.2 | 12d ago | Twitter-Clone 1 contains a SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the name parameter. Attackers can sub… | |||
| CVE-2018-25362 | high | 8.2 | 8.2 | 12d ago | Twitter-Clone 1 contains a SQL injection vulnerability in follow.php that allows attackers to manipulate database queries by injecting SQL code through the userid parameter. Attackers can submit unio… | |||
| CVE-2018-25360 | high | 8.4 | 8.4 | 12d ago | AgataSoft Auto PingMaster 1.5 contains a stack-based buffer overflow vulnerability in the Trace Route host name field that allows local attackers to execute arbitrary code by triggering structured ex… | |||
| CVE-2018-25359 | high | 8.4 | 8.4 | 12d ago | Splinterware System Scheduler Pro 5.12 contains an insecure file permissions vulnerability that allows low-privilege users to escalate privileges by modifying service executable files. Attackers can … | |||
| CVE-2026-9461 | high | 8.8 | 8.8 | 12d ago | A security vulnerability has been detected in Edimax EW-7438RPn 1.31. Affected is the function formRadius of the file /goform/formRadius. The manipulation of the argument submit-url leads to stack-ba… | |||
| CVE-2026-9460 | high | 8.8 | 8.8 | 12d ago | A weakness has been identified in Edimax EW-7438RPn 1.31. This impacts the function formAccept of the file /goform/formAccept. Executing a manipulation of the argument submit-url can lead to stack-ba… | |||
| CVE-2026-9459 | high | 8.8 | 8.8 | 12d ago | A security flaw has been discovered in Edimax EW-7438RPn 1.31. This affects the function formConnectionSetting of the file /goform/formConnectionSetting. Performing a manipulation of the argument max… | |||
| CVE-2018-25379 | high | 8.2 | 8.2 | 12d ago | Collectric CMU 1.0 contains a boolean-based blind SQL injection vulnerability in the lang parameter that allows unauthenticated attackers to manipulate database queries during authentication. Attacke… | |||
| CVE-2018-25373 | high | 8.4 | 8.4 | 12d ago | SocuSoft DVD Photo Slideshow Professional 8.07 contains a stack-based buffer overflow vulnerability in the registration name field that allows local attackers to execute arbitrary code by exploiting … | |||
| CVE-2026-47073 | high | 7.5 | 7.5 | benoitc | 12d ago | Unbounded memory consumption in WebSocket client in hackney | ||
| CVE-2026-47067 | high | 7.5 | 7.5 | benoitc | 12d ago | Atom table exhaustion via unrecognized URL schemes in hackney | ||
| CVE-2026-47072 | high | 7.5 | 7.5 | benoitc | 12d ago | Improper Neutralization of CRLF Sequences ('CRLF Injection') vulnerability in benoitc hackney allows HTTP Request/Response Splitting. The WebSocket upgrade code in src/hackney_ws.erl copies the host,… | ||
| CVE-2026-47075 | high | 7.5 | 7.5 | benoitc | 12d ago | Improper Neutralization of CRLF Sequences vulnerability in benoitc hackney allows HTTP Request Splitting. hackney does not percent-encode carriage return (\r) or line feed (\n) characters in the URL … | ||
| CVE-2026-47077 | high | 7.5 | 7.5 | benoitc | 12d ago | Unbounded body accumulation in HTTP/3 response loop in hackney | ||
| CVE-2026-47071 | high | 7.5 | 7.5 | benoitc | 12d ago | SOCKS5 TLS upgrade ignores caller timeout in hackney | ||
| CVE-2026-47066 | high | 7.5 | 7.5 | benoitc | 12d ago | Infinite loop in Alt-Svc header parser in hackney | ||
| CVE-2026-9453 | high | 7.3 | 7.3 | 12d ago | A vulnerability was detected in FoundDream miniclawd up to 2d65665046e2222eeea76cafc8570ed546a8c125. This affects the function which of the file /src/application/skills-loader.ts of the component Ski… | |||
| CVE-2026-9452 | high | 7.3 | 7.3 | 12d ago | A security vulnerability has been detected in FoundDream miniclawd up to 2d65665046e2222eeea76cafc8570ed546a8c125. Affected by this issue is the function ExecTool.execute of the file /src/tools/exec.… | |||
| CVE-2026-9447 | high | 7.3 | 7.3 | 12d ago | A vulnerability was found in SourceCodester Simple POS and Inventory System 1.0. The impacted element is an unknown function of the file /user/search.php. Performing a manipulation of the argument Na… | |||
| CVE-2026-9443 | high | 8.8 | 8.8 | 12d ago | A security vulnerability has been detected in Edimax BR-6478AC 1.23. This vulnerability affects the function formL2TPSetup of the file /goform/formL2TPSetup of the component POST Request Handler. The… | |||
| CVE-2026-9442 | high | 8.8 | 8.8 | 12d ago | A weakness has been identified in Edimax BR-6478AC 1.23. This affects the function formiNICSiteSurvey of the file /goform/formiNICSiteSurvey of the component POST Request Handler. Executing a manipul… | |||
| CVE-2026-45361 | high | 8.1 | 8.1 | apache | 12d ago | Apache Airflow providers-google's `ComputeEngineSSHHook` disables SSH host-key verification by default, exposing SSH traffic between an Airflow worker and a Compute Engine VM to in-path network attac… | ||
| CVE-2026-9431 | high | 8.8 | 8.8 | 12d ago | A vulnerability was identified in Tenda F1202 1.2.0.20(408). This affects the function fromPptpUserAdd of the file /goform/PptpUserAdd. The manipulation of the argument opttype leads to stack-based b… | |||
| CVE-2026-9430 | high | 8.8 | 8.8 | 12d ago | A vulnerability was determined in Tenda F1202 1.2.0.20(408). Affected by this issue is the function formGstDhcpSetSer of the file /goform/GstDhcpSetSerof. Executing a manipulation of the argument dip… | |||
| CVE-2026-9429 | high | 8.8 | 8.8 | 12d ago | A vulnerability was found in Tenda F1202 1.2.0.20(408). Affected by this vulnerability is the function formWrlExtraSet of the file /goform/WrlExtraSet. Performing a manipulation of the argument delno… | |||
| CVE-2026-9428 | high | 8.8 | 8.8 | 12d ago | A vulnerability has been found in Tenda F1202 1.2.0.20(408). Affected is the function fromPPTPUserSetting of the file /goform/PPTPUserSetting. Such manipulation of the argument delno leads to stack-b… | |||
| CVE-2026-25193 | high | 8.1 | 8.1 | 12d ago | Insertion of Sensitive Information into Log File (CWE-532) in some Command Centre Service installers could lead to Service Account credentials exposure. Mitigating Factor: Only sites that install Co… | |||
| CVE-2026-9427 | high | 8.8 | 8.8 | 12d ago | A flaw has been found in Edimax EW-7438RPn 1.31. This impacts the function formWlSiteSurvey of the file /goform/formWlSiteSurvey of the component webs. This manipulation of the argument selSSID/submi… | |||
| CVE-2026-9426 | high | 8.8 | 8.8 | 12d ago | A vulnerability was detected in Edimax EW-7438RPn 1.31. This affects the function formHwSet of the file /goform/formHwSet. The manipulation of the argument Anntena/Mcs/regDomain/nic0Addr/nic1Addr/wla… | |||
| CVE-2026-9425 | high | 8.8 | 8.8 | 12d ago | A security vulnerability has been detected in Edimax EW-7438RPn 1.31. The impacted element is the function formWlanMP of the file /goform/formWlanMP. The manipulation of the argument ateFunc/ateGain/… | |||
| CVE-2026-9422 | high | 7.3 | 7.3 | 12d ago | A vulnerability was identified in KLiK SocialMediaWebsite 1.0. This issue affects some unknown processing of the component HTTP POST Request Parameter Handler. Such manipulation leads to injection. T… | |||
| CVE-2026-9421 | high | 7.3 | 7.3 | 12d ago | A vulnerability was determined in KLiK SocialMediaWebsite 1.0. This vulnerability affects the function uniqid of the file upload.inc.php of the component File Handler. This manipulation causes unrest… | |||
| CVE-2026-9403 | high | 8.8 | 8.8 | 12d ago | A vulnerability was determined in Edimax BR-6675nD 1.12. The impacted element is the function formWlSiteSurvey of the file /goform/formWlSiteSurvey of the component POST Request Handler. This manipul… | |||
| CVE-2026-9401 | high | 8.8 | 8.8 | 12d ago | A vulnerability has been found in Edimax BR-6675nD 1.12. Impacted is the function formWanTcpipSetup of the file /goform/formWanTcpipSetup of the component POST Request Handler. The manipulation of th… | |||
| CVE-2026-9399 | high | 8.8 | 8.8 | 12d ago | A vulnerability was detected in Edimax BR-6675nD 1.12. This vulnerability affects the function formsetPPPoE of the file /goform/formsetPPPoE of the component POST Request Handler. Performing a manipu… | |||
| CVE-2026-9397 | high | 8.1 | 8.1 | 12d ago | A weakness has been identified in Besen BS20 EV Charging Station up to 20260426. Affected by this issue is some unknown functionality of the component OTA Update Installation Handler. This manipulati… | |||
| CVE-2026-9393 | high | 8.8 | 8.8 | 12d ago | A vulnerability was found in H3C Magic B0 up to 100R002. This affects the function Edit_BasicSSID_5G of the file /goform/aspForm. Performing a manipulation of the argument param results in buffer ove… | |||
| CVE-2026-9389 | high | 8.8 | 8.8 | 13d ago | A security vulnerability has been detected in Tenda F456 1.0.0.5. This affects the function frmL7ImForm of the file /goform/L7Im. The manipulation of the argument page leads to buffer overflow. The a… | |||
| CVE-2026-9383 | high | 7.3 | 7.3 | 13d ago | A vulnerability has been found in itsourcecode Electronic Judging System 1.0. This affects an unknown part of the file /intrams/admin/login.php. The manipulation of the argument Username leads to sql… | |||
| CVE-2026-4372 | high | 7.8 | 7.8 | huggingface | 13d ago | A critical remote code execution vulnerability exists in all versions of the HuggingFace transformers library prior to version 5.3.0. The vulnerability allows an attacker to craft a malicious `config… | ||
| CVE-2026-9382 | high | 8.8 | 8.8 | 13d ago | A flaw has been found in Edimax BR-6675nD 1.12. Affected by this issue is the function formPPTPSetup of the file /goform/formPPTPSetup of the component POST Request Handler. Executing a manipulation … | |||
| CVE-2026-9381 | high | 8.8 | 8.8 | 13d ago | A vulnerability was detected in Edimax BR-6675nD 1.12. Affected by this vulnerability is the function formPPPoESetup of the file /goform/formPPPoESetup of the component POST Request Handler. Performi… | |||
| CVE-2026-9380 | high | 8.8 | 8.8 | 13d ago | A security vulnerability has been detected in Edimax BR-6675nD 1.12. Affected is the function formL2TPSetup of the file /goform/formL2TPSetup of the component POST Request Handler. Such manipulation … | |||
| CVE-2026-9372 | high | 7.3 | 7.3 | 13d ago | A flaw has been found in ItzCrazyKns Vane up to 1.12.1. This vulnerability affects unknown code of the file src/app/api/providers/route.ts of the component Model Provider API. This manipulation of th… | |||
| CVE-2026-9368 | high | 7.3 | 7.3 | 13d ago | A vulnerability was identified in NousResearch hermes-agent up to 2026.4.16. This impacts the function execute_code of the file tools/code_execution_tool.py of the component Environment Variable Hand… | |||
| CVE-2026-9367 | high | 7.3 | 7.3 | 13d ago | A vulnerability was determined in NousResearch hermes-agent up to 5157f5427f19488b31c6fdebbacd15d798ce7f63. This affects the function detect_dangerous_command of the file tools/approval.py of the com… | |||
| CVE-2026-9364 | high | 7.3 | 7.3 | 13d ago | A flaw has been found in projectworlds Online Art Gallery Shop 1.0. Impacted is an unknown function of the file /admin/adminHome.php. Executing a manipulation of the argument social_linked can lead t… | |||
| CVE-2026-9366 | high | 7.3 | 7.3 | 13d ago | A vulnerability was found in NousResearch hermes-agent 2026.4.23. The impacted element is the function _scan_context_content of the file agent/prompt_builder.py. The manipulation results in injection… | |||
| CVE-2026-9356 | high | 7.3 | 7.3 | 13d ago | A vulnerability has been found in SourceCodester Hospitals Patient Records Management System 1.0. This affects an unknown function of the file /admin/patients/manage_history.php. Such manipulation of… | |||
| CVE-2026-9360 | high | 8.8 | 8.8 | 13d ago | A security flaw has been discovered in Edimax EW-7438RPn 1.28a. Affected by this issue is the function formwlencrypt24g of the file /goform/formwlencrypt24g of the component POST Request Handler. The… | |||
| CVE-2026-9355 | high | 7.3 | 7.3 | 13d ago | A flaw has been found in SourceCodester Hospitals Patient Records Management System 1.0. The impacted element is an unknown function of the file /classes/Master.php?f=save_patient_history. This manip… | |||
| CVE-2026-9353 | high | 7.3 | 7.3 | 13d ago | A security vulnerability has been detected in NousResearch hermes-agent up to 2026.4.23. Impacted is an unknown function of the file agent/skills_guard.py of the component Skills Guard Multi-Word Pro… | |||
| CVE-2026-3515 | high | 8.5 | 8.5 | 13d ago | A vulnerability in the `GitHubRepository` block of the `prefect-github` integration in Prefect version 3.6.18 allows an attacker to inject arbitrary git command-line options via the `reference` field… | |||
| CVE-2026-9350 | high | 7.3 | 7.3 | 13d ago | A vulnerability was identified in NousResearch hermes-agent up to 2026.4.16. This affects the function check_all_command_guards of the file tools/approval.py of the component Batch Runner. Such manip… | |||
| CVE-2026-9348 | high | 8.8 | 8.8 | 13d ago | A vulnerability was found in Edimax EW-7438RPn up to 1.31. Affected by this vulnerability is an unknown functionality of the file /goform/mp of the component webs. The manipulation of the argument we… | |||
| CVE-2026-48829 | high | 7.5 | 7.5 | FIX | debian sles | 13d ago | In GNU SASL before 2.2.3, DIGEST-MD5 has a NULL pointer dereference affecting both clients and servers, via a known token with no accompanying = character. This occurs in lib/digest-md5/getsubopt.c. | |
| CVE-2026-9346 | high | 8.8 | 8.8 | 13d ago | A flaw has been found in Edimax EW-7438RPn up to 1.31. This impacts the function formWirelessTbl of the file /goform/formWirelessTbl of the component webs. Executing a manipulation of the argument su… | |||
| CVE-2026-9345 | high | 8.8 | 8.8 | 13d ago | A vulnerability was detected in Edimax EW-7438RPn up to 1.31. This affects the function formWizSurvey of the file /goform/formWizSurvey of the component webs. Performing a manipulation of the argumen… | |||
| CVE-2026-9344 | high | 8.8 | 8.8 | 13d ago | A security vulnerability has been detected in Edimax EW-7438RPn up to 1.31. The impacted element is an unknown function of the file /goform/formWpsStart of the component webs. Such manipulation of th… | |||
| CVE-2018-25358 | high | 7.5 | 7.5 | 13d ago | D-Link DIR601 2.02NA contains a credential disclosure vulnerability that allows unauthenticated attackers to retrieve sensitive configuration data by manipulating the table_name parameter in POST req… | |||
| CVE-2018-25356 | high | 8.4 | 8.4 | 13d ago | SIPp 3.6 and earlier contains a local buffer overflow vulnerability in command-line argument handling that allows local attackers to crash the application or execute arbitrary code. Attackers can tri… | |||
| CVE-2018-25353 | high | 8.8 | 8.8 | 13d ago | Redaxo CMS Mediapool Addon 5.5.1 and older contains an arbitrary file upload vulnerability that allows authenticated users to bypass file extension blacklist restrictions. Attackers with editor accou… |