Total
13565 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2026-7851 | 1 Dlink | 2 Di-8100, Di-8100 Firmware | 2026-05-06 | 8.3 HIGH | 7.2 HIGH |
| A vulnerability was identified in D-Link DI-8100 16.07.26A1. This affects the function sprintf of the file yyxz.asp. The manipulation of the argument ID leads to stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit is publicly available and might be used. | |||||
| CVE-2026-7853 | 1 Dlink | 2 Di-8100, Di-8100 Firmware | 2026-05-06 | 10.0 HIGH | 9.8 CRITICAL |
| A weakness has been identified in D-Link DI-8100 16.07.26A1. Affected is the function sprintf of the file /auto_reboot.asp of the component HTTP Handler. This manipulation of the argument enable/time causes buffer overflow. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be used for attacks. | |||||
| CVE-2026-7854 | 1 Dlink | 2 Di-8100, Di-8100 Firmware | 2026-05-06 | 10.0 HIGH | 9.8 CRITICAL |
| A security vulnerability has been detected in D-Link DI-8100 16.07.26A1. Affected by this vulnerability is the function url_rule_asp of the file /url_rule.asp of the component POST Parameter Handler. Such manipulation leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used. | |||||
| CVE-2026-7855 | 1 Dlink | 2 Di-8100, Di-8100 Firmware | 2026-05-06 | 9.0 HIGH | 8.8 HIGH |
| A vulnerability was detected in D-Link DI-8100 16.07.26A1. Affected by this issue is the function tggl_asp of the file /tggl.asp of the component HTTP Request Handler. Performing a manipulation of the argument Name results in buffer overflow. The attack can be initiated remotely. The exploit is now public and may be used. | |||||
| CVE-2026-7856 | 1 Dlink | 2 Di-8100, Di-8100 Firmware | 2026-05-06 | 8.3 HIGH | 7.2 HIGH |
| A flaw has been found in D-Link DI-8100 16.07.26A1. This affects an unknown part of the file /url_member.asp of the component Web Management Interface. Executing a manipulation of the argument Name can lead to buffer overflow. The attack can be launched remotely. The exploit has been published and may be used. | |||||
| CVE-2026-7857 | 1 Dlink | 2 Di-8100, Di-8100 Firmware | 2026-05-06 | 8.3 HIGH | 7.2 HIGH |
| A vulnerability has been found in D-Link DI-8100 16.07.26A1. This vulnerability affects the function sprintf of the file /user_group.asp of the component CGI Handler. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | |||||
| CVE-2026-7233 | 1 Artifex | 1 Mupdf | 2026-05-05 | 1.7 LOW | 3.3 LOW |
| A vulnerability was determined in Artifex MuPDF up to 1.28.0. The impacted element is the function fz_subset_cff_for_gids of the file subset-cff.c of the component CFF Index Handler. This manipulation causes out-of-bounds read. The attack can only be executed locally. The exploit has been publicly disclosed and may be utilized. The project was informed of the problem early through a bug report but has not responded yet. | |||||
| CVE-2026-33851 | 2026-05-05 | N/A | 7.8 HIGH | ||
| Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in joncampbell123 doslib.This issue affects doslib: before doslib-20250729. | |||||
| CVE-2026-7684 | 2026-05-05 | 9.0 HIGH | 8.8 HIGH | ||
| A security vulnerability has been detected in Edimax BR-6428nC up to 1.16. This impacts an unknown function of the file /goform/setWAN. Such manipulation of the argument pptpDfGateway leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2026-7685 | 2026-05-05 | 9.0 HIGH | 8.8 HIGH | ||
| A vulnerability was detected in Edimax BR-6208AC up to 1.02. Affected is an unknown function of the file /goform/setWAN. Performing a manipulation of the argument pptpDfGateway results in buffer overflow. The attack may be initiated remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2026-7834 | 2026-05-05 | 10.0 HIGH | 9.8 CRITICAL | ||
| A security vulnerability has been detected in EFM ipTIME NAS1dual 1.5.24. This issue affects the function get_csrf_whites of the file /cgi/advanced/misc_main.cgi. Such manipulation leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2026-7674 | 2026-05-04 | 9.0 HIGH | 8.8 HIGH | ||
| A flaw has been found in Shenzhen Libituo Technology LBT-T300-HW1 up to 1.2.8. This issue affects the function start_single_service of the component Web Management Interface. Executing a manipulation of the argument vpn_pptp_server/vpn_l2tp_server can lead to buffer overflow. The attack can be executed remotely. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2026-7675 | 2026-05-04 | 9.0 HIGH | 8.8 HIGH | ||
| A vulnerability has been found in Shenzhen Libituo Technology LBT-T300-HW1 up to 1.2.8. Impacted is the function start_lan of the file /apply.cgi. The manipulation of the argument Channel/ApCliSsid leads to buffer overflow. The attack is possible to be carried out remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | |||||
| CVE-2026-7717 | 2026-05-04 | 9.0 HIGH | 8.8 HIGH | ||
| A vulnerability was determined in Totolink WA300 5.2cu.7112_B20190227. This issue affects the function UploadCustomModule of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. Executing a manipulation of the argument File can lead to buffer overflow. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized. | |||||
| CVE-2026-7719 | 2026-05-04 | 10.0 HIGH | 9.8 CRITICAL | ||
| A security flaw has been discovered in Totolink WA300 5.2cu.7112_B20190227. The affected element is the function loginauth of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument http_host results in buffer overflow. The attack may be launched remotely. The exploit has been released to the public and may be used for attacks. | |||||
| CVE-2026-7748 | 2026-05-04 | 9.0 HIGH | 8.8 HIGH | ||
| A weakness has been identified in Totolink N300RH 3.2.4-B20220812. Affected by this issue is the function setUpgradeFW of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. Executing a manipulation of the argument FileName can lead to buffer overflow. The attack can be launched remotely. The exploit has been made available to the public and could be used for attacks. | |||||
| CVE-2026-7750 | 2026-05-04 | 9.0 HIGH | 8.8 HIGH | ||
| A vulnerability was detected in Totolink N300RH 3.2.4-B20220812. This vulnerability affects the function setMacFilterRules of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument mac_address results in buffer overflow. The attack may be launched remotely. The exploit is now public and may be used. | |||||
| CVE-2026-7747 | 2026-05-04 | 10.0 HIGH | 9.8 CRITICAL | ||
| A security flaw has been discovered in Totolink N300RH 3.2.4-B20220812. Affected by this vulnerability is the function loginauth of the file /cgi-bin/cstecgi.cgi of the component Parameter Handler. Performing a manipulation of the argument Password results in buffer overflow. The attack can be initiated remotely. The exploit has been released to the public and may be used for attacks. | |||||
| CVE-2026-7749 | 2026-05-04 | 9.0 HIGH | 8.8 HIGH | ||
| A security vulnerability has been detected in Totolink N300RH 3.2.4-B20220812. This affects the function setWanConfig of the file /cgi-bin/cstecgi.cgi of the component POST Request Handler. The manipulation of the argument priDns leads to buffer overflow. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used. | |||||
| CVE-2026-5475 | 1 Nasa | 1 Core Flight System | 2026-05-04 | 5.2 MEDIUM | 5.5 MEDIUM |
| A vulnerability was determined in NASA cFS up to 7.0.0. This impacts the function CFE_SB_TransmitMsg of the file cfe_sb_priv.c of the component CCSDS Header Size Handler. Executing a manipulation can lead to memory corruption. The project was informed of the problem early through an issue report but has not responded yet. | |||||