31,467 indexed
CVECVE vulnerabilities
31,467 CVEs indexed — newest first. Filter by CVSS severity or CISA KEV listing; KEV-flagged entries surface a rose pill. Authored by Adam Lundqvist.
Showing 801–850 of 31,467 · page 17 of 630
| ID | Title | Summary |
|---|---|---|
| CVE-2026-7123 | CVE-2026-7123 CVSS 9.8 | A vulnerability was found in Totolink A8000RU 7.1cu.643_b20200521. Affected is the function setIptvCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Ha… |
| CVE-2026-7122 | CVE-2026-7122 CVSS 9.8 | A vulnerability has been found in Totolink A8000RU 7.1cu.643_b20200521. This impacts the function setUPnPCfg of the file /cgi-bin/cstecgi.cgi of the component … |
| CVE-2026-7121 | CVE-2026-7121 CVSS 9.8 | A flaw has been found in Totolink A8000RU 7.1cu.643_b20200521. This affects the function setWizardCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Han… |
| CVE-2026-7119 | CVE-2026-7119 CVSS 8.8 | A vulnerability was detected in Tenda HG3 2.0. The impacted element is an unknown function of the file /boaform/formCountrystr. The manipulation of the argumen… |
| CVE-2026-7111 | CVE-2026-7111 CVSS 8.4 | Text::CSV_XS versions before 1.62 for Perl have a use-after-free when registered callbacks extend the Perl argument stack, which may enable type confusion or m… |
| CVE-2026-7106 | CVE-2026-7106 CVSS 8.8 | The Highland Software Custom Role Manager plugin for WordPress is vulnerable to Privilege Escalation in versions up to and including 1.0.0. This is due to insu… |
| CVE-2026-7102 | CVE-2026-7102 CVSS 8.8 | A vulnerability was found in Tenda F456 1.0.0.5. This impacts the function FromWriteFacMac of the file /goform/WriteFacMac of the component httpd. The manipula… |
| CVE-2026-7101 | CVE-2026-7101 CVSS 8.8 | A vulnerability has been found in Tenda F456 1.0.0.5. This affects the function fromWrlclientSet of the file /goform/WrlclientSet of the component httpd. The m… |
| CVE-2026-7100 | CVE-2026-7100 CVSS 8.8 | A flaw has been found in Tenda F456 1.0.0.5. The impacted element is the function fromNatlimitof of the file /goform/Natlimit of the component httpd. Executing… |
| CVE-2026-7099 | CVE-2026-7099 CVSS 8.8 | A vulnerability was detected in Tenda F456 1.0.0.5. The affected element is the function formQuickIndex of the file /goform/QuickIndex of the component httpd. … |
| CVE-2026-7098 | CVE-2026-7098 CVSS 8.8 | A security vulnerability has been detected in Tenda F456 1.0.0.5. Impacted is the function fromDhcpListClient of the file /goform/DhcpListClient of the compone… |
| CVE-2026-7097 | CVE-2026-7097 CVSS 8.8 | A weakness has been identified in Tenda F456 1.0.0.5. This issue affects the function fromwebExcptypemanFilter of the file /goform/webExcptypemanFilter of the … |
| CVE-2026-7096 | CVE-2026-7096 CVSS 8.8 | A security flaw has been discovered in Tenda HG3 2.0 300003070. This vulnerability affects the function formgponConf of the file /boaform/admin/formgponConf. T… |
| CVE-2026-7082 | CVE-2026-7082 CVSS 8.8 | A flaw has been found in Tenda F456 1.0.0.5. Affected by this vulnerability is the function formWrlExtraSet of the file /goform/WrlExtraSet of the component ht… |
| CVE-2026-7081 | CVE-2026-7081 CVSS 8.8 | A vulnerability was detected in Tenda F456 1.0.0.5. Affected is the function fromGstDhcpSetSer of the file /goform/GstDhcpSetSer of the component httpd. Perfor… |
| CVE-2026-7080 | CVE-2026-7080 CVSS 8.8 | A security vulnerability has been detected in Tenda F456 1.0.0.5. This impacts the function fromPPTPUserSetting of the file /goform/PPTPUserSetting of the comp… |
| CVE-2026-7079 | CVE-2026-7079 CVSS 8.8 | A weakness has been identified in Tenda F456 1.0.0.5. This affects the function fromAdvSetWan of the file /goform/AdvSetWan of the component httpd. This manipu… |
| CVE-2026-7078 | CVE-2026-7078 CVSS 8.8 | A security flaw has been discovered in Tenda F456 1.0.0.5. The impacted element is the function fromSetIpBind of the file /goform/SetIpBind of the component ht… |
| CVE-2026-7069 | CVE-2026-7069 CVSS 8.0 | A security flaw has been discovered in D-Link DIR-825 up to 3.00b32. This impacts the function AddPortMapping of the file upnpsoap.c of the component miniupnpd… |
| CVE-2026-7068 | CVE-2026-7068 CVSS 8.8 | A vulnerability was identified in D-Link DIR-825 3.00b32. This affects the function NMBD_process of the file sserver.c of the component nmbd. Such manipulation… |
| CVE-2026-7057 | CVE-2026-7057 CVSS 8.8 | A flaw has been found in Tenda F456 1.0.0.5. The affected element is an unknown function of the file /goform/setcfm of the component httpd. This manipulation o… |
| CVE-2026-7056 | CVE-2026-7056 CVSS 8.8 | A vulnerability was detected in Tenda F456 1.0.0.5. Impacted is the function fromSafeUrlFilter of the file /goform/SafeUrlFilter of the component httpd. The ma… |
| CVE-2026-7055 | CVE-2026-7055 CVSS 8.8 | A security vulnerability has been detected in Tenda F456 1.0.0.5. This issue affects the function fromVirtualSer of the file /goform/VirtualSer of the componen… |
| CVE-2026-7054 | CVE-2026-7054 CVSS 8.8 | A weakness has been identified in Tenda F456 1.0.0.5. This vulnerability affects the function fromPptpUserAdd of the file /goform/PPTPDClient of the component … |
| CVE-2026-7053 | CVE-2026-7053 CVSS 8.8 | A security flaw has been discovered in Tenda F456 1.0.0.5. This affects the function frmL7ProtForm of the file /goform/L7Prot of the component httpd. Performin… |
| CVE-2026-7047 | CVE-2026-7047 CVSS 4.3 | The Frontend User Notes plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1.1. This is due to missing or… |
| CVE-2026-7037 | CVE-2026-7037 CVSS 9.8 | A security flaw has been discovered in Totolink A8000RU 7.1cu.643_b20200521. This issue affects the function setVpnPassCfg of the file /cgi-bin/cstecgi.cgi of … |
| CVE-2026-7036 | CVE-2026-7036 CVSS 9.8 | A vulnerability was identified in Tenda i9 1.0.0.5(2204). This vulnerability affects the function R7WebsSecurityHandlerfunction of the component HTTP Handler. … |
| CVE-2026-7035 | CVE-2026-7035 CVSS 8.8 | A vulnerability was determined in Tenda FH1202 1.2.0.14. This affects the function fromWrlclientSet of the file /goform/WrlclientSet of the component httpd. Ex… |
| CVE-2026-7034 | CVE-2026-7034 CVSS 8.8 | A vulnerability was found in Tenda FH1202 1.2.0.14(408). Affected by this issue is the function WrlExtraSet of the file /goform/WrlExtraSet of the component ht… |
| CVE-2026-7033 | CVE-2026-7033 CVSS 8.8 | A vulnerability has been found in Tenda F456 1.0.0.5. Affected by this vulnerability is the function fromSafeClientFilter of the file /goform/SafeClientFilter.… |
| CVE-2026-7032 | CVE-2026-7032 CVSS 8.8 | A flaw has been found in Tenda F456 1.0.0.5. Affected is the function SafeEmailFilter of the file /goform/SafeEmailFilter. This manipulation of the argument pa… |
| CVE-2026-7031 | CVE-2026-7031 CVSS 8.8 | A vulnerability was detected in Tenda F456 1.0.0.5. This impacts the function fromSafeMacFilter of the file /goform/SafeMacFilter. The manipulation of the argu… |
| CVE-2026-7030 | CVE-2026-7030 CVSS 8.8 | A security vulnerability has been detected in Tenda F456 1.0.0.5. This affects the function fromRouteStatic of the file /goform/RouteStatic. The manipulation o… |
| CVE-2026-7029 | CVE-2026-7029 CVSS 8.8 | A weakness has been identified in Tenda F456 1.0.0.5. The impacted element is the function fromaddressNat of the file /goform/addressNat. Executing a manipulat… |
| CVE-2026-7023 | CVE-2026-7023 CVSS 8.8 | A vulnerability was detected in ByteDance coze-studio up to 0.5.1. Affected by this vulnerability is the function ExecuteSQL of the file backend/domain/memory/… |
| CVE-2026-7019 | CVE-2026-7019 CVSS 8.8 | A vulnerability was identified in Tenda F456 1.0.0.5. The impacted element is the function fromP2pListFilter of the file /goform/P2pListFilter. The manipulatio… |
| CVE-2026-6989 | CVE-2026-6989 CVSS 8.8 | A vulnerability has been found in Tenda F453 up to 1.0.0.3. Impacted is the function TendaTelnet of the file /goform/telnet of the component Telnet Service. Su… |
| CVE-2026-6988 | CVE-2026-6988 CVSS 8.8 | A flaw has been found in Tenda HG10 HG7_HG9_HG10re_300001138_en_xpon. This issue affects the function formRoute of the file /boaform/formRouting of the compone… |
| CVE-2026-6987 | CVE-2026-6987 CVSS 9.8 | A vulnerability was detected in PicoClaw up to 0.2.4. Impacted is an unknown function of the file /api/gateway/restart of the component Web Launcher Management… |
| CVE-2026-6976 | CVE-2026-6976 CVSS 3.7gitlab | GitLab has remediated an issue in GitLab CE/EE affecting all versions from 15.9 before 18.10.8, 18.11 before 18.11.5, and 19.0 before 19.0.2 that under certain… |
| CVE-2026-6973 | Ivanti Endpoint Manager Mobile (EPMM) Improper Input Validation Vulnerability KEVCVSS 7.2Ivanti | Ivanti Endpoint Manager Mobile (EPMM) contains an improper input validation vulnerability that allows a remotely authenticated user with administrative access … |
| CVE-2026-6964 | CVE-2026-6964 CVSS 5.3 | The Video Conferencing with Zoom plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 4.6.7. This is due to the plu… |
| CVE-2026-6963 | CVE-2026-6963 CVSS 8.8 | The WP Mail Gateway plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the wmg_save_provider_config AJAX action in … |
| CVE-2026-6961 | CVE-2026-6961 CVSS 7.6mattermost | Mattermost versions 11.6.x <= 11.6.1, 11.5.x <= 11.5.4, 10.11.x <= 10.11.15, 10.11.x <= 10.11.16 Mattermost fails to sanitize FileInfo.Name received from feder… |
| CVE-2026-6960 | CVE-2026-6960 CVSS 9.8 | The BookingPress Pro plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'bookingpress_validate_submitted_b… |
| CVE-2026-6957 | CVE-2026-6957 CVSS 8.0mattermost | Mattermost Plugins versions <=1.1.5 fail to sanitize filenames received from federated peers before using them to construct export destination paths, which all… |
| CVE-2026-6951 | CVE-2026-6951 CVSS 9.8 | Versions of the package simple-git before 3.36.0 are vulnerable to Remote Code Execution (RCE) due to an incomplete fix for [CVE-2022-25912](https://security.s… |
| CVE-2026-6942 | CVE-2026-6942 CVSS 9.8radare | radare2-mcp version 1.6.0 and earlier contains an os command injection vulnerability that allows remote attackers to execute arbitrary commands by bypassing th… |
| CVE-2026-6933 | CVE-2026-6933 CVSS 8.8 | The Premmerce Dev Tools plugin for WordPress is vulnerable to Remote Code Execution via missing authorization in versions up to and including 2.0. This is due … |