Total CVEs

142,027

Critical Severity

3,943

High Severity

14,108

Last 7 Days

1,722
Quick preset (or use dates below)
Clear Filters
Showing 11,141 - 11,160 of 14,108 CVEs
CVE-2026-2906 HIGH - 8.8

A security flaw has been discovered in Tenda HG9 300001138. Affected is an unknown function of the file /boaform/formSamba of the component Samba Configuration Endpoint. The manipulation of the argument sambaCap results in stack-based buffer overflow. The attack may be launched remotely. The exploit...

Vendor: tenda
Product: hg9_firmware
Published: Feb 22, 2026
Source: NVD
CVE-2026-2905 HIGH - 8.8

A vulnerability was identified in Tenda HG9 300001138. This impacts an unknown function of the file /boaform/formWlanSetup of the component Wireless Configuration Endpoint. The manipulation of the argument ssid leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit i...

Vendor: tenda
Product: hg9_firmware
Published: Feb 22, 2026
Source: NVD
CVE-2026-2904 HIGH - 8.8

A vulnerability was determined in UTT HiPER 810G 1.7.7-171114. This affects the function strcpy of the file /goform/ConfigExceptAli. Executing a manipulation can lead to buffer overflow. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized.

Vendor: utt
Product: 810g_firmware
Published: Feb 22, 2026
Source: NVD
CVE-2026-2896 HIGH - 7.3

A weakness has been identified in funadmin up to 7.1.0-rc4. This affects the function setConfig of the file app/backend/controller/Ajax.php of the component Configuration Handler. Executing a manipulation can lead to improper authorization. The attack can be executed remotely. The exploit has been m...

Vendor: funadmin
Product: funadmin
Published: Feb 22, 2026
Source: NVD
CVE-2026-2886 HIGH - 8.8

A weakness has been identified in Tenda A21 1.0.0.0. This affects the function set_device_name of the file /goform/SetOnlineDevName. This manipulation of the argument devName causes stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been made available to th...

Vendor: tenda
Product: a21_firmware
Published: Feb 21, 2026
Source: NVD
CVE-2026-2885 HIGH - 8.8

A security flaw has been discovered in D-Link DWR-M960 1.01.07. The impacted element is the function sub_469104 of the file /boafrm/formIpv6Setup. The manipulation of the argument submit-url results in stack-based buffer overflow. The attack may be performed from remote. The exploit has been release...

Vendor: dlink
Product: dwr-m960_firmware
Published: Feb 21, 2026
Source: NVD
CVE-2026-2884 HIGH - 8.8

A vulnerability was identified in D-Link DWR-M960 1.01.07. The affected element is the function sub_41914C of the file /boafrm/formWanConfigSetup of the component WAN Interface Setting Handler. The manipulation of the argument submit-url leads to stack-based buffer overflow. The attack is possible t...

Vendor: dlink
Product: dwr-m960_firmware
Published: Feb 21, 2026
Source: NVD
CVE-2026-2883 HIGH - 8.8

A vulnerability was determined in D-Link DWR-M960 1.01.07. Impacted is the function sub_427D74 of the file /boafrm/formIpQoS. Executing a manipulation of the argument submit-url can lead to stack-based buffer overflow. The attack can be executed remotely. The exploit has been publicly disclosed and ...

Vendor: dlink
Product: dwr-m960_firmware
Published: Feb 21, 2026
Source: NVD
CVE-2026-2882 HIGH - 8.8

A vulnerability was found in D-Link DWR-M960 1.01.07. This issue affects the function sub_46385C of the file /boafrm/formDosCfg. Performing a manipulation of the argument submit-url results in stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been made publi...

Vendor: dlink
Product: dwr-m960_firmware
Published: Feb 21, 2026
Source: NVD
CVE-2026-2881 HIGH - 8.8

A vulnerability has been found in D-Link DWR-M960 1.01.07. This vulnerability affects the function sub_425FF8 of the file /boafrm/formFirewallAdv of the component Advanced Firewall Configuration Endpoint. Such manipulation of the argument submit-url leads to stack-based buffer overflow. The attack m...

Vendor: dlink
Product: dwr-m960_firmware
Published: Feb 21, 2026
Source: NVD
CVE-2026-2877 HIGH - 8.8

A vulnerability has been found in Tenda A18 15.13.07.13. This affects the function strcpy of the file /goform/WifiExtraSet of the component Httpd Service. The manipulation of the argument wpapsk_crypto5g leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploi...

Vendor: tenda
Product: a18_firmware
Published: Feb 21, 2026
Source: NVD
CVE-2026-2876 HIGH - 8.8

A vulnerability was determined in Tenda A18 15.13.07.13. This affects the function parse_macfilter_rule of the file /goform/setBlackRule. This manipulation of the argument deviceList causes stack-based buffer overflow. The attack may be initiated remotely. The exploit has been publicly disclosed and...

Vendor: tenda
Product: a18_firmware
Published: Feb 21, 2026
Source: NVD
CVE-2026-2874 HIGH - 8.8

A flaw has been found in Tenda A21 1.0.0.0. Impacted is the function form_fast_setting_wifi_set of the file /goform/fast_setting_wifi_set. Executing a manipulation of the argument ssid can lead to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been publish...

Vendor: tenda
Product: a21_firmware
Published: Feb 21, 2026
Source: NVD
CVE-2026-2873 HIGH - 8.8

A vulnerability was detected in Tenda A21 1.0.0.0. This issue affects the function setSchedWifi of the file /goform/openSchedWifi. Performing a manipulation of the argument schedStartTime/schedEndTime results in stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit...

Vendor: tenda
Product: a21_firmware
Published: Feb 21, 2026
Source: NVD
CVE-2026-2872 HIGH - 8.8

A security vulnerability has been detected in Tenda A21 1.0.0.0. This vulnerability affects the function set_device_name of the file /goform/setBlackRule of the component MAC Filtering Configuration Endpoint. Such manipulation of the argument devName/mac leads to stack-based buffer overflow. The att...

Vendor: tenda
Product: a21_firmware
Published: Feb 21, 2026
Source: NVD
CVE-2026-2871 HIGH - 8.8

A weakness has been identified in Tenda A21 1.0.0.0. This affects the function fromSetIpMacBind of the file /goform/SetIpMacBind. This manipulation of the argument list causes stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been made available to the p...

Vendor: tenda
Product: a21_firmware
Published: Feb 21, 2026
Source: NVD
CVE-2026-2870 HIGH - 8.8

A security flaw has been discovered in Tenda A21 1.0.0.0. Affected by this issue is the function set_qosMib_list of the file /goform/formSetQosBand. The manipulation of the argument list results in stack-based buffer overflow. The attack can be executed remotely. The exploit has been released to the...

Vendor: tenda
Product: a21_firmware
Published: Feb 21, 2026
Source: NVD
CVE-2026-2867 HIGH - 7.3

A vulnerability was determined in itsourcecode Vehicle Management System 1.0. Affected is an unknown function of the file /billaction.php. Executing a manipulation of the argument ID can lead to sql injection. The attack may be launched remotely. The exploit has been publicly disclosed and may be ut...

Vendor: admerc
Product: vehicle_management_system
Published: Feb 21, 2026
Source: NVD
CVE-2026-27579 HIGH - 7.4

CollabPlatform is a full-stack, real-time doc collaboration platform. In all versions of CollabPlatform, the Appwrite project used by the application is misconfigured to allow arbitrary origins in CORS responses while also permitting credentialed requests. An attacker-controlled domain can issue aut...

Vendor: karnop
Product: realtime-collaboration-platform
Published: Feb 21, 2026
Source: NVD
CVE-2026-27479 HIGH - 7.7

Wallos is an open-source, self-hostable personal subscription tracker. Versions 4.6.0 and below contain a Server-Side Request Forgery (SSRF) vulnerability in the subscription and payment logo/icon upload functionality. The application validates the IP address of the provided URL before making the re...

Vendor: ellite
Product: Wallos
Published: Feb 21, 2026
Source: NVD