Export limit exceeded: 19670 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.
Search
Search Results (19670 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-24822 | 1 Ttttupup | 1 Wxhelper | 2026-01-27 | N/A |
| Out-of-bounds Write, Heap-based Buffer Overflow vulnerability in ttttupup wxhelper (src modules). This vulnerability is associated with program files mongoose.C. This issue affects wxhelper: through 3.9.10.19-v1. | ||||
| CVE-2026-24823 | 1 Fastshift | 1 X-track | 2026-01-27 | N/A |
| Out-of-bounds Write, Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in FASTSHIFT X-TRACK (Software/X-Track/USER/App/Utils/lv_img_png/PNGdec/src modules). This vulnerability is associated with program files inflate.C. This issue affects X-TRACK: through v2.7. | ||||
| CVE-2026-24799 | 1 Davisking | 1 Dlib | 2026-01-27 | N/A |
| Out-of-bounds Write, Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in davisking dlib (dlib/external/zlib modules). This vulnerability is associated with program files inflate.C. This issue affects dlib: before v19.24.9. | ||||
| CVE-2026-24827 | 1 Gerstrong | 1 Commander-genius | 2026-01-27 | 7.5 High |
| Out-of-bounds Write vulnerability in gerstrong Commander-Genius.This issue affects Commander-Genius: before Release refs/pull/358/merge. | ||||
| CVE-2026-24800 | 1 Tildearrow | 1 Furnace | 2026-01-27 | N/A |
| Out-of-bounds Write, Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability in tildearrow furnace (extern/zlib modules). This vulnerability is associated with program files inflate.C. | ||||
| CVE-2025-56101 | 1 Ruijie | 5 M18-ew, M18-ew Firmware, M18 Ew and 2 more | 2026-01-27 | 8.8 High |
| OS Command Injection vulnerability in Ruijie M18 EW_3.0(1)B11P226_M18_10223116 allowing attackers to execute arbitrary commands via a crafted POST request to the module_get in file /usr/local/lua/dev_sta/networkConnect.lua. | ||||
| CVE-2025-56089 | 1 Ruijie | 5 M18-ew, M18-ew Firmware, M18 Ew and 2 more | 2026-01-27 | 8.8 High |
| OS Command Injection vulnerability in Ruijie M18 EW_3.0(1)B11P226_M18_10223116 allowing attackers to execute arbitrary commands via a crafted POST request to the module_set in file /usr/local/lua/dev_sta/nbr_cwmp.lua. | ||||
| CVE-2025-56098 | 1 Ruijie | 5 Rg-ew300 Pro, Rg-ew300 Pro Firmware, X30-pro and 2 more | 2026-01-27 | 8.8 High |
| OS Command Injection vulnerability in Ruijie X30-PRO X30-PRO-V1_09241521 allowing attackers to execute arbitrary commands via a crafted POST request to the module_get in file /usr/local/lua/dev_sta/networkConnect.lua. | ||||
| CVE-2025-56093 | 1 Ruijie | 7 Rg-eap602, Rg-eap602 Firmware, Rg-ew300 Pro and 4 more | 2026-01-27 | 8.8 High |
| OS Command Injection vulnerability in Ruijie X30-PRO X30-PRO-V1_09241521 allowing attackers to execute arbitrary commands via a crafted POST request to the setWisp in file /usr/lib/lua/luci/modules/wireless.lua. | ||||
| CVE-2025-56094 | 1 Ruijie | 5 Rg-ew300 Pro, Rg-ew300 Pro Firmware, X30-pro and 2 more | 2026-01-27 | 8.8 High |
| OS Command Injection vulnerability in Ruijie X30-PRO X30-PRO-V1_09241521 allowing attackers to execute arbitrary commands via a crafted POST request to the module_get in file /usr/local/lua/dev_sta/host_access_delay.lua. | ||||
| CVE-2025-56095 | 1 Ruijie | 4 Rg-eap602, Rg-eap602 Firmware, Rg-ew1200g Pro and 1 more | 2026-01-27 | 8.8 High |
| OS Command Injection vulnerability in Ruijie RG-EW1200G PRO RG-EW1200G PRO V1.00/V2.00/V3.00/V4.00 allowing attackers to execute arbitrary commands via a crafted POST request to the module_set in file /usr/local/lua/dev_sta/nbr_cwmp.lua. | ||||
| CVE-2025-56090 | 1 Ruijie | 4 Rg-ew1200g Pro, Rg-ew1200g Pro Firmware, Rg-ew1200r and 1 more | 2026-01-27 | 8.8 High |
| OS Command Injection vulnerability in Ruijie RG-EW1200G PRO RG-EW1200G PRO V1.00/V2.00/V3.00/V4.00 allowing attackers to execute arbitrary commands via a crafted POST request to the module_set in file /usr/local/lua/dev_config/config_retain.lua. | ||||
| CVE-2025-56123 | 1 Ruijie | 4 Rg-ew1200g Pro, Rg-ew1200g Pro Firmware, Rg-ew1300g and 1 more | 2026-01-27 | 8.8 High |
| OS Command Injection vulnerability in Ruijie RG-EW1200G PRO RG-EW1200G PRO V1.00/V2.00/V3.00/V4.00 allowing attackers to execute arbitrary commands via a crafted POST request to the module_get in file /usr/local/lua/dev_sta/networkConnect.lua. | ||||
| CVE-2025-56091 | 1 Ruijie | 4 Rg-ew1800gx, Rg-ew1800gx Firmware, Rg-ew300r and 1 more | 2026-01-27 | 8.8 High |
| OS Command Injection vulnerability in Ruijie RG-EW1800GX B11P226_EW1800GX_10223121 allowing attackers to execute arbitrary commands via a crafted POST request to the module_set in file /usr/local/lua/dev_config/config_retain.lua. | ||||
| CVE-2025-56097 | 1 Ruijie | 4 Rg-ew1800gx Pro, Rg-ew1800gx Pro Firmware, Rg-ew300n and 1 more | 2026-01-27 | 8.8 High |
| OS Command Injection vulnerability in Ruijie RG-EW1800GX PRO B11P226_EW1800GX-PRO_10223117 allowing attackers to execute arbitrary commands via a crafted POST request to the module_set in file /usr/local/lua/dev_config/config_retain.lua. | ||||
| CVE-2025-56102 | 1 Ruijie | 4 Rg-ew1800gx, Rg-ew1800gx Firmware, Rg-ew300r and 1 more | 2026-01-27 | 8.8 High |
| OS Command Injection vulnerability in Ruijie RG-EW1800GX B11P226_EW1800GX_10223121 allowing attackers to execute arbitrary commands via a crafted POST request to the module_get in file /usr/local/lua/dev_sta/networkConnect.lua. | ||||
| CVE-2025-56108 | 1 Ruijie | 11 Rg-eap602, Rg-eap602 Firmware, Rg-est310 and 8 more | 2026-01-26 | 8.8 High |
| OS Command Injection vulnerability in Ruijie X30-PRO X30-PRO-V1_09241521 allowing attackers to execute arbitrary commands via a crafted POST request to the pwdmodify in file /usr/lib/lua/luci/modules/common.lua. | ||||
| CVE-2025-56088 | 1 Ruijie | 2 Rg-bcr860, Rg-bcr860 Firmware | 2026-01-26 | 8.8 High |
| OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the action_service in file /usr/lib/lua/luci/controller/admin/service.lua. | ||||
| CVE-2025-56109 | 1 Ruijie | 2 Rg-bcr860, Rg-bcr860 Firmware | 2026-01-26 | 8.8 High |
| OS Command Injection vulnerability in Ruijie RG-BCR RG-BCR860 allowing attackers to execute arbitrary commands via a crafted POST request to the action_wireless in file /usr/lib/lua/luci/control/admin/wireless.lua. | ||||
| CVE-2024-31976 | 2 Engenius, Engeniustech | 3 Ews356 Fit Firmware, Ews356-fir, Ews356-fir Firmware | 2026-01-26 | 8 High |
| EnGenius EWS356-FIR 1.1.30 and earlier devices allow a remote attacker to execute arbitrary OS commands via the Controller connectivity parameter. | ||||