Latest CVE Feed
Vulnerabilities published in the last 30 days. Filter by severity, exploit status, or attack vector.
A vulnerability in MLflow versions <=3.10.1.dev0 allows unauthorized access to multipart upload (MPU) endpoints when the `--serve-artifacts` mode is enabled. The authorization logic does not enforce …
A security flaw has been discovered in Totolink A8000RU 7.1cu.643_b20200521. This vulnerability affects the function setWiFiAdvancedCfg of the file /cgi-bin/cstecgi.cgi of the component Web Managemen…
Spring AI's support for Anthropic's Skills API used LLM-influenced filenames unsanitized in Path.resolve before writing files to disk. This could allow a malicious user to write files outside the int…
A vulnerability was identified in Tenda F1202 1.2.0.20(408). This affects the function fromPptpUserAdd of the file /goform/PptpUserAdd. The manipulation of the argument opttype leads to stack-based b…
A vulnerability was determined in Tenda F1202 1.2.0.20(408). Affected by this issue is the function formGstDhcpSetSer of the file /goform/GstDhcpSetSerof. Executing a manipulation of the argument dip…
Insertion of Sensitive Information into Log File (CWE-532) in some Command Centre Service installers could lead to Service Account credentials exposure. Mitigating Factor: Only sites that install Co…
A vulnerability was found in Tenda F1202 1.2.0.20(408). Affected by this vulnerability is the function formWrlExtraSet of the file /goform/WrlExtraSet. Performing a manipulation of the argument delno…
A vulnerability has been found in Tenda F1202 1.2.0.20(408). Affected is the function fromPPTPUserSetting of the file /goform/PPTPUserSetting. Such manipulation of the argument delno leads to stack-b…
A flaw has been found in Edimax EW-7438RPn 1.31. This impacts the function formWlSiteSurvey of the file /goform/formWlSiteSurvey of the component webs. This manipulation of the argument selSSID/submi…
A vulnerability was detected in Edimax EW-7438RPn 1.31. This affects the function formHwSet of the file /goform/formHwSet. The manipulation of the argument Anntena/Mcs/regDomain/nic0Addr/nic1Addr/wla…
A security vulnerability has been detected in Edimax EW-7438RPn 1.31. The impacted element is the function formWlanMP of the file /goform/formWlanMP. The manipulation of the argument ateFunc/ateGain/…
A weakness has been identified in Edimax EW-7438RPn 1.31. The affected element is the function formWlanMP of the file /goform/formWlanMP of the component Content-Type Handler. Executing a manipulatio…
A security flaw has been discovered in Edimax BR-6675nD 1.12. Impacted is the function mp of the file /goform/mp of the component POST Request Handler. Performing a manipulation of the argument comma…
A vulnerability was identified in KLiK SocialMediaWebsite 1.0. This issue affects some unknown processing of the component HTTP POST Request Parameter Handler. Such manipulation leads to injection. T…
A vulnerability was determined in KLiK SocialMediaWebsite 1.0. This vulnerability affects the function uniqid of the file upload.inc.php of the component File Handler. This manipulation causes unrest…
A vulnerability was found in KLiK SocialMediaWebsite 1.0. This affects an unknown part of the component HTTP GET Request Parameter Handler. The manipulation results in injection. It is possible to la…
A vulnerability has been found in code-projects Employee Management System 1.0. Affected by this issue is some unknown functionality of the file /empproject.php. The manipulation of the argument ID l…
A flaw has been found in code-projects Employee Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /changepassemp.php. Executing a manipulation of the argum…
An OS Command Injection vulnerability exists in Aterm. If a malicious third person gains administrator access to the product’s web console, they may be able to execute arbitrary OS commands via adjac…
A cross-site scripting vulnerability exists in Aterm. Arbitrary scripts may be executed in the web browser of a user accessing the web management interface via adjacent network.