|
651
|
7.8 |
HIGH
Local
|
-
|
-
|
AVACAST developed by eMPIA Technology, has a DLL Hijacking vulnerability, allowing authenticated local attackers to place a malicious DLL in a specific directory, resulting in arbitrary code executio…
New
|
CWE-427
Uncontrolled Search Path Element
|
CVE-2026-7279
|
2026-04-28 19:16 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
652
|
9.8 |
CRITICAL
Network
|
-
|
-
|
A vulnerability was found in D-Link DI-8100 16.07.26A1. This affects the function tgfile_htm of the file tgfile.htm of the component CGI Endpoint. The manipulation of the argument fn results in buffe…
New
|
CWE-119
CWE-120
Incorrect Access of Indexable Resource ('Range Error')
Classic Buffer Overflow
|
CVE-2026-7248
|
2026-04-28 18:16 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
653
|
7.2 |
HIGH
Network
|
-
|
-
|
A vulnerability has been found in D-Link DI-8100 16.07.26A1. Affected by this issue is the function file_exten_asp of the file file_exten.asp of the component File Extension Handler. The manipulation…
New
|
CWE-119
CWE-120
Incorrect Access of Indexable Resource ('Range Error')
Classic Buffer Overflow
|
CVE-2026-7247
|
2026-04-28 18:16 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
654
|
9.8 |
CRITICAL
Network
|
-
|
-
|
A security flaw has been discovered in Totolink A8000RU 7.1cu.643_b20200521. The impacted element is the function setWiFiEasyGuestCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Th…
New
|
CWE-77
CWE-78
Command Injection
OS Command
|
CVE-2026-7244
|
2026-04-28 18:16 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
655
|
9.8 |
CRITICAL
Network
|
-
|
-
|
A vulnerability was identified in Totolink A8000RU 7.1cu.643_b20200521. The affected element is the function setRadvdCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulatio…
New
|
CWE-77
CWE-78
Command Injection
OS Command
|
CVE-2026-7243
|
2026-04-28 18:16 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
656
|
9.8 |
CRITICAL
Network
|
-
|
-
|
A vulnerability was determined in Totolink A8000RU 7.1cu.643_b20200521. Impacted is the function setOpenVpnClientCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipul…
New
|
CWE-77
CWE-78
Command Injection
OS Command
|
CVE-2026-7242
|
2026-04-28 18:16 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
657
|
9.8 |
CRITICAL
Network
|
-
|
-
|
A vulnerability was found in Totolink A8000RU 7.1cu.643_b20200521. This issue affects the function setWiFiBasicCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Performing a manipula…
New
|
CWE-77
CWE-78
Command Injection
OS Command
|
CVE-2026-7241
|
2026-04-28 18:16 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
658
|
9.8 |
CRITICAL
Network
|
-
|
-
|
A vulnerability has been found in Totolink A8000RU 7.1cu.643_b20200521. This vulnerability affects the function setVpnAccountCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Such ma…
New
|
CWE-77
CWE-78
Command Injection
OS Command
|
CVE-2026-7240
|
2026-04-28 17:16 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
659
|
5.3 |
MEDIUM
Network
|
-
|
-
|
A security vulnerability has been detected in ErlichLiu claude-agent-sdk-master up to b185aa7ff0d864581257008077b4010fca1747bf. Affected by this vulnerability is an unknown functionality of the file …
New
|
CWE-22
Path Traversal
|
CVE-2026-7235
|
2026-04-28 17:16 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
660
|
5.3 |
MEDIUM
Network
|
-
|
-
|
The Booking Package plugin for WordPress is vulnerable to Price Manipulation in versions up to, and including, 1.7.06 This is due to the intentForStripe() function passing user-controlled $_POST['amo…
New
|
CWE-472
External Control of Assumed-Immutable Web Parameter
|
CVE-2026-4911
|
2026-04-28 17:16 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
