|
631
|
8.8 |
HIGH
Network
|
dlink
|
dir-825m_firmware
|
A vulnerability was found in D-Link DIR-825M 1.1.12. This issue affects the function sub_414BA8 of the file /boafrm/formWanConfigSetup. The manipulation of the argument submit-url results in buffer o…
New
|
CWE-119
CWE-120
Incorrect Access of Indexable Resource ('Range Error')
Classic Buffer Overflow
|
CVE-2026-7289
|
2026-04-30 22:19 |
2026-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
632
|
5.3 |
MEDIUM
Network
|
openclaw
|
openclaw
|
OpenClaw before 2026.3.31 performs Discord audio preflight transcription before validating member authorization, allowing unauthenticated attackers to consume resources. Remote attackers can trigger …
New
|
CWE-408
Incorrect Behavior Order: Early Amplification
|
CVE-2026-41374
|
2026-04-30 22:19 |
2026-04-29 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
633
|
9.4 |
CRITICAL
Network
|
dlink
|
di-8100_firmware
|
A vulnerability was found in D-Link DI-8100 16.07.26A1. This affects the function tgfile_htm of the file tgfile.htm of the component CGI Endpoint. The manipulation of the argument fn results in buffe…
New
|
CWE-119
CWE-120
Incorrect Access of Indexable Resource ('Range Error')
Classic Buffer Overflow
|
CVE-2026-7248
|
2026-04-30 22:18 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
634
|
4.3 |
MEDIUM
Network
|
-
|
-
|
VideoFlow Digital Video Protection DVP 2.10 contains an authenticated remote code execution vulnerability that allows authenticated attackers to execute arbitrary system commands by exploiting a cros…
New
|
CWE-352
Origin Validation Error
|
CVE-2018-25310
|
2026-04-30 22:16 |
2026-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
635
|
7.2 |
HIGH
Network
|
dlink
|
di-8100_firmware
|
A vulnerability has been found in D-Link DI-8100 16.07.26A1. Affected by this issue is the function file_exten_asp of the file file_exten.asp of the component File Extension Handler. The manipulation…
New
|
CWE-119
CWE-120
Incorrect Access of Indexable Resource ('Range Error')
Classic Buffer Overflow
|
CVE-2026-7247
|
2026-04-30 22:09 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
636
|
6.6 |
MEDIUM
Network
|
-
|
-
|
OpenStack Ironic before 35.0.1 allows ipmitool execution in a non-default configuration that has a console interface.
New
|
CWE-829
Inclusion of Functionality from Untrusted Control Sphere
|
CVE-2026-42510
|
2026-04-30 13:16 |
2026-04-28 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
637
|
- |
|
-
|
-
|
Rejected reason: This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
New
|
-
|
CVE-2026-6221
|
2026-04-30 08:16 |
2026-04-30 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
638
|
8.8 |
HIGH
Network
|
tenda
|
f456_firmware
|
A vulnerability has been found in Tenda F456 1.0.0.5. Affected by this vulnerability is the function fromSafeClientFilter of the file /goform/SafeClientFilter. Such manipulation of the argument menuf…
Update
|
CWE-119
CWE-120
Incorrect Access of Indexable Resource ('Range Error')
Classic Buffer Overflow
|
CVE-2026-7033
|
2026-04-30 07:33 |
2026-04-26 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
639
|
8.8 |
HIGH
Network
|
tenda
|
f456_firmware
|
A security flaw has been discovered in Tenda F456 1.0.0.5. This affects the function frmL7ProtForm of the file /goform/L7Prot of the component httpd. Performing a manipulation of the argument page re…
Update
|
CWE-119
CWE-120
Incorrect Access of Indexable Resource ('Range Error')
Classic Buffer Overflow
|
CVE-2026-7053
|
2026-04-30 07:29 |
2026-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
640
|
8.8 |
HIGH
Network
|
tenda
|
f456_firmware
|
A weakness has been identified in Tenda F456 1.0.0.5. This vulnerability affects the function fromPptpUserAdd of the file /goform/PPTPDClient of the component httpd. Executing a manipulation of the a…
Update
|
CWE-119
CWE-120
Incorrect Access of Indexable Resource ('Range Error')
Classic Buffer Overflow
|
CVE-2026-7054
|
2026-04-30 07:28 |
2026-04-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
