|
3101
|
8.8 |
HIGH
Adjacent
|
dlink
|
dir-600l_firmware
|
D-Link DIR-600L Hardware Revision B1 (End-of-Life) contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the static…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2026-42374
|
2026-05-6 21:18 |
2026-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3102
|
8.8 |
HIGH
Adjacent
|
dlink
|
dir-600l_firmware
|
D-Link DIR-600L Hardware Revision A1 (End-of-Life) contains a hardcoded telnet backdoor. The device starts a telnet daemon at boot via /bin/telnetd.sh with the username "Alphanetworks" and the static…
|
CWE-798
Use of Hard-coded Credentials
|
CVE-2026-42375
|
2026-05-6 21:17 |
2026-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3103
|
2.7 |
LOW
Network
|
-
|
-
|
HCL BigFix RunBookAI is affected by a Continued availability of Less-Secure “Input Text” Vulnerability . A component contains a security weakness in its input handling implementation, increasing the …
|
CWE-522
Insufficiently Protected Credentials
|
CVE-2025-62345
|
2026-05-6 21:16 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3104
|
8.8 |
HIGH
Network
|
-
|
-
|
HCL BigFix RunBookAI is affected by a Unvalidated Command Input / Potential Command Smuggling vulnerability. A flaw in a component's input handling was identified that could permit unauthorized comma…
|
CWE-77
CWE-351
CWE-451
Command Injection
Insufficient Type Distinction
User Interface (UI) Misrepresentation of Critical Information
|
CVE-2025-31951
|
2026-05-6 21:16 |
2026-05-6 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3105
|
4.3 |
MEDIUM
Network
|
-
|
-
|
A vulnerability was found in Open5GS up to 2.7.7. Impacted is the function udr_nudr_dr_handle_subscription_context of the file /src/udr/nudr-handler.c of the component UDR. The manipulation of the ar…
|
CWE-404
Improper Resource Shutdown or Release
|
CVE-2026-7707
|
2026-05-6 06:16 |
2026-05-4 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3106
|
9.8 |
CRITICAL
Network
|
-
|
-
|
Buffer overflow vulnerability in cannelloni v2.0.0 in CAN frame parsing in parser.cpp in function parseCANFrame, and decoder.cpp in function decodeFrame allowing remote attackers to cause a denial of…
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2026-37539
|
2026-05-6 05:24 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3107
|
7.5 |
HIGH
Network
|
-
|
-
|
An issue was discovered in Open-SAE-J1939 thru commit b6caf884df46435e539b1ecbf92b6c29b345bdfe (2025-11-30) in SAE_J1939_Read_Binary_Data_Transfer_DM16 causing a denial of service via crafted CAN fra…
|
CWE-400
Uncontrolled Resource Consumption
|
CVE-2026-42467
|
2026-05-6 05:24 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3108
|
7.5 |
HIGH
Network
|
-
|
-
|
AGL agl-service-can-low-level contains a stack buffer overflow in the uds-c library. The send_diagnostic_request function in uds.c allocates a 6-byte stack buffer (MAX_DIAGNOSTIC_PAYLOAD_SIZE=6) but …
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2026-42485
|
2026-05-6 05:24 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3109
|
8.4 |
HIGH
Local
|
-
|
-
|
flipperzero-firmware commit ad2a80 was discovered to contain a stack overflow in the "Main" function.
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2026-30363
|
2026-05-6 05:24 |
2026-05-2 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3110
|
6.1 |
MEDIUM
Network
|
-
|
-
|
wCMS v.1.4 is vulnerable to Cross Site Scripting (XSS) when creating a new blog.
|
CWE-79
Cross-site Scripting
|
CVE-2026-38669
|
2026-05-6 05:24 |
2026-05-5 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
