Search Results (367118 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-70218 1 Dlink 2 Dir-513, Dir-513 Firmware 2026-03-06 9.8 Critical
Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via POST to the goform/formAdvFirewall component.
CVE-2025-70220 1 Dlink 2 Dir-513, Dir-513 Firmware 2026-03-06 9.8 Critical
Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formAutoDetecWAN_wizard4.
CVE-2025-70223 1 Dlink 2 Dir-513, Dir-513 Firmware 2026-03-06 9.8 Critical
Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formAdvNetwork.
CVE-2025-70226 1 Dlink 2 Dir-513, Dir-513 Firmware 2026-03-06 9.8 Critical
Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formEasySetupWizard.
CVE-2025-70219 1 Dlink 2 Dir-513, Dir-513 Firmware 2026-03-06 9.8 Critical
Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the goform/formDeviceReboot.
CVE-2025-70221 1 Dlink 2 Dir-513, Dir-513 Firmware 2026-03-06 9.8 Critical
Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formLogin.
CVE-2025-70225 1 Dlink 2 Dir-513, Dir-513 Firmware 2026-03-06 9.8 Critical
Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curtime parameter to the goform/formEasySetupWWConfig component
CVE-2025-70222 1 Dlink 2 Dir-513, Dir-513 Firmware 2026-03-06 9.8 Critical
Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formLogin,goform/getAuthCode.
CVE-2025-70229 1 Dlink 2 Dir-513, Dir-513 Firmware 2026-03-06 9.8 Critical
Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSchedule.
CVE-2025-70230 1 Dlink 2 Dir-513, Dir-513 Firmware 2026-03-06 9.8 Critical
Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetDDNS.
CVE-2025-70231 1 Dlink 2 Dir-513, Dir-513 Firmware 2026-03-06 9.8 Critical
D-Link DIR-513 version 1.10 contains a critical-level vulnerability. When processing POST requests related to verification codes in /goform/formLogin, it enters /goform/getAuthCode but fails to filter the value of the FILECODE parameter, resulting in a path traversal vulnerability.
CVE-2025-70232 1 Dlink 2 Dir-513, Dir-513 Firmware 2026-03-06 9.8 Critical
Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetMACFilter.
CVE-2025-70233 1 Dlink 2 Dir-513, Dir-513 Firmware 2026-03-06 9.8 Critical
Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetEnableWizard.
CVE-2026-28484 1 Openclaw 1 Openclaw 2026-03-06 N/A
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.
CVE-2026-27123 2026-03-06 N/A
Reason: This candidate was issued in error.
CVE-2025-12107 1 Wso2 2 Identity Server, Wso2 Identity Server 2026-03-06 8.4 High
Due to the use of a vulnerable third-party Velocity template engine, a malicious actor with admin privilege may inject and execute arbitrary template syntax within server-side templates. Successful exploitation of this vulnerability could allow a malicious actor with admin privilege to inject and execute arbitrary template code on the server, potentially leading to remote code execution, data manipulation, or unauthorized access to sensitive information.
CVE-2025-36018 2 Ibm, Linux 2 Concert, Linux Kernel 2026-03-06 6.5 Medium
IBM Concert 1.0.0 through 2.1.0 for Z hub componentĀ is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.
CVE-2025-33089 1 Ibm 1 Concert 2026-03-06 6.5 Medium
IBM Concert 1.0.0 through 2.1.0 could allow a remote attacker to obtain sensitive information or perform unauthorized actions due to the use of hard coded user credentials.
CVE-2025-66490 1 Traefik 1 Traefik 2026-03-06 6.5 Medium
Traefik is an HTTP reverse proxy and load balancer. For versions prior to 2.11.32 and 2.11.31 through 3.6.2, requests using PathPrefix, Path or PathRegex matchers can bypass path normalization. When Traefik uses path-based routing, requests containing URL-encoded restricted characters (/, \, Null, ;, ?, #) can bypass the middleware chain and reach unintended backends. For example, a request to http://mydomain.example.com/admin%2F could reach service-a without triggering my-security-middleware, bypassing security controls for the /admin/ path. This issue is fixed in versions 2.11.32 and 3.6.3.
CVE-2020-9321 1 Traefik 2 Traefik, Traefik Enterprise 2026-03-06 7.5 High
configurationwatcher.go in Traefik 2.x before 2.1.4 and TraefikEE 2.0.0 mishandles the purging of certificate contents from providers before logging.