Search Results (5446 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2025-21605 4 Debian, Lfprojects, Redhat and 1 more 9 Debian Linux, Valkey, Discovery and 6 more 2026-02-10 7.5 High
Redis is an open source, in-memory database that persists on disk. In versions starting at 2.6 and prior to 7.4.3, An unauthenticated client can cause unlimited growth of output buffers, until the server runs out of memory or is killed. By default, the Redis configuration does not limit the output buffer of normal clients (see client-output-buffer-limit). Therefore, the output buffer can grow unlimitedly over time. As a result, the service is exhausted and the memory is unavailable. When password authentication is enabled on the Redis server, but no password is provided, the client can still cause the output buffer to grow from "NOAUTH" responses until the system will run out of memory. This issue has been patched in version 7.4.3. An additional workaround to mitigate this problem without patching the redis-server executable is to block access to prevent unauthenticated users from connecting to Redis. This can be done in different ways. Either using network access control tools like firewalls, iptables, security groups, etc, or enabling TLS and requiring users to authenticate using client side certificates.
CVE-2026-1596 2 D-link, Dlink 3 Dwr-m961, Dwr-m961, Dwr-m961 Firmware 2026-02-10 6.3 Medium
A flaw has been found in D-Link DWR-M961 1.1.47. This vulnerability affects the function sub_419920 of the file /boafrm/formLtefotaUpgradeQuectel. This manipulation of the argument fota_url causes command injection. The attack is possible to be carried out remotely. The exploit has been published and may be used.
CVE-2026-25598 1 Step Security 1 Harden Runner 2026-02-10 4.3 Medium
Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. Prior to 2.14.2, a security vulnerability has been identified in the Harden-Runner GitHub Action (Community Tier) that allows outbound network connections to evade audit logging. Specifically, outbound traffic using the sendto, sendmsg, and sendmmsg socket system calls can bypass detection and logging when using egress-policy: audit. This vulnerability is fixed in 2.14.2.
CVE-2026-25761 1 Super-linter 1 Super-linter 2026-02-10 8.8 High
Super-linter is a combination of multiple linters to run as a GitHub Action or standalone. From 6.0.0 to 8.3.0, the Super-linter GitHub Action is vulnerable to command injection via crafted filenames. When this action is used in downstream GitHub Actions workflows, an attacker can submit a pull request that introduces a file whose name contains shell command substitution syntax, such as $(...). In affected Super-linter versions, runtime scripts may execute the embedded command during file discovery processing, enabling arbitrary command execution in the workflow runner context. This can be used to disclose the job’s GITHUB_TOKEN depending on how the workflow configures permissions. This vulnerability is fixed in 8.3.1.
CVE-2025-15317 1 Tanium 1 Server 2026-02-10 6.5 Medium
Tanium addressed an uncontrolled resource consumption vulnerability in Tanium Server.
CVE-2026-2084 2 D-link, Dlink 3 Dir-823x, Dir-823x, Dir-823x Firmware 2026-02-10 7.2 High
A weakness has been identified in D-Link DIR-823X 250416. This impacts an unknown function of the file /goform/set_language. Executing a manipulation of the argument langSelection can lead to os command injection. It is possible to launch the attack remotely. The exploit has been made available to the public and could be used for attacks.
CVE-2026-2082 2 D-link, Dlink 3 Dir-823x, Dir-823x, Dir-823x Firmware 2026-02-10 4.7 Medium
A vulnerability was identified in D-Link DIR-823X 250416. The impacted element is an unknown function of the file /goform/set_mac_clone. Such manipulation of the argument mac leads to os command injection. The attack may be performed from remote. The exploit is publicly available and might be used.
CVE-2026-2081 2 D-link, Dlink 3 Dir-823x, Dir-823x, Dir-823x Firmware 2026-02-10 4.7 Medium
A vulnerability was determined in D-Link DIR-823X 250416. The affected element is an unknown function of the file /goform/set_password. This manipulation of the argument http_passwd causes os command injection. The attack is possible to be carried out remotely. The exploit has been publicly disclosed and may be utilized.
CVE-2026-1687 1 Tenda 2 Hg10, Hg10 Firmware 2026-02-10 7.3 High
A weakness has been identified in Tenda HG10 US_HG7_HG9_HG10re_300001138_en_xpon. Impacted is an unknown function of the file /boaform/formSamba of the component Boa Webserver. Executing a manipulation of the argument serverString can lead to command injection. It is possible to launch the attack remotely. The exploit has been made available to the public and could be used for attacks.
CVE-2026-1601 1 Totolink 2 A7000r, A7000r Firmware 2026-02-10 6.3 Medium
A weakness has been identified in Totolink A7000R 4.1cu.4154. The impacted element is the function setUploadUserData of the file /cgi-bin/cstecgi.cgi. Executing a manipulation of the argument FileName can lead to command injection. The attack can be launched remotely. The exploit has been made available to the public and could be used for attacks.
CVE-2026-2182 1 Utt 2 521g, 521g Firmware 2026-02-10 7.2 High
A weakness has been identified in UTT 进取 521G 3.1.1-190816. Affected by this issue is the function doSystem of the file /goform/setSysAdm. Executing a manipulation of the argument passwd1 can lead to command injection. The attack may be launched remotely. The exploit has been made available to the public and could be used for attacks.
CVE-2026-2188 1 Utt 2 521g, 521g Firmware 2026-02-10 7.2 High
A vulnerability was determined in UTT 进取 521G 3.1.1-190816. The impacted element is the function sub_446B18 of the file /goform/formPdbUpConfig. Executing a manipulation of the argument policyNames can lead to os command injection. It is possible to launch the attack remotely. The exploit has been publicly disclosed and may be utilized.
CVE-2026-1623 1 Totolink 2 A7000r, A7000r Firmware 2026-02-10 6.3 Medium
A weakness has been identified in Totolink A7000R 4.1cu.4154. Impacted is the function setUpgradeFW of the file /cgi-bin/cstecgi.cgi. This manipulation of the argument FileName causes command injection. The attack can be initiated remotely. The exploit has been made available to the public and could be used for attacks.
CVE-2026-1690 1 Tenda 2 Hg10, Hg10 Firmware 2026-02-10 4.7 Medium
A flaw has been found in Tenda HG10 US_HG7_HG9_HG10re_300001138_en_xpon. This affects the function system of the file /boaform/formSysCmd. This manipulation of the argument sysCmd causes command injection. The attack may be initiated remotely. The exploit has been published and may be used.
CVE-2026-1689 1 Tenda 2 Hg10, Hg10 Firmware 2026-02-10 7.3 High
A vulnerability was detected in Tenda HG10 US_HG7_HG9_HG10re_300001138_en_xpon. The impacted element is the function checkUserFromLanOrWan of the file /boaform/admin/formLogin of the component Login Interface. The manipulation of the argument Host results in command injection. The attack can be launched remotely. The exploit is now public and may be used.
CVE-2026-2227 2 D-link, Dlink 3 Dcs-931l, Dcs-931l, Dcs-931l Firmware 2026-02-10 4.7 Medium
A vulnerability was found in D-Link DCS-931L up to 1.13.0. Impacted is the function doSystem of the file /setSystemAdmin. Performing a manipulation of the argument AdminID results in command injection. The attack may be initiated remotely. The exploit has been made public and could be used. This vulnerability only affects products that are no longer supported by the maintainer.
CVE-2026-0398 1 Powerdns 1 Recursor 2026-02-10 5.3 Medium
Crafted zones can lead to increased resource usage and crafted CNAME chains can lead to cache poisoning in Recursor.
CVE-2026-2184 1 Great Developers 1 Certificate Generation System 2026-02-09 7.3 High
A vulnerability was detected in Great Developers Certificate Generation System up to 97171bb0e5e22e52eacf4e4fa81773e5f3cffb73. This vulnerability affects unknown code of the file /restructured/csv.php. The manipulation of the argument photo results in os command injection. The attack can be executed remotely. This product implements a rolling release for ongoing delivery, which means version information for affected or updated releases is unavailable. The code repository of the project has not been active for many years.
CVE-2026-24685 1 Openproject 1 Openproject 2026-02-09 8.8 High
OpenProject is an open-source, web-based project management software. Versions prior to 16.6.6 and 17.0.2 have an arbitrary file write vulnerability in OpenProject’s repository diff download endpoint (`/projects/:project_id/repository/diff.diff`) when rendering a single revision via git show. By supplying a specially crafted rev value (for example, `rev=--output=/tmp/poc.txt)`, an attacker can inject git show command-line options. When OpenProject executes the SCM command, Git interprets the attacker-controlled rev as an option and writes the output to an attacker-chosen path. As a result, any user with the `:browse_repository` permission on the project can create or overwrite arbitrary files that the OpenProject process user is permitted to write. The written contents consist of git show output (commit metadata and patch), but overwriting application or configuration files still leads to data loss and denial of service, impacting integrity and availability. The issue has been fixed in OpenProject 17.0.2 and 16.6.6.
CVE-2025-58348 1 Samsung 25 Exynos, Exynos 1080, Exynos 1080 Firmware and 22 more 2026-02-09 5.5 Medium
An issue was discovered in the Wi-Fi driver in Samsung Mobile Processor and Wearable Processor Exynos 980, 850, 1080, 1280, 1330, 1380, 1480, 1580, W920, W930 and W1000. There is unbounded memory allocation via a large buffer in a /proc/driver/unifi0/confg_tspec write operation, leading to kernel memory exhaustion.