|
131
|
6.1 |
MEDIUM
Network
|
-
|
-
|
Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, wrap_line (app/modules/common/common.py:181-186) and highlight_word (app/modules/…
New
|
CWE-79
Cross-site Scripting
|
CVE-2026-45560
|
2026-06-11 02:16 |
2026-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
132
|
9.1 |
CRITICAL
Network
|
-
|
-
|
Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, PUT /smon/check (app/routes/smon/routes.py:117-138) gates only on roxywi_common.c…
New
|
CWE-639
CWE-862
CWE-863
Authorization Bypass Through User-Controlled Key
Missing Authorization
Incorrect Authorization
|
CVE-2026-45550
|
2026-06-11 02:16 |
2026-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
133
|
8.5 |
HIGH
Network
|
-
|
-
|
Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, agent_action (app/routes/smon/agent_routes.py:166-179) has decorators @bp.post('/…
New
|
CWE-862
CWE-863
Missing Authorization
Incorrect Authorization
|
CVE-2026-45549
|
2026-06-11 02:16 |
2026-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
134
|
7.5 |
HIGH
Network
|
-
|
-
|
Shenzhen Tenda Technology Co., Ltd Tenda W15E v15.11.0.10 was discovered to contain a buffer overflow in the picCropName parameter of the formCropAndSetWewifiPic function. This vulnerability allows a…
New
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2026-36813
|
2026-06-11 02:16 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
135
|
7.5 |
HIGH
Network
|
-
|
-
|
Shenzhen Tenda Technology Co., Ltd Tenda W15E v15.11.0.10 was discovered to contain a buffer overflow in the webAuthUserPwd parameter of the formModifyWebAuthUser function. This vulnerability allows …
New
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2026-36806
|
2026-06-11 02:16 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
136
|
7.5 |
HIGH
Network
|
-
|
-
|
Shenzhen Tenda Technology Co., Ltd Tenda G0 v15.11.0.5 was discovered to contain multiple buffer overflows in the Saveqqlist function via the qqStr and markStr parameters. These vulnerabilities allow…
New
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2026-36805
|
2026-06-11 02:16 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
137
|
9.1 |
CRITICAL
Network
|
-
|
-
|
Issue Summary: Cryptographic Message Services (CMS) processing fails to perform
sufficient input validation on the cipher and tag length fields of
AuthEnvelopedData containers, leading to various pot…
New
|
CWE-354
Improper Validation of Integrity Check Value
|
CVE-2026-34182
|
2026-06-11 02:16 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
138
|
7.4 |
HIGH
Network
|
-
|
-
|
Issue Summary: The PKCS#12 file processing fails to perform sufficient input
validation for files that use Password-Based Message Authentication Code 1
(PBMAC1) integrity mechanism allowing a certifi…
New
|
CWE-354
Improper Validation of Integrity Check Value
|
CVE-2026-34181
|
2026-06-11 02:16 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
139
|
- |
|
-
|
-
|
Insufficient input validation in NETGEAR JR6150 (AC750 WiFi Router 802.11ac Dual Band Gigabit released in 2014) allows users connected to the local WiFi Networks to execute operating system commands.…
New
|
CWE-20
Improper Input Validation
|
CVE-2026-0419
|
2026-06-11 02:16 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
140
|
- |
|
-
|
-
|
Insufficient configuration management in the listed devices allows authenticated administrators connected to the local network
to tamper with the system.
New
|
CWE-15
External Control of System or Configuration Setting
|
CVE-2026-0418
|
2026-06-11 02:16 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
