|
541
|
6.5 |
MEDIUM
Adjacent
|
-
|
-
|
A flaw was found in libxml2. This vulnerability occurs when the library processes a specially crafted XML Schema Definition (XSD) validated document that includes an internal entity reference. An att…
New
|
CWE-843
Type Confusion
|
CVE-2026-6732
|
2026-04-24 23:39 |
2026-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
542
|
4.9 |
MEDIUM
Network
|
-
|
-
|
A vulnerability in the browser-based remote management interface may allow an administrator to access sensitive information on the device via crafted requests, affecting certain production printers a…
New
|
CWE-807
Reliance on Untrusted Inputs in a Security Decision
|
CVE-2026-1789
|
2026-04-24 23:39 |
2026-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
543
|
5.4 |
MEDIUM
Network
|
-
|
-
|
A vulnerability exists in SenseLive
X3050’s web management interface due to improper session lifetime enforcement, allowing authenticated sessions to remain active for extended periods without requi…
New
|
CWE-613
Insufficient Session Expiration
|
CVE-2026-25720
|
2026-04-24 23:39 |
2026-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
544
|
9.8 |
CRITICAL
Network
|
-
|
-
|
A vulnerability in SenseLive X3050’s remote management service allows firmware retrieval and update operations to be performed without authentication or authorization. The service accepts firmware-re…
New
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2026-25775
|
2026-04-24 23:39 |
2026-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
545
|
8.1 |
HIGH
Network
|
-
|
-
|
A vulnerability in SenseLive X3050's web management interface allows state-changing operations to be triggered without proper Cross-Site Request Forgery (CSRF) protections. Because the application do…
New
|
CWE-352
Origin Validation Error
|
CVE-2026-27841
|
2026-04-24 23:39 |
2026-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
546
|
9.1 |
CRITICAL
Network
|
-
|
-
|
A vulnerability exists in SenseLive X3050's web management interface that allows critical configuration parameters to be modified without sufficient authentication or server-side validation. By apply…
New
|
CWE-306
Missing Authentication for Critical Function
|
CVE-2026-27843
|
2026-04-24 23:39 |
2026-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
547
|
7.5 |
HIGH
Network
|
-
|
-
|
DWM-222W USB Wi-Fi Adapter developed by D-Link has a Brute-Force Protection Bypass vulnerability, allowing unauthenticated adjacent network attackers to bypass login attempt limits to perform brute-f…
New
|
CWE-307
mproper Restriction of Excessive Authentication Attempts
|
CVE-2026-6947
|
2026-04-24 23:39 |
2026-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
548
|
9.8 |
CRITICAL
Network
|
-
|
-
|
Delta Electronics AS320T has incorrect calculation of the buffer size on the stack in the GET/PUT request handler of the web service.
New
|
CWE-131
Incorrect Calculation of Buffer Size
|
CVE-2026-1949
|
2026-04-24 23:39 |
2026-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
549
|
9.8 |
CRITICAL
Network
|
-
|
-
|
Delta Electronics AS320T has
No checking of the length of the buffer with the file name vulnerability.
New
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2026-1950
|
2026-04-24 23:39 |
2026-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
550
|
9.8 |
CRITICAL
Network
|
-
|
-
|
Delta Electronics AS320T has no checking of the length of the buffer with the directory name
vulnerability.
New
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2026-1951
|
2026-04-24 23:39 |
2026-04-24 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
