|
3771
|
6.5 |
MEDIUM
Network
|
-
|
-
|
Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, the /smon/agent/{version,uptime,status,checks}/<server_ip> family of routes takes…
|
CWE-918
Server-Side Request Forgery (SSRF)
|
CVE-2026-45561
|
2026-06-11 02:16 |
2026-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3772
|
6.1 |
MEDIUM
Network
|
-
|
-
|
Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, wrap_line (app/modules/common/common.py:181-186) and highlight_word (app/modules/…
|
CWE-79
Cross-site Scripting
|
CVE-2026-45560
|
2026-06-11 02:16 |
2026-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3773
|
9.1 |
CRITICAL
Network
|
-
|
-
|
Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, PUT /smon/check (app/routes/smon/routes.py:117-138) gates only on roxywi_common.c…
|
CWE-639
CWE-862
CWE-863
Authorization Bypass Through User-Controlled Key
Missing Authorization
Incorrect Authorization
|
CVE-2026-45550
|
2026-06-11 02:16 |
2026-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3774
|
8.5 |
HIGH
Network
|
-
|
-
|
Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions 8.2.6.4 and prior, agent_action (app/routes/smon/agent_routes.py:166-179) has decorators @bp.post('/…
|
CWE-862
CWE-863
Missing Authorization
Incorrect Authorization
|
CVE-2026-45549
|
2026-06-11 02:16 |
2026-06-11 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3775
|
7.5 |
HIGH
Network
|
-
|
-
|
Shenzhen Tenda Technology Co., Ltd Tenda W15E v15.11.0.10 was discovered to contain a buffer overflow in the picCropName parameter of the formCropAndSetWewifiPic function. This vulnerability allows a…
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2026-36813
|
2026-06-11 02:16 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3776
|
7.5 |
HIGH
Network
|
-
|
-
|
Shenzhen Tenda Technology Co., Ltd Tenda W15E v15.11.0.10 was discovered to contain a buffer overflow in the webAuthUserPwd parameter of the formModifyWebAuthUser function. This vulnerability allows …
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2026-36806
|
2026-06-11 02:16 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3777
|
7.5 |
HIGH
Network
|
-
|
-
|
Shenzhen Tenda Technology Co., Ltd Tenda G0 v15.11.0.5 was discovered to contain multiple buffer overflows in the Saveqqlist function via the qqStr and markStr parameters. These vulnerabilities allow…
|
CWE-121
Stack-based Buffer Overflow
|
CVE-2026-36805
|
2026-06-11 02:16 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3778
|
- |
|
-
|
-
|
Insufficient input validation in NETGEAR JR6150 (AC750 WiFi Router 802.11ac Dual Band Gigabit released in 2014) allows users connected to the local WiFi Networks to execute operating system commands.…
|
CWE-20
Improper Input Validation
|
CVE-2026-0419
|
2026-06-11 02:16 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3779
|
- |
|
-
|
-
|
Insufficient configuration management in the listed devices allows authenticated administrators connected to the local network
to tamper with the system.
|
CWE-15
External Control of System or Configuration Setting
|
CVE-2026-0418
|
2026-06-11 02:16 |
2026-06-10 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
3780
|
4.0 |
MEDIUM
Network
|
-
|
-
|
Dräger Atlan A350 versions 1.00 up to and including 1.01 contains an improper input handling vulnerability that allows attackers to cause a denial of service by sending specifically crafted non-Medib…
|
CWE-1286
Improper Validation of Syntactic Correctness of Input
|
CVE-2021-4479
|
2026-06-11 02:16 |
2026-06-3 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
