24h | 7d | 30d

Overview

  • invisioncommunity
  • Invision Power Board

16 May 2025
Published
17 May 2025
Updated

CVSS v3.1
CRITICAL (10.0)
EPSS
87.44%

KEV

Description

Invision Community 5.0.0 before 5.0.7 allows remote code execution via crafted template strings to themeeditor.php. The issue lies within the themeeditor controller (file: /applications/core/modules/front/system/themeeditor.php), where a protected method named customCss can be invoked by unauthenticated users. This method passes the value of the content parameter to the Theme::makeProcessFunction() method; hence it is evaluated by the template engine. Accordingly, this can be exploited by unauthenticated attackers to inject and execute arbitrary PHP code by providing crafted template strings.

Statistics

  • 1 Post

Last activity: Last hour

Bluesky

Profile picture fallback
[CVE-2025-47916] Invision Community <= 5.0.6 (customCss) Remote Code Execution
  • 0
  • 0
  • 0
  • Last hour

Overview

  • Belkin
  • F9K1015

06 Apr 2026
Published
06 Apr 2026
Updated

CVSS v4.0
HIGH (8.7)
EPSS
Pending

KEV

Description

A security flaw has been discovered in Belkin F9K1015 1.00.10. Impacted is the function formSetPassword of the file /goform/formSetPassword. The manipulation of the argument webpage results in stack-based buffer overflow. The attack may be launched remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.

Statistics

  • 1 Post

Last activity: 9 hours ago

Fediverse

Profile picture fallback

🔒 HIGH-severity stack buffer overflow in Belkin F9K1015 (v1.00.10) — CVE-2026-5614. Public exploit, no patch, vendor silent. Disable remote access, restrict device exposure. Stay vigilant! radar.offseq.com/threat/cve-20

  • 0
  • 0
  • 0
  • 9h ago

Overview

  • Belkin
  • F9K1015

06 Apr 2026
Published
06 Apr 2026
Updated

CVSS v4.0
HIGH (8.7)
EPSS
Pending

KEV

Description

A vulnerability was detected in Belkin F9K1015 1.00.10. The affected element is the function formSetFirewall of the file /goform/formSetFirewall. The manipulation of the argument webpage results in stack-based buffer overflow. The attack can be executed remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Statistics

  • 1 Post

Last activity: 6 hours ago

Fediverse

Profile picture fallback

⚠️ CVE-2026-5629: High-severity stack buffer overflow in Belkin F9K1015 (v1.00.10). Remote exploit possible — public code out, no patch yet. Restrict device access & monitor vendor updates. radar.offseq.com/threat/cve-20

  • 0
  • 0
  • 0
  • 6h ago

Overview

  • Tenda
  • CH22

05 Apr 2026
Published
05 Apr 2026
Updated

CVSS v4.0
HIGH (8.7)
EPSS
Pending

KEV

Description

A weakness has been identified in Tenda CH22 1.0.0.1. This affects the function formWrlExtraSet of the file /goform/WrlExtraSet. Executing a manipulation of the argument GO can lead to stack-based buffer overflow. The attack can be executed remotely. The exploit has been made available to the public and could be used for attacks.

Statistics

  • 1 Post

Last activity: 13 hours ago

Fediverse

Profile picture fallback

🚨 HIGH severity: CVE-2026-5605 in Tenda CH22 v1.0.0.1 — stack-based buffer overflow in /goform/WrlExtraSet. No patch yet. Restrict remote access & monitor for threats. Details: radar.offseq.com/threat/cve-20

  • 0
  • 0
  • 0
  • 13h ago

Overview

  • Pending

03 Apr 2025
Published
29 May 2025
Updated

CVSS
Pending
EPSS
Pending

KEV

Description

Netwrix Password Secure 9.2.0.32454 allows OS command injection.

Statistics

  • 1 Post

Last activity: Last hour

Bluesky

Profile picture fallback
Authenticated Remote Code Execution in Netwrix Password Secure (CVE-2025-26817)
  • 0
  • 0
  • 0
  • Last hour

Overview

  • Fortinet
  • FortiManager

23 Oct 2024
Published
21 Oct 2025
Updated

CVSS v3.1
CRITICAL (9.8)
EPSS
93.85%

Description

A missing authentication for critical function in FortiManager 7.6.0, FortiManager 7.4.0 through 7.4.4, FortiManager 7.2.0 through 7.2.7, FortiManager 7.0.0 through 7.0.12, FortiManager 6.4.0 through 6.4.14, FortiManager 6.2.0 through 6.2.12, Fortinet FortiManager Cloud 7.4.1 through 7.4.4, FortiManager Cloud 7.2.1 through 7.2.7, FortiManager Cloud 7.0.1 through 7.0.12, FortiManager Cloud 6.4.1 through 6.4.7 allows attacker to execute arbitrary code or commands via specially crafted requests.

Statistics

  • 1 Post

Last activity: 21 hours ago

Bluesky

Profile picture fallback
Critical FortiManager Zero-Day (CVE-2024-47575): Unauthenticated RCE Exploit Exposes Enterprise Networks—Patch Now! + Video Introduction A critical zero-day vulnerability in Fortinet’s FortiManager, tracked as CVE-2024-47575 and nicknamed “FortiJump,” exposes enterprise networks to unauthenticated…
  • 0
  • 0
  • 0
  • 21h ago

Overview

  • Belkin
  • F9K1122

06 Apr 2026
Published
06 Apr 2026
Updated

CVSS v4.0
HIGH (8.7)
EPSS
Pending

KEV

Description

A vulnerability was detected in Belkin F9K1122 1.00.33. Affected is the function formWlanSetup of the file /goform/formWlanSetup. The manipulation of the argument webpage results in stack-based buffer overflow. The attack may be performed from remote. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Statistics

  • 1 Post

Last activity: 12 hours ago

Fediverse

Profile picture fallback

⚠️ HIGH severity: CVE-2026-5608 in Belkin F9K1122 v1.00.33 enables remote buffer overflow via the /goform/formWlanSetup endpoint. Exploit code is public; no patch from vendor. Restrict remote mgmt access now. radar.offseq.com/threat/cve-20

  • 0
  • 0
  • 0
  • 12h ago

Overview

  • Microsoft
  • Windows 10 Version 1607

10 Mar 2026
Published
27 Mar 2026
Updated

CVSS v3.1
HIGH (8.0)
EPSS
0.07%

KEV

Description

Integer overflow or wraparound in Windows Routing and Remote Access Service (RRAS) allows an authorized attacker to execute code over a network.

Statistics

  • 1 Post

Last activity: 23 hours ago

Bluesky

Profile picture fallback
Alerta CrĂ­tica CVE-2026-25172: Manual de aplicaciĂłn del Hotpatch para RRAS en Windows 11 (+DETALLES) www.newstecnicas.info.ve/2026/03/micr...
  • 0
  • 0
  • 0
  • 23h ago

Overview

  • Intel(R) Processors

13 May 2025
Published
03 Nov 2025
Updated

CVSS v4.0
MEDIUM (5.7)
EPSS
0.03%

KEV

Description

Exposure of sensitive information caused by shared microarchitectural predictor state that influences transient execution in the indirect branch predictors for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

Statistics

  • 1 Post

Last activity: Last hour

Bluesky

Profile picture fallback
CVE-2024-45332 brings back branch target injection attacks on Intel
  • 0
  • 0
  • 0
  • Last hour

Overview

  • Belkin
  • F9K1015

06 Apr 2026
Published
06 Apr 2026
Updated

CVSS v4.0
HIGH (8.7)
EPSS
Pending

KEV

Description

A vulnerability was determined in Belkin F9K1015 1.00.10. This vulnerability affects the function formWlEncrypt of the file /goform/formWlEncrypt. Executing a manipulation of the argument webpage can lead to stack-based buffer overflow. The attack can be launched remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.

Statistics

  • 1 Post

Last activity: 3 hours ago

Fediverse

Profile picture fallback

⚠️ HIGH severity: Stack buffer overflow in Belkin F9K1015 v1.00.10 (/goform/formWlEncrypt, CVE-2026-5612). Remote code exec/DoS possible. No vendor patch. Restrict remote access & monitor advisories. radar.offseq.com/threat/cve-20

  • 0
  • 0
  • 0
  • 3h ago
Showing 11 to 20 of 26 CVEs