Aggregator

Submit #820024 / VDB-367473

Submit #820023 / VDB-367472

Submit #820022 / VDB-367471

Submit #820021 / VDB-367470

Submit #820018 / VDB-367469

A vulnerability identified as critical has been detected in Totolink N300RH 6.1c.1353_B20190305. Affected by this issue is the function setWiFiBasicConfig of the file wireless.so of the component Web Management Interface. Performing a manipulation of the argument KeyStr results in stack-based buffer overflow. This vulnerability is reported as CVE-2026-10187. The attack is possible to be carried out remotely. Moreover, an exploit is present.

A vulnerability categorized as critical has been discovered in code-projects Online Hospital Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /patient.php. Such manipulation of the argument editid leads to sql injection. This vulnerability is documented as CVE-2026-10186. The attack can be executed remotely. Additionally, an exploit exists.

Submit #819971 / VDB-367468

A vulnerability was found in SourceCodester Hospitals Patient Records Management System 1.0. It has been rated as critical. Affected is an unknown function of the file /classes/Users.php?f=save. This manipulation of the argument ID causes sql injection. This vulnerability is registered as CVE-2026-10185. Remote exploitation of the attack is possible. Furthermore, an exploit is available.

A vulnerability was found in SourceCodester Hospitals Patient Records Management System 1.0. It has been declared as critical. This impacts an unknown function of the file /classes/Users.php?f=delete. The manipulation of the argument ID results in sql injection. This vulnerability is cataloged as CVE-2026-10184. The attack may be launched remotely. Furthermore, there is an exploit available.

Submit #819933 / VDB-367467

Submit #819932 / VDB-360188

Submit #819918 / VDB-367466

Submit #819917 / VDB-367465

A vulnerability was found in TRENDnet TEW-432BRP 3.10B20. It has been classified as critical. This affects the function formWlanSetup of the file /goform/formWlanSetup. The manipulation of the argument enrollee leads to stack-based buffer overflow. This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability is listed as CVE-2026-10183. The attack may be initiated remotely. In addition, an exploit is available. The vendor explains: "This product has been EOL for 15 years (since 2009). As the item has been EOL for such a long time, we are not able to replicate or fix any vulnerabilities."

A vulnerability was found in TRENDnet TEW-432BRP 3.10B20 and classified as critical. The impacted element is the function formWlanSetup of the file /goform/formWlanSetup. Executing a manipulation of the argument enrollee can lead to command injection. This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability is tracked as CVE-2026-10182. The attack can be launched remotely. Moreover, an exploit is present. The vendor explains: "This product has been EOL for 15 years (since 2009). As the item has been EOL for such a long time, we are not able to replicate or fix any vulnerabilities."

A vulnerability has been found in TRENDnet TEW-432BRP 3.10B20 and classified as critical. The affected element is the function formSysCmd of the file /goform/formSysCmd. Performing a manipulation of the argument submit-url results in stack-based buffer overflow. This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability is identified as CVE-2026-10181. The attack can be initiated remotely. Additionally, an exploit exists. The vendor explains: "This product has been EOL for 15 years (since 2009). As the item has been EOL for such a long time, we are not able to replicate or fix any vulnerabilities."

A vulnerability, which was classified as critical, was found in TRENDnet TEW-432BRP 3.10B20. Impacted is the function formSysCmd of the file /goform/formSysCmd. Such manipulation of the argument sysCmd leads to command injection. This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability is referenced as CVE-2026-10180. It is possible to launch the attack remotely. Furthermore, an exploit is available. The vendor explains: "This product has been EOL for 15 years (since 2009). As the item has been EOL for such a long time, we are not able to replicate or fix any vulnerabilities."

A vulnerability, which was classified as critical, has been found in TRENDnet TEW-432BRP 3.10B20. This issue affects the function formSetWlanEncrypt of the file /goform/formSetWlanEncrypt. This manipulation of the argument webpage causes stack-based buffer overflow. This vulnerability only affects products that are no longer supported by the maintainer. The identification of this vulnerability is CVE-2026-10179. It is possible to initiate the attack remotely. Furthermore, there is an exploit available. The vendor explains: "This product has been EOL for 15 years (since 2009). As the item has been EOL for such a long time, we are not able to replicate or fix any vulnerabilities."

Cybercrime group ShinyHunters leaked data allegedly stolen from Charter Communications, exposing millions of customer records after a failed extortion attempt. The ShinyHunters extortion group has published data allegedly stolen from Charter Communications after the company apparently refused to pay a ransom. Charter Communications is one of the largest telecommunications companies in the United States. It […]