Cybersecurity & Regolamentazione UE

News & Sicurezza

Aggiornamenti da ENISA, NVD e le principali fonti di cybersecurity europee. Tutto quello che un Responsabile Tecnico deve sapere.

24805 risultati

VulnerabilitàAlta
CVE-2026-12808 - Edimax BR-6478AC V2 POST Request stainfo command injection

CVE ID :CVE-2026-12808 Published : June 21, 2026, 8:45 p.m. | 10 hours, 58 minutes ago Description :A vulnerability was determined in Edimax BR-6478AC V2 1.23. This impacts the function stainfo of the file /goform/stainfo of the component POST Request Handler. This manipulation of the argument interface causes command injection. The attack can be initiated remotely. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE21 giu 2026
VulnerabilitàAlta
CVE-2026-12806 (CVSS 8.8)

A vulnerability has been found in Edimax BR-6478AC V2 1.23. The impacted element is the function formWlSiteSurvey of the file /goform/formWlSiteSurvey of the component POST Request Handler. The manipulation of the argument selSSID leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

NVD (NIST)21 giu 2026
VulnerabilitàAlta
CVE-2026-12807 - Edimax BR-6478AC V2 POST Request setWAN command injection

CVE ID :CVE-2026-12807 Published : June 21, 2026, 7:45 p.m. | 11 hours, 58 minutes ago Description :A vulnerability was found in Edimax BR-6478AC V2 1.23. This affects the function setWAN of the file /goform/setWAN of the component POST Request Handler. The manipulation of the argument pppUserName/pptpUserName/L2TPUserName results in command injection. It is possible to launch the attack remotely. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE21 giu 2026
VulnerabilitàAlta
CVE-2026-12806 - Edimax BR-6478AC V2 POST Request formWlSiteSurvey buffer overflow

CVE ID :CVE-2026-12806 Published : June 21, 2026, 7:30 p.m. | 12 hours, 13 minutes ago Description :A vulnerability has been found in Edimax BR-6478AC V2 1.23. The impacted element is the function formWlSiteSurvey of the file /goform/formWlSiteSurvey of the component POST Request Handler. The manipulation of the argument selSSID leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 9.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE21 giu 2026
VulnerabilitàAlta
CVE-2026-12805 - OFFIS DCMTK ofxml.cc parseFile heap-based overflow

CVE ID :CVE-2026-12805 Published : June 21, 2026, 7:15 p.m. | 10 hours, 28 minutes ago Description :A flaw has been found in OFFIS DCMTK up to 3.7.0. The affected element is the function XMLNode::parseFile in the library ofstd/libsrc/ofxml.cc. Executing a manipulation can lead to heap-based buffer overflow. The attack may be performed from remote. The exploit has been published and may be used. This patch is called 1d4b3815c0987840a983160bfc671fef63a3105b. It is best practice to apply a patch to resolve this issue. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE21 giu 2026
VulnerabilitàAlta
CVE-2026-12804 - lemonldap-ng SAML Common Domain Cookie Endpoint CDC.pm redirect

CVE ID :CVE-2026-12804 Published : June 21, 2026, 6:30 p.m. | 11 hours, 13 minutes ago Description :A vulnerability was detected in lemonldap-ng up to 2.23.0. Impacted is an unknown function in the library lemonldap-ng-portal/lib/Lemonldap/NG/Portal/CDC.pm of the component SAML Common Domain Cookie Endpoint. Performing a manipulation of the argument url results in open redirect. The attack is possible to be carried out remotely. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 5.0 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE21 giu 2026
VulnerabilitàAlta
CVE-2026-56412 - Expat Use-After-Free Vulnerability

CVE ID :CVE-2026-56412 Published : June 21, 2026, 3:58 p.m. | 13 hours, 44 minutes ago Description :libexpat before 2.8.2 does not consider XML_TOK_DATA_CHARS in doCdataSection and thus lacks handler call depth tracking for various calls from within handlers in cases of a policy violation. Thus, a use-after-free can occur. NOTE: this issue exists because of an incomplete fix for CVE-2026-50219. Severity: 4.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE21 giu 2026
VulnerabilitàAlta
CVE-2026-56411 - libexpat: Integer Overflow in endDoctypeDecl

CVE ID :CVE-2026-56411 Published : June 21, 2026, 3:56 p.m. | 13 hours, 47 minutes ago Description :xmlwf in libexpat before 2.8.2 has an integer overflow in endDoctypeDecl via NOTATION declarations. Severity: 6.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE21 giu 2026
VulnerabilitàAlta
CVE-2026-56410 - libexpat Integer Overflow

CVE ID :CVE-2026-56410 Published : June 21, 2026, 3:55 p.m. | 13 hours, 48 minutes ago Description :xmlwf in libexpat before 2.8.2 has an integer overflow in resolveSystemId. Severity: 6.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE21 giu 2026
VulnerabilitàAlta
CVE-2026-56409 - libexpat: Integer Overflow in xmlwf Output Filename

CVE ID :CVE-2026-56409 Published : June 21, 2026, 3:52 p.m. | 13 hours, 50 minutes ago Description :xmlwf in libexpat before 2.8.2 has an integer overflow for the output filename when -d outputDir is used. Severity: 6.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE21 giu 2026
VulnerabilitàAlta
CVE-2026-56408 - libexpat Integer Overflow

CVE ID :CVE-2026-56408 Published : June 21, 2026, 3:51 p.m. | 11 hours, 52 minutes ago Description :libexpat before 2.8.2 has an integer overflow in copyString. Severity: 6.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE21 giu 2026
VulnerabilitàAlta
CVE-2026-56407 - libexpat Integer Overflow

CVE ID :CVE-2026-56407 Published : June 21, 2026, 3:49 p.m. | 9 hours, 54 minutes ago Description :libexpat before 2.8.2 has an integer overflow in doProlog that is related to storeEntityValue and entity textLen. Severity: 6.9 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVEfeed CVE21 giu 2026

Pagina 166 di 2068

Resta aggiornato sulla cybersecurity

Iscriviti a CodersRegistry per ricevere gli aggiornamenti più importanti su regolamentazione EU e vulnerabilità critiche.