News & Sicurezza

A weakness has been identified in Belkin F9K1122 1.00.33. The impacted element is the function formSetPassword of the file /goform/formSetPassword of the component Parameter Handler. This manipulation of the argument webpage causes stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.

A security flaw has been discovered in Belkin F9K1122 1.00.33. The affected element is the function formCrossBandSwitch of the file /goform/formCrossBandSwitch of the component Parameter Handler. The manipulation of the argument webpage results in stack-based buffer overflow. The attack may be launched remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.

CVE ID :CVE-2026-5042 Published : March 29, 2026, 11:16 a.m. | 4 hours, 37 minutes ago Description :A security flaw has been discovered in Belkin F9K1122 1.00.33. The affected element is the function formCrossBandSwitch of the file /goform/formCrossBandSwitch of the component Parameter Handler. The manipulation of the argument webpage results in stack-based buffer overflow. The attack may be launched remotely. The exploit has been released to the public and may be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 9.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE ID :CVE-2026-5043 Published : March 29, 2026, 12:15 p.m. | 5 hours, 37 minutes ago Description :A weakness has been identified in Belkin F9K1122 1.00.33. The impacted element is the function formSetPassword of the file /goform/formSetPassword of the component Parameter Handler. This manipulation of the argument webpage causes stack-based buffer overflow. Remote exploitation of the attack is possible. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 9.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE ID :CVE-2026-5041 Published : March 29, 2026, 10:15 a.m. | 3 hours, 37 minutes ago Description :A vulnerability was identified in code-projects Chamber of Commerce Membership Management System 1.0. Impacted is the function fwrite of the file admin/pageMail.php. The manipulation of the argument mailSubject/mailMessage leads to command injection. The attack may be initiated remotely. The exploit is publicly available and might be used. Severity: 5.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

CVE ID :CVE-2026-5037 Published : March 29, 2026, 9:15 a.m. | 2 hours, 37 minutes ago Description :A vulnerability was determined in mxml up to 4.0.4. This issue affects the function index_sort of the file mxml-index.c of the component mxmlIndexNew. Executing a manipulation of the argument tempr can lead to stack-based buffer overflow. The attack is restricted to local execution. The exploit has been publicly disclosed and may be utilized. This patch is called 6e27354466092a1ac65601e01ce6708710bb9fa5. A patch should be applied to remediate this issue. Severity: 4.8 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more...

A vulnerability was found in Tenda 4G06 04.06.01.29. This vulnerability affects the function fromDhcpListClient of the file /goform/DhcpListClient of the component Endpoint. Performing a manipulation of the argument page results in stack-based buffer overflow. The attack can be initiated remotely. The exploit has been made public and could be used.

CVE ID :CVE-2026-5036 Published : March 29, 2026, 8:15 a.m. | 3 hours, 37 minutes ago Description :A vulnerability was found in Tenda 4G06 04.06.01.29. This vulnerability affects the function fromDhcpListClient of the file /goform/DhcpListClient of the component Endpoint. Performing a manipulation of the argument page results in stack-based buffer overflow. The attack can be initiated remotely. The exploit has been made public and could be used. Severity: 9.0 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Week in review: NIST updates DNS security guidance, compromised LiteLLM PyPI packages Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: NIST updates its DNS security guidance for the first time in over a decade DNS infrastructure underpin ... Read more Published Date: Mar 29, 2026 (2 days ago) Vulnerabilities has been mentioned in this article. CVE-2026-33634 CVE-2026-3055 CVE-2026-33017 CVE-2026-21992 CVE-2025-53521

A vulnerability has been found in code-projects Accounting System 1.0. This affects an unknown part of the file /view_work.php of the component Parameter Handler. Such manipulation of the argument en_id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.

CVE ID :CVE-2026-5035 Published : March 29, 2026, 7:15 a.m. | 4 hours, 37 minutes ago Description :A vulnerability has been found in code-projects Accounting System 1.0. This affects an unknown part of the file /view_work.php of the component Parameter Handler. Such manipulation of the argument en_id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Severity: 7.5 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...

Hackers Probe Citrix NetScaler Instances Ahead of Likely CVE-2026-3055 Exploitation Cybersecurity researchers are sounding the alarm over imminent in-the-wild exploitation of a recently disclosed critical vulnerability in Citrix NetScaler ADC and Gateway appliances. Threat intelligen ... Read more Published Date: Mar 29, 2026 (1 day, 23 hours ago) Vulnerabilities has been mentioned in this article. CVE-2026-3055