cve.li

Recent

CVE-2026-4558CWE-78CWE-77

Linksys MR9600 SmartConnect.lua smartConnectConfigure os command injection

Published 2026-03-22 by VulDB

CVE-2026-4557CWE-79CWE-94

code-projects Exam Form Submission update_s1.php cross site scripting

Published 2026-03-22 by VulDB

CVE-2026-33296CWE-601

AVideo has an Open Redirect via Unvalidated redirectUri in userLogin.php

Published 2026-03-22 by GitHub_M

CVE-2026-33295CWE-79

AVideo Vulnerable to Stored XSS via Unescaped Video Title in CDN downloadButtons.php

Published 2026-03-22 by GitHub_M

CVE-2026-33294CWE-918

AVideo has SSRF in BulkEmbed Thumbnail Fetch that Allows Reading Internal Network Resources

Published 2026-03-22 by GitHub_M

CVE-2026-4555CWE-121CWE-119

D-Link DIR-513 boa formEasySetTimezone memory corruption

Published 2026-03-22 by VulDB

CVE-2026-4554CWE-77CWE-74

Tenda F453 WriteFacMac FormWriteFacMac privilege escalation

Published 2026-03-22 by VulDB

CVE-2026-33293CWE-22

AVideo Affected by Arbitrary File Deletion via Path Traversal in CloneSite deleteDump Parameter

Published 2026-03-22 by GitHub_M

CVE-2026-33319CWE-78

AVideo Vulnerable to OS Command Injection via Unescaped URL in LinkedIn Video Upload Shell Command

Published 2026-03-22 by GitHub_M

CVE-2026-33292CWE-22

AVideo has Authorization Bypass via Path Traversal in HLS Endpoint Allows Streaming Private/Paid Videos

Published 2026-03-22 by GitHub_M

Load more ↓