Common Vulnerabilities and Exposures (CVE)
CVE-2026-22223
An OS Command Injection vulnerability in TP-Link Archer BE230 v1.2(vpn modules) allows adjacent authenticated attacker execute arbitrary code. Successful exploitation could allow an attacker to gain full administrative control of the ...
CVE-2026-22222
An OS Command Injection vulnerability in TP-Link Archer BE230 v1.2(web modules) allows adjacent authenticated attacker to execute arbitrary code. Successful exploitation could allow an attacker to gain full administrative control of the...
CVE-2026-22221
An OS Command Injection vulnerability in TP-Link Archer BE230 v1.2(vpn modules) allows adjacent authenticated attacker execute arbitrary code. Successful exploitation could allow an attacker to gain full administrative control of the ...
CVE-2026-20411
In cameraisp, there is a possible escalation of privilege due to use after free. This could lead to local denial of service if a malicious actor has already obtained the System privilege. User interaction is not needed for exploitation. Pat...
CVE-2025-14914
IBM WebSphere Application Server Liberty 17.0.0.3 through 26.0.0.1 could allow a privileged user to upload a zip archive containing path traversal sequences resulting in an overwrite of files leading to arbitrary code execution.
CVE-2025-47366
Cryptographic issue when a Trusted Zone with outdated code is triggered by a HLOS providing incorrect input.
CVE-2025-47358
Memory Corruption when user space address is modified and passed to mem_free API, causing kernel memory to be freed inadvertently.
CVE-2025-47359
Memory Corruption when multiple threads simultaneously access a memory free API.
CVE-2025-47363
Memory corruption when calculating oversized partition sizes without proper checks.
CVE-2025-47364
Memory corruption while calculating offset from partition start point.
CVE-2025-47397
Memory Corruption when initiating GPU memory mapping using scatter-gather lists due to unchecked IOMMU mapping errors.
CVE-2025-47398
Memory Corruption while deallocating graphics processing unit memory buffers due to improper handling of memory pointers.
CVE-2025-47399
Memory Corruption while processing IOCTL call to update sensor property settings with invalid input parameters.
CVE-2026-25200
A vulnerability in MagicInfo9 Server allows authorized users to upload HTML files without authentication, leading to Stored XSS, which can result in account takeover This issue affects MagicINFO 9 Server: less than 21.1090.1.
CVE-2021-39935
An issue has been discovered in GitLab CE/EE affecting all versions starting from 10.5 before 14.3.6, all versions starting from 14.4 before 14.4.4, all versions starting from 14.5 before 14.5.2. Unauthorized external users could perform Se...