Monitor vulnerabilities that affect your stack. Sign up free to get alerts when software you use is affected.

CVE Vulnerabilities - 4 March 2026

RSS

239 vulnerabilities published on 4 March 2026

Severity:
Cisco FMC Software: Unauthenticated Code Execution via Web Interface
CVE-2026-20131
A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center (FMC) Software could allow an unauthenticated, remote...
10.0
Cisco Secure Firewall Management Center: Unauthenticated Remote Code Execution
CVE-2026-20079
A vulnerability in the web interface of Cisco Secure Firewall Management Center (FMC) Software could allow an unauthenticated, remote attacker to bypa...
10.0
D-Link DIR-513 Router: Unauthorized Code Execution via Malicious Time Input
CVE-2025-70222
Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formLogin,goform/getAuthCode....
9.8
D-Link DIR-513 Router Allows Unauthorized Configuration Changes
CVE-2025-70225
Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curtime parameter to the goform/formEasySetupWWConfig component...
9.8
D-Link DIR-513 Router: Authentication Bypass via Malicious Login Request
CVE-2025-70221
Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formLogin....
9.8
D-Link DIR-513 Router Has a Critical Buffer Overflow Flaw
CVE-2025-46108
D-link Dir-513 A1FW110 is vulnerable to Buffer Overflow in the function formTcpipSetup....
9.8
D-Link DIR-513 Router Reboot Command Injection
CVE-2025-70219
Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the goform/formDeviceReboot....
9.8
D-Link DIR-513 Router Exposed to Malicious Code Injection
CVE-2025-70226
Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formEasySetupWizard....
9.8
D-Link DIR-513 Router Exposed to Remote Code Execution
CVE-2025-70223
Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formAdvNetwork....
9.8
D-Link DIR-513 Router: Unauthenticated Data Execution Risk
CVE-2025-70220
Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formAutoDetecWAN_wizard4....
9.8
D-Link DIR-513 v1.10 Allows Remote Execution via Malicious Firewall Settings
CVE-2025-70218
Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via POST to the goform/formAdvFirewall component....
9.8
FreeSMS 2.1.2: Unauthenticated Password Bypass through SQL Injection
CVE-2019-25506
FreeSMS 2.1.2 contains a boolean-based blind SQL injection vulnerability in the password parameter that allows unauthenticated attackers to bypass aut...
8.8
Simple Job Script: SQL Injection via Malicious Job ID
CVE-2019-25499
Simple Job Script contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code t...
8.8
WordPress Plugin vran-dev Database Error - Unsecured Search Function
CVE-2025-66944
SQL Injection vulnerability in vran-dev databaseir v.1.0.7 and before allows a remote attacker to execute arbitrary code via the query parameter in th...
9.8
Nil Hardware Editor Can Be Hacked to Read and Write Files
CVE-2025-66678
An issue in the HwRwDrv.sys component of Nil Hardware Editor Hardware Read & Write Utility v1.25.11.26 and earlier allows attackers to execute arbitra...
9.8
Mobvoi Tichome Mini smart speaker: Remote attackers can execute root-level commands
CVE-2026-26478
A shell command injection vulnerability in Mobvoi Tichome Mini smart speaker 012-18853 and 027-58389 allows remote attackers to send a specially craft...
9.8
2N Access Commander session cookies not properly invalidated
CVE-2025-59786
2N Access Commander version 3.4.2 and prior improperly invalidates session tokens, allowing multiple session cookies to remain active after logout in ...
6.0
Apache Artemis/ActiveMQ Artemis: Unauthenticated Remote Attack via Rogue Broker
CVE-2026-27446 GHSA-fw88-pf9m-p947
Missing Authentication for Critical Function (CWE-306) vulnerability in Apache Artemis, Apache ActiveMQ Artemis. An unauthenticated remote attacker ca...
9.3
SEPPmail Secure Email Gateway: Malicious PDFs Can Execute OS Commands
CVE-2026-27441
SEPPmail Secure Email Gateway before version 15.0.1 insufficiently neutralizes the PDF encryption password, allowing OS command execution....
9.5
IDC SFX Series SuperFlex SatelliteReceiver: Unauthenticated Remote Code Execution
CVE-2026-28775
An unauthenticated Remote Code Execution (RCE) vulnerability exists in the SNMP service of International Datacasting Corporation (IDC) SFX Series Supe...
10.0
Running server may crash with HTTP/2 frames from malicious clients
CLEANSTART-2026-SM37781
Multiple security vulnerabilities affect the cert-manager-fips package. Due to missing nil check, sending 0x0a-0x0f HTTP/2 frames will cause a running...
9.8
Redis Software Has Critical Security Flaws
CLEANSTART-2026-AY29369
Multiple security vulnerabilities affect the valkey package. Redis is an open source, in-memory database that persists on disk. See references for ind...
9.8
Rack Web Server Interface: Security Flaw in Logstash FIPS Package
CLEANSTART-2026-XJ84245
Multiple security vulnerabilities affect the logstash-fips package. Rack is a modular Ruby web server interface. See references for individual vulnera...
9.8
Redis: Unpatched Security Flaws in valkey Package
CLEANSTART-2026-CQ83284
Multiple security vulnerabilities affect the valkey package. Redis is an open source, in-memory database that persists on disk. See references for ind...
9.8
Redis Key Management Vulnerability Allows Data Exposure
CLEANSTART-2026-YP32652
Multiple security vulnerabilities affect the valkey package. Redis is an open source, in-memory database that persists on disk. See references for ind...
9.8
3 Mar 2026 All days 5 Mar 2026