Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (25 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2018-15875 1 Dlink 2 Dir-615, Dir-615 Firmware 2024-11-21 6.1 Medium
Cross-site scripting (XSS) vulnerability on D-Link DIR-615 routers 20.07 allows attackers to inject JavaScript into the router's admin UPnP page via the description field in an AddPortMapping UPnP SOAP request.
CVE-2018-15874 1 Dlink 2 Dir-615, Dir-615 Firmware 2024-11-21 6.1 Medium
Cross-site scripting (XSS) vulnerability on D-Link DIR-615 routers 20.07 allows an attacker to inject JavaScript into the "Status -> Active Client Table" page via the hostname field in a DHCP request.
CVE-2018-15839 1 Dlink 2 Dir-615, Dir-615 Firmware 2024-11-21 9.8 Critical
D-Link DIR-615 devices have a buffer overflow via a long Authorization HTTP header.
CVE-2018-10431 2 D-link, Dlink 2 Dir-615 Firmware, Dir-615 2024-11-21 N/A
D-Link DIR-615 2.5.17 devices allow Remote Code Execution via shell metacharacters in the Host field of the System / Traceroute screen.
CVE-2018-10110 2 D-link, Dlink 2 Dir-615 T1 Firmware, Dir-615 T1 2024-11-21 N/A
D-Link DIR-615 T1 devices allow XSS via the Add User feature.