Calgary, Alberta, Canada
sales@hackhalt.com
Free Download Free Download Free Download
Explore Pricing Explore Pricing Explore Pricing

Blog

"Prevention is cheaper than a breach"

Live Vulnerability Intelligence

Threat Database

Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.

Total15,025
Critical923
High3,045
Medium10,857
Reset
Showing 1941-1960 of 15025 records
Threat Entry Updated 2026-02-20

CVE-2026-0408 - EX2800 Plugin

A path traversal vulnerability in NETGEAR WiFi range extenders allows an attacker with LAN authentication to access the router's IP and review the contents of the dynamically generated webproc file, which records the username and password submitted to the router GUI.

PLUGIN EX2800

CVE-2026-0408

MEDIUM CVSS 6.1 2026-01-13
Open Full Technical Breakdown
Threat Entry Updated 2026-02-20

CVE-2026-0407 - EX2800 Plugin

An insufficient authentication vulnerability in NETGEAR WiFi range extenders allows a network adjacent attacker with WiFi authentication or a physical Ethernet port connection to bypass the authentication process and access the admin panel.

PLUGIN EX2800

CVE-2026-0407

MEDIUM CVSS 6.1 2026-01-13
Open Full Technical Breakdown
Threat Entry Updated 2026-02-20

CVE-2026-0406 - XR1000v2 Plugin

An insufficient input validation vulnerability in the NETGEAR XR1000v2 allows attackers connected to the router's LAN to execute OS command injections.

PLUGIN XR1000v2

CVE-2026-0406

MEDIUM CVSS 6.1 2026-01-13
Open Full Technical Breakdown
Threat Entry Updated 2026-02-12

CVE-2026-0405 - CBR750 Plugin

An authentication bypass vulnerability in NETGEAR Orbi devices allows users connected to the local network to access the router web interface as an admin.

PLUGIN CBR750

CVE-2026-0405

MEDIUM CVSS 6.1 2026-01-13
Open Full Technical Breakdown
Threat Entry Updated 2026-02-12

CVE-2026-0404 - RBR750 Plugin

An insufficient input validation vulnerability in NETGEAR Orbi devices' DHCPv6 functionality allows network adjacent attackers authenticated over WiFi or on LAN to execute OS command injections on the router. DHCPv6 is not enabled by default.

PLUGIN RBR750

CVE-2026-0404

MEDIUM CVSS 4.8 2026-01-13
Open Full Technical Breakdown
Threat Entry Updated 2026-02-20

CVE-2026-0403 - RBE970 Plugin

An insufficient input validation vulnerability in NETGEAR Orbi routers allows attackers connected to the router's LAN to execute OS command injections.

PLUGIN RBE970

CVE-2026-0403

LOW CVSS 1.1 2026-01-13
Open Full Technical Breakdown
Threat Entry Updated 2026-01-20

CVE-2026-22755 - Vivotek Affected device model numbers are FD8365, FD8365v2, FD9165, FD9171, FD9187, FD9189, FD9365, FD9371, FD9381, FD93 Plugin

Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in Vivotek Affected device model numbers are FD8365, FD8365v2, FD9165, FD9171, FD9187, FD9189, FD9365, FD9371, FD9381, FD9387, FD9389, FD9391,FE9180,FE9181, FE9191, FE9381, FE9382, FE9391, FE9582, IB9365, IB93587LPR, IB9371,IB9381, IB9387, IB9389, IB939,IP9165,IP9171, IP9172, IP9181, IP9191, IT9389, MA9321, MA9322, MS9321, MS9390, TB9330 (Firmware modules) allows OS Command Injection.This issue affects Affected device model numbers are FD8365, FD8365v2, FD9165, FD9171, FD9187, FD9189, FD9365, FD9371, FD9381, FD9387, FD9389, FD9391,FE9180,FE9181, FE9191, FE9381, FE9382, FE9391, FE9582, IB9365, IB93587LPR, IB9371,IB9381, IB9387, IB9389, IB939,IP9165,IP9171, IP9172, IP9181, IP9191,…

PLUGIN Vivotek Affected device model numbers are FD8365, FD8365v2, FD9165, FD9171, FD9187, FD9189, FD9365, FD9371, FD9381, FD93

CVE-2026-22755

CRITICAL CVSS 9.3 2026-01-13
Open Full Technical Breakdown
Threat Entry Updated 2026-01-22

CVE-2026-0892 - Firefox Plugin

Memory safety bugs present in Firefox 146 and Thunderbird 146. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 147 and Thunderbird < 147.

PLUGIN Firefox

CVE-2026-0892

CRITICAL CVSS 9.8 2026-01-13
Open Full Technical Breakdown
Threat Entry Updated 2026-01-22

CVE-2026-0891 - Firefox ESR Plugin

Memory safety bugs present in Firefox ESR 140.6, Thunderbird ESR 140.6, Firefox 146 and Thunderbird 146. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 147, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7.

PLUGIN Firefox ESR

CVE-2026-0891

HIGH CVSS 8.1 2026-01-13
Open Full Technical Breakdown
Threat Entry Updated 2026-01-22

CVE-2026-0885 - Firefox ESR Plugin

Use-after-free in the JavaScript: GC component. This vulnerability affects Firefox < 147, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7.

PLUGIN Firefox ESR

CVE-2026-0885

MEDIUM CVSS 6.5 2026-01-13
Open Full Technical Breakdown
Threat Entry Updated 2026-01-22

CVE-2026-0890 - Firefox ESR Plugin

Spoofing issue in the DOM: Copy & Paste and Drag & Drop component. This vulnerability affects Firefox < 147, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7.

PLUGIN Firefox ESR

CVE-2026-0890

MEDIUM CVSS 5.4 2026-01-13
Open Full Technical Breakdown
Threat Entry Updated 2026-01-22

CVE-2026-0886 - Firefox ESR Plugin

Incorrect boundary conditions in the Graphics component. This vulnerability affects Firefox < 147, Firefox ESR < 115.32, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7.

PLUGIN Firefox ESR

CVE-2026-0886

MEDIUM CVSS 5.3 2026-01-13
Open Full Technical Breakdown
Threat Entry Updated 2026-01-22

CVE-2026-0887 - Firefox ESR Plugin

Clickjacking issue, information disclosure in the PDF Viewer component. This vulnerability affects Firefox < 147, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7.

PLUGIN Firefox ESR

CVE-2026-0887

MEDIUM CVSS 4.3 2026-01-13
Open Full Technical Breakdown
Threat Entry Updated 2026-01-22

CVE-2026-0884 - Firefox ESR Plugin

Use-after-free in the JavaScript Engine component. This vulnerability affects Firefox < 147, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7.

PLUGIN Firefox ESR

CVE-2026-0884

CRITICAL CVSS 9.8 2026-01-13
Open Full Technical Breakdown
Threat Entry Updated 2026-01-22

CVE-2026-0879 - Firefox ESR Plugin

Sandbox escape due to incorrect boundary conditions in the Graphics component. This vulnerability affects Firefox < 147, Firefox ESR < 115.32, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7.

PLUGIN Firefox ESR

CVE-2026-0879

CRITICAL CVSS 9.8 2026-01-13
Open Full Technical Breakdown
Threat Entry Updated 2026-01-22

CVE-2026-0882 - Firefox ESR Plugin

Use-after-free in the IPC component. This vulnerability affects Firefox < 147, Firefox ESR < 115.32, Firefox ESR < 140.7, Thunderbird < 147, and Thunderbird < 140.7.

PLUGIN Firefox ESR

CVE-2026-0882

HIGH CVSS 8.8 2026-01-13
Open Full Technical Breakdown
Scroll to top