Tinc Virtual Private Network Daemon 1.0.37

tinc is a Virtual Private Network VPN daemon that uses tunneling and encryption to create a secure private network between multiple hosts on the Internet. This tunneling allows VPN sites to share information with each other over the Internet without exposing any information...

PT-2026-1426

Name of the Vulnerable Software and Affected Versions WP Timetics versions prior to 1.0.37 Description The Appointment Booking and Scheduling Calendar Plugin – WP Timetics for WordPress is susceptible to unauthorized access and modification of data. This is due to a missing capability check on th...

Linux Distros Unpatched Vulnerability : CVE-2025-6273

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability was found in WebAssembly wabt up to 1.0.37 and classified as problematic. This issue affects the function LogOpcode of the file...

CVE-2025-6274

A vulnerability was found in WebAssembly wabt up to 1.0.37. It has been classified as problematic. Affected is the function OnDataCount of the file src/interp/binary-reader-interp.cc. The manipulation leads to resource consumption. Attacking locally is a requirement. The exploit has been disclose...

WebAssembly wabt 资源管理错误漏洞

WebAssembly wabt is a WebAssembly binary toolkit open-sourced by WebAssembly. A resource management error vulnerability exists in WebAssembly wabt 1.0.37 and earlier versions, which stems from post-release reuse of the function GetFuncOffset in the file src/interp/binary-reader-interp.cc...

WebAssembly wabt 资源管理错误漏洞

WebAssembly wabt is a WebAssembly binary toolkit open-sourced by WebAssembly. A resource management error vulnerability exists in WebAssembly wabt 1.0.37 and earlier versions, which stems from a resource consumption in the function OnDataCount in the file src/interp/binary-reader-interp.cc...

WebAssembly wabt 安全漏洞

WebAssembly wabt is a WebAssembly binary toolkit open-sourced by WebAssembly. A security vulnerability exists in WebAssembly wabt 1.0.37 and earlier versions, which originates from a reachable assertion in the function LogOpcode in the file src/binary-reader-objdump.cc...

WordPress Woodmart Core Plugin <= 1.0.36 is vulnerable to PHP Object Injection

Software Woodmart Core Type Plugin Vulnerable versions = 1.0.36 Fixed in 1.0.37 OWASP Top 10 A1: Injection Classification PHP Object Injection CVE CVE-2023-32242 Patch priority High CVSS severity High 9.8 Developer Xtemos PSID 779c53b2f97f Credits Dave Jong Patchstack Required privilege...

DEBIAN-CVE-2021-27419

uClibc-ng versions prior to 1.0.37 are vulnerable to integer wrap-around in functions malloc-simple. This improper memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution...

Integer overflow

uClibc-ng versions prior to 1.0.37 are vulnerable to integer wrap-around in functions malloc-simple. This improper memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution...

Cross site scripting

On D-Link DIR-620 devices with a certain customized by ISP variant of firmware 1.0.3, 1.0.37, 1.3.1, 1.3.3, 1.3.7, 1.4.0, and 2.0.22, a reflected Cross-Site Scripting XSS attack is possible as a result of missed filtration for special characters in the "Search" field and incorrect processing of t...

CVE-2018-6212

On D-Link DIR-620 devices with a certain customized by ISP variant of firmware 1.0.3, 1.0.37, 1.3.1, 1.3.3, 1.3.7, 1.4.0, and 2.0.22, a reflected Cross-Site Scripting XSS attack is possible as a result of missed filtration for special characters in the "Search" field and incorrect processing of t...

Hardcoded credentials

D-Link DIR-620 devices, with a certain Rostelekom variant of firmware 1.0.37, have a hardcoded rostel account, which makes it easier for remote attackers to obtain access via a TELNET session...

D-Link DIR-620 Router Privilege Access Vulnerability

D-link DIR-620 is a wireless router product from AUO D-Link. A security vulnerability exists in the D-Link DIR-620 using firmware version 1.0.37. The vulnerability can be exploited by a remote attacker to gain access with the help of a TELNET session...

COMTREND CT-5624 Router - Root/Support Password Disclosure/Change

!/usr/bin/perl + Comtrend Router CT-5624 Remote Root/Support Password Disclosure/Change Exploit Author: Todor Donev Email: todor.donev@@gmail Type: Hardware Vuln Type: Remote Tested: Board ID : CT-5624 Software : A011-306TSR-C01R03 Bootloader : 1.0.37-0.7-3 ADSL : A2pB022c3.d20e Board ID : CT-563...