CVE-2026-22913

creationtimestamp| type| source ---|---|--- 2026-01-15 14:03:24+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mchqs3uhuv2c 2026-01-15 15:12:35+00:00| seen| https://infosec.exchange/users/cR0w/statuses/115899757567671679...

CVE-2026-22913

Improper handling of a URL parameter may allow attackers to execute code in a user's browser after login. This can lead to the extraction of sensitive data...

Linux Distros Unpatched Vulnerability : CVE-2024-22913

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A heap-buffer-overflow was found in SWFTools v0.9.2, in the function swf5lex at lex.swf5.c:1321. It allows an attacker to cause code execution. CVE-2024-22913...

CVE-2025-22913

RE11S v1.11 was discovered to contain a stack overflow via the rootAPmac parameter in the formStaDrvSetup function...

CVE-2023-22913

A post-authentication command injection vulnerability in the “accountoperator.cgi” CGI program of Zyxel USG FLEX series firmware versions 4.50 through 5.35, and VPN series firmware versions 4.30 through 5.35, which could allow a remote authenticated attacker to modify device configuration data,...

CVE-2025-22913

creationtimestamp| type| source ---|---|--- 2025-01-16 03:15:43+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lftcut2wrd2f 2025-01-16 03:23:07+00:00| seen| https://infosec.exchange/users/cve/statuses/113835886976210157 2025-01-16 03:48:43+00:00| seen|...

CVE-2025-22913

RE11S v1.11 was discovered to contain a stack overflow via the rootAPmac parameter in the formStaDrvSetup function...

CVE-2025-22913

CVE-2025-22913 affects RE11S v1.11 (EDIMAX) with a stack overflow in the formStaDrvSetup function triggered via the rootAPmac parameter. The CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) indicates network access with high impact to confidentiality, integrity, and availability. Multiple so...

CVE-2025-22913

RE11S v1.11 was discovered to contain a stack overflow via the rootAPmac parameter in the formStaDrvSetup function...

CVE-2024-11950

CVE-2024-11950 affects XnSoft XnView Classic due to an integer underflow in RWZ file parsing. The flaw allows code execution via remote attacker control after user visits a malicious page or opens a malicious RWZ, with the issue arising from inadequate validation of input data and an underflow be...

CVE-2024-22913

creationtimestamp| type| source ---|---|--- 2024-01-19 19:26:51+00:00| seen| https://t.me/ctinow/170360 2024-01-25 19:16:39+00:00| seen| https://t.me/ctinow/173710 2024-02-15 14:51:24+00:00| seen| https://t.me/ctinow/185570...

CVE-2024-22913

SWFTools v0.9.2 is affected by a heap-buffer-overflow in the function swf5lex (lex.swf5.c:1321) that can lead to code execution. Multiple sources corroborate the flaw in SWFTools 0.9.2; attack vector is not described in detail in these documents, and no vendor patch is clearly documented within t...

CVE-2023-22913

creationtimestamp| type| source ---|---|--- 2023-04-24 20:19:39+00:00| seen| https://t.me/cibsecurity/62738...

CVE-2023-22913

A post-authentication command injection vulnerability in the “accountoperator.cgi” CGI program of Zyxel USG FLEX series firmware versions 4.50 through 5.35, and VPN series firmware versions 4.30 through 5.35, which could allow a remote authenticated attacker to modify device configuration data,...

CVE-2023-22913

CVE-2023-22913 describes a post-authentication command injection in Zyxel’s account_operator.cgi used by USG FLEX and VPN firmware: USG FLEX 4.50–5.35 and VPN 4.30–5.35. An authenticated attacker could inject commands to modify device configuration data, leading to DoS. The technical details in t...

CVE-2021-22913

creationtimestamp| type| source ---|---|--- 2021-06-11 20:43:04+00:00| seen| https://t.me/cibsecurity/25395...

CVE-2021-22913

Nextcloud Deck prior to 1.2.7 and 1.4.1 is affected by an information disclosure vulnerability where searches for sharees are sent to the lookup server by default instead of the local Nextcloud server, unless a global search is explicitly chosen. The underlying issue is that the search requests a...