CVE-2026-7460

creationtimestamp| type| source ---|---|--- 2026-05-20 06:56:14+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mmbd7drwum2c...

CVE-2025-7460

A vulnerability has been found in TOTOLINK T6 4.1.5cu.748B20211015 and classified as critical. Affected by this vulnerability is the function setWiFiAclRules of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument mac leads to buffer overflow...

CVE-2025-7460

A vulnerability has been found in TOTOLINK T6 4.1.5cu.748B20211015 and classified as critical. Affected by this vulnerability is the function setWiFiAclRules of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument mac leads to buffer overflow...

CVE-2025-7460

CVE-2025-7460 affects TOTOLINK T6 firmware 4.1.5cu.748_B20211015. The vulnerable component is the HTTP POST Request Handler at /cgi-bin/cstecgi.cgi, in the function setWiFiAclRules, where manipulating the argument mac leads to a buffer overflow. The issue can be exploited remotely and public expl...

CVE-2025-7460 TOTOLINK T6 HTTP POST Request cstecgi.cgi setWiFiAclRules buffer overflow

A vulnerability has been found in TOTOLINK T6 4.1.5cu.748B20211015 and classified as critical. Affected by this vulnerability is the function setWiFiAclRules of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument mac leads to buffer overflow...

CVE-2024-7460

creationtimestamp| type| source ---|---|--- 2024-08-05 02:12:02+00:00| seen| https://t.me/cvedetector/2415...

CVE-2020-7460

creationtimestamp| type| source ---|---|--- 2020-09-19 20:38:57+00:00| published-proof-of-concept| https://t.me/HackerOne/2743 2022-07-19 05:12:18+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/1687 2023-11-02 19:17:43+00:00| seen| MISP/b1a587f7-cb46-4077-9078-896ce175b...

CVE-2020-7460

In FreeBSD 12.1-STABLE before r363918, 12.1-RELEASE before p8, 11.4-STABLE before r363919, 11.4-RELEASE before p2, and 11.3-RELEASE before p12, the sendmsg system call in the compat32 subsystem on 64-bit platforms has a time-of-check to time-of-use vulnerability allowing a mailcious userspace...

CVE-2020-7460

The CVE-2020-7460 issue affects FreeBSD on 64-bit platforms where the 32-bit compat32 sendmsg path contains a TOCTOU vulnerability. A 32-bit or 64-bit process could trigger a mailcious userspace program to modify control message headers after validation, enabling kernel-level impact. Affected ran...

CVE-2015-7460

CVE-2015-7460 describes a cross-site scripting (XSS) vulnerability in IBM Connections versions 3.0.1.1 and earlier, and 4.0, 4.5, and 5.0 before CR4. The issue allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Publicly provided connected documents confirm IBM...

CVE-2013-7460

CVE-2013-7460 is a vulnerability in McAfee Application Control (MAC) 6.1.0 for Linux and earlier that enables write protection and an execution bypass. Authenticated users can change binaries that are part of the Application Control whitelist and allow execution of binaries under specific conditi...

CVE-2016-7460

The Single Sign-On feature in VMware vCenter Server 5.5 before U3e and 6.0 before U2a and vRealize Automation 6.x before 6.2.5 allows remote attackers to read arbitrary files or cause a denial of service via an XML document containing an external entity declaration in conjunction with an entity...

CVE-2016-7460

CVE-2016-7460 refers to an XML External Entity (XXE) vulnerability in the Single Sign-On feature of VMware products. Affects vCenter Server 5.5 before U3e and 6.0 before U2a, and vRealize Automation 6.x before 6.2.5. A specially crafted XML document containing an external entity declaration and a...

VMware vCenter Server 5.5.x < 5.5u3e / 6.0.x < 6.0u2a Multiple XXE Vulnerabilities (VMSA-2016-0022)

The version of VMware vCenter Server installed on the remote host is 5.5.x prior to 5.5u3e or 6.0.x prior to 6.0u2a. It is, therefore, affected by multiple XML external entity XXE vulnerabilities : - Multiple XML external entity XXE vulnerabilities exist in the Log Browser, the Distributed Switch...

yourtango.com XSS vulnerability

Vulnerable URL: http://www.yourtango.com/content/search?searchapiaggregation1=%22%3E%3Csvg%2Fonload%3Dprompt%28%2Fxssposed%2F%29%3E Details: Description| Value ---|--- Patched:| No Latest check for patch:| 26.07.2017 Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank|...

CVE-2014-7460

The CVE-2014-7460 entry concerns the Android app Slots Heaven:FREE Slot Machine (com.twelvegigs.heaven.slots) 1.123, which does not verify X.509 certificates when connecting to SSL servers. The underlying vulnerability is improper certificate validation, allowing MITM attackers to spoof servers a...

SuSE 10 Security Update : firefox3-pango (ZYPP Patch Number 7460)

The following bug has been fixed : - Specially crafted font files could cause a heap corruption in applications linked against pango. CVE-2011-0020 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The text description of this plugin is C Novell, Inc. include'deprecatednasllevel.inc';...