PT-2025-30935 · Totolink · Totolink T6

Name of the Vulnerable Software and Affected Versions: TOTOLINK T6 version 4.1.5cu.748 B20211015 Description: A critical vulnerability exists in the MQTT Packet Handler component of the affected product. The vulnerability is due to a buffer overflow in the tcpcheck net function within the...

TOTOLINK T6 安全漏洞

TOTOLINK T6 is a wireless dual-band router from China's Gion Electronics TOTOLINK. A security vulnerability exists in TOTOLINK T6 version 4.1.5cu.748B20211015, which originates from a buffer overflow due to an incorrect operation of the parameter serverIp in the MQTT packet processing component i...

CVE-2025-7460

A vulnerability has been found in TOTOLINK T6 4.1.5cu.748B20211015 and classified as critical. Affected by this vulnerability is the function setWiFiAclRules of the file /cgi-bin/cstecgi.cgi of the component HTTP POST Request Handler. The manipulation of the argument mac leads to buffer overflow...

CVE-2023-24525

SAP CRM WebClient UI - versions WEBCUIF 748, 800, 801, S4FND 102, 103, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting XSS vulnerability. On successful exploitation an authenticated attacker can cause limited impact on confidentiality of the application...

SAP CRM 跨站脚本漏洞

SAP CRM is a customer relationship management system from SAP, Germany. A cross-site scripting vulnerability exists in SAP CRM WebClient UI WEBCUIF version 748, version 800, version 801, S4FND version 102, version 103, which stems from not adequately coding user input...

PT-2023-19673 · Sap · Sap Crm Webclient Ui

Name of the Vulnerable Software and Affected Versions: SAP CRM WebClient UI versions WEBCUIF 748, 800, 801, S4FND 102, 103 Description: The issue is related to insufficient encoding of user-controlled inputs, resulting in a Cross-Site Scripting XSS vulnerability. On successful exploitation, an...

CVE-2020-6256

SAP Master Data Governance, versions - 748, 749, 750, 751, 752, 800, 801, 802, 803, 804, allows users to display change request details without having required authorizations, due to Missing Authorization Check...

Sql injection

The use of an admin backend report within SAP Master Data Governance, versions - S4CORE 101, S4FND 102, 103, 104, SAPBSFND 748; allows an attacker to execute crafted database queries, exposing the backend database, leading to SQL Injection...

Authorization

SAP Master Data Governance, versions - 748, 749, 750, 751, 752, 800, 801, 802, 803, 804, allows users to display change request details without having required authorizations, due to Missing Authorization Check...

Amazon Linux: Security Advisory (ALAS-2016-748)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Amazon Linux AMI : java-1.6.0-openjdk (ALAS-2016-748)

An insufficient bytecode verification flaw was discovered in the Hotspot component in OpenJDK. An untrusted Java application or applet could use this flaw to completely bypass Java sandbox restrictions. CVE-2016-3606 Multiple denial of service flaws were found in the JAXP component in OpenJDK. A...

Ubuntu USN-748-1 (openjdk-6)

The remote host is missing an update to openjdk-6 announced via advisory USN-748-1. OpenVAS Vulnerability Test $Id: ubuntu7481.nasl 7969 2017-12-01 09:23:16Z santu $ $Id: ubuntu7481.nasl 7969 2017-12-01 09:23:16Z santu $ Description: Auto-generated from advisory USN-748-1 openjdk-6 Authors: Thoma...

Ubuntu: Security Advisory (USN-748-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora Update for perl FEDORA-2007-748

The remote host is missing an update for the SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

CentOS 3 / 4 : php (CESA-2005:748)

Updated PHP packages that fix a security issue are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Web server. A bug was discovered in the PEAR XML-RP...

Debian DSA-748-1 : ruby1.8 - bad default value

A vulnerability has been discovered in ruby1.8 that could allow arbitrary command execution on a server running the ruby xmlrpc server. The old stable distribution woody did not include ruby1.8. This problem is fixed for the current stable distribution sarge in version 1.8.2-7sarge1. This problem...