CVE-2026-8227

creationtimestamp| type| source ---|---|--- 2026-05-10 07:37:09+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mliatcnc232o...

CVE-2026-8227 Wavlink NU516U1 adm.cgi wzdapMesh os command injection

A weakness has been identified in Wavlink NU516U1 240425. This issue affects the function wzdapMesh of the file /cgi-bin/adm.cgi. This manipulation causes os command injection. The attack may be initiated remotely. The exploit has been made available to the public and could be used for attacks. T...

Linux Distros Unpatched Vulnerability : CVE-2020-8227

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Missing sanitization of a server response in Nextcloud Desktop Client 2.6.4 for Linux allowed a malicious Nextcloud Server to store files outside of the dedicat...

CVE-2025-8227 yanyutao0402 ChanCMS getArticle deserialization

A vulnerability was found in yanyutao0402 ChanCMS up to 3.1.2. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /collect/getArticle. The manipulation of the argument taskUrl leads to deserialization. The attack can be launched remotely. The...

CVE-2019-8227

In Magento prior to 1.9.4.3 and Magento prior to 1.14.4.3, an authenticated user with limited administrative privileges can inject arbitrary JavaScript code via import / export functionality when creating profile action XML...

CVE-2024-8227

creationtimestamp| type| source ---|---|--- 2024-08-28 02:35:35+00:00| seen| https://t.me/cvedetector/4292...

CVE-2024-8227

CVE-2024-8227 affects Tenda O1 1.0.0.7(10648). The vulnerability lies in fromDhcpSetSer in /goform/DhcpSetSer, where manipulation of dhcpStartIp, dhcpEndIp, dhcpGw, dhcpMask, dhcpLeaseTime, dhcpDns1, and dhcpDns2 leads to a stack-based buffer overflow. It is exploitable remotely and the public ex...

CVE-2024-8227 Tenda O1 DhcpSetSer fromDhcpSetSer stack-based overflow

A vulnerability was found in Tenda O1 1.0.0.710648 and classified as critical. Affected by this issue is the function fromDhcpSetSer of the file /goform/DhcpSetSer. The manipulation of the argument dhcpStartIp/dhcpEndIp/dhcpGw/dhcpMask/dhcpLeaseTime/dhcpDns1/dhcpDns2 leads to stack-based buffer...

CGA-W4FW-9WM9-8227

Bulletin has no description...

CVE-2019-8227

creationtimestamp| type| source ---|---|--- 2024-02-04 16:16:23+00:00| seen| https://t.me/ctinow/178865...

CVE-2023-32956

Improper neutralization of special elements used in an OS command 'OS Command Injection' vulnerability in CGI component in Synology Router Manager SRM before 1.2.5-8227-6 and 1.3.1-9346-3 allows remote attackers to execute arbitrary code via unspecified vectors...

PT-2023-2773 · Synology · Synology Router Manager

Name of the Vulnerable Software and Affected Versions: Synology Router Manager versions prior to 1.2.5-8227-6 Synology Router Manager versions prior to 1.3.1-9346-3 Description: The issue is related to an OS command injection vulnerability in the CGI component of Synology Router Manager. This...

Synology Router Manager 操作系统命令注入漏洞

Synology Router Manager SRM is a software for configuring and managing Synology routers from Synology Inc. in China. An operating system command injection vulnerability exists in Synology Router Manager SRM before version 1.2.5-8227-6. A remote attacker can exploit this vulnerability to execute...

Synology Router Manager 注入漏洞

Synology Router Manager SRM is a software used to configure and manage Synology routers from China-based Synology Inc. An injection vulnerability exists in Synology Router Manager SRM versions prior to 1.2.5-8227-6, 1.3.1-9346-3, which stems from improper neutralization of special elements. An...

ChakraCore RCE Vulnerability

A remote code execution vulnerability exists in the way that the Chakra scripting engine handles objects in memory in Microsoft Edge, aka "Chakra Scripting Engine Memory Corruption Vulnerability." This affects Microsoft Edge, ChakraCore. This CVE ID is unique from CVE-2018-8227...

CVE-2020-8227

Nextcloud Desktop Client for Linux (2.6.4) is affected. The root cause is missing sanitization of a server response, which allows a malicious Nextcloud Server to store files outside the dedicated sync directory (directory traversal). Impact is potential leakage/exfiltration of files outside the s...

CVE-2019-8227

In Magento prior to 1.9.4.3 and Magento prior to 1.14.4.3, an authenticated user with limited administrative privileges can inject arbitrary JavaScript code via import / export functionality when creating profile action XML...

CVE-2019-8227

CVE-2019-8227 affects Magento prior to 1.9.4.3 and prior to 1.14.4.3. An authenticated user with limited administrative privileges can inject arbitrary JavaScript through the import/export profile action XML functionality. This is a cross-site scripting issue in the web interface, with exploitati...

CVE-2017-8227

creationtimestamp| type| source ---|---|--- 2019-07-04 00:30:55+00:00| seen| https://t.me/cibsecurity/5352...

Critical Flaws in Amcrest HDSeries Camera Allow Complete Takeover

Two critical severity bugs have been publicly disclosed that impact Amcrest HDSeries model IPM-721S cameras. Both vulnerabilities open the consumer-grade $50 Wi-Fi cameras to complete takeover by remote, unauthenticated attackers. Mandar Satam, senior security researcher at Synopsys, found the si...