PT-2024-7148 · D Link · D-Link Dir-820L

Name of the Vulnerable Software and Affected Versions: D-Link DIR-820L version 1.05B03 Description: The issue is a stack overflow vulnerability located in the sub 451208 function. This vulnerability can be exploited by a remote attacker to impact the confidentiality, integrity, and availability o...

PT-2024-7129 · D Link · D-Link Dir-619L

Name of the Vulnerable Software and Affected Versions: D-Link DIR-619L B1 version 2.06 Description: A critical vulnerability was found in the function formDeviceReboot of the file /goform/formDeviceReboot. The manipulation of the argument next page leads to a buffer overflow, allowing a remote...

PT-2024-7127 · D Link · D-Link Dir-619L

Name of the Vulnerable Software and Affected Versions: D-Link DIR-619L version 2.06 Description: A critical issue is found in the function formEasySetPassword of the file /goform/formEasySetPassword, where the manipulation of the curTime argument leads to a buffer overflow. This can be exploited...

PT-2024-39693 · Unknown · Esafenet Cdg V5

Name of the Vulnerable Software and Affected Versions: ESAFENET CDG V5 Description: A critical issue has been found in ESAFENET CDG V5, affecting the function delCatelogs of the file /CDGServer3/document/Catelogs;logindojojs?command=DelCatelogs. The manipulation of the argument id leads to SQL...

PT-2024-7098 · D Link · Dir-605L

Name of the Vulnerable Software and Affected Versions: D-Link DIR-605L version 2.13B01 BETA Description: A critical issue has been found in the function formWlanSetup Wizard of the file /goform/formWlanSetup Wizard. The manipulation of the argument webpage leads to buffer overflow. This issue...

PT-2024-7468 · D Link · Dir-605L

Name of the Vulnerable Software and Affected Versions: D-Link DIR-605L version 2.13B01 BETA Description: A critical vulnerability has been found in the function formAdvanceSetup of the file /goform/formAdvanceSetup. The manipulation of the argument webpage leads to buffer overflow. The attack can...

PT-2024-31823 · Bandisoft · Bandiview

Name of the Vulnerable Software and Affected Versions: Bandisoft BandiView version 7.05 Description: The issue is related to incorrect access control via the sub 0x232bd8 function, resulting in a denial of service DOS. Recommendations: For Bandisoft BandiView version 7.05, consider disabling the...

PT-2024-31938 · Cute Png · Cute Png

Name of the Vulnerable Software and Affected Versions: cute png version 1.05 Description: The issue is related to a stack overflow in the cp dynamic function located at cute png.h. Recommendations: For cute png version 1.05, consider disabling the cp dynamic function as a temporary workaround unt...

PT-2024-9598 · Tenda · Tenda G3

Name of the Vulnerable Software and Affected Versions: Tenda G3 version 3.0 v15.11.0.20 Description: The issue is related to the formSetUSBPartitionUmount function of the Tenda G3 wireless access point's firmware, which fails to neutralize special elements when processing the usbPartitionName...

PT-2024-39538 · Unknown · Kalvingit Kvf-Admin

Name of the Vulnerable Software and Affected Versions: kalvinGit kvf-admin up to f12a94dc1ebb7d1c51ee978a85e4c7ed75c620ff Description: A critical issue has been found in the fileUpload function of the FileUploadKit.java file, allowing for unrestricted upload by manipulating the file argument. Thi...

PT-2024-7348 · Tenda · Tenda Routers G3

Name of the Vulnerable Software and Affected Versions: Tenda G3 Router firmware version 15.03.05.05 Description: The issue is related to a remote code execution vulnerability in the Tenda G3 Router firmware. This vulnerability can be exploited via the usbPartitionName parameter in the...

PT-2024-38918 · WordPress +1 · Bookings Subscription Listings Compatible +1

Name of the Vulnerable Software and Affected Versions: WCFM – Frontend Manager for WooCommerce versions up to, and including, 6.7.12 Description: The issue is related to Insecure Direct Object Reference, which affects the WCFM – Frontend Manager for WooCommerce along with the Bookings Subscriptio...

PT-2024-39424 · Sourcecodester · Sourcecodester Loan Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Modern Loan Management System version 1.0 Description: A critical issue has been found, allowing for SQL injection through the manipulation of the searchMember argument in the file search member.php. This can be exploited...

PT-2024-30853 · Unknown · Firsh Justified Image Grid

Name of the Vulnerable Software and Affected Versions: Firsh Justified Image Grid versions through 4.6.1 Description: A Server-Side Request Forgery SSRF issue affects Firsh Justified Image Grid, allowing for Server Side Request Forgery. Recommendations: For versions through 4.6.1, consider...

PT-2024-37303 · Langchain Ai · Langchain

Name of the Vulnerable Software and Affected Versions: langchain-ai/langchain versions prior to 0.2.4 Description: A vulnerability in the FAISS.deserialize from bytes function allows for pickle deserialization of untrusted data, which can lead to the execution of arbitrary commands via the...

PT-2024-31993 · Totolink · Totolink Ac1200 T8

Name of the Vulnerable Software and Affected Versions: TOTOLINK AC1200 T8 version 4.1.5cu.861 B20230220 Description: The issue is a buffer overflow vulnerability in the setWiFiAclRules function via the desc parameter. This vulnerability can be exploited, but details about the estimated number of...

PT-2024-39189 · Sourcecodester · Sourcecodester Best House Rental Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Best House Rental Management System version 1.0 Description: A critical vulnerability has been found in the system. The issue affects the function delete user/save user of the file /admin class.php. The manipulation of the...

PT-2024-21856 · Samsung · Exynos 1330 +8

Name of the Vulnerable Software and Affected Versions: Samsung Mobile Processor Exynos versions including Exynos 980, Exynos 850, Exynos 1080, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 1480, Exynos W920, Exynos W930 Description: The issue is related to a lack of input validation check on a...

PT-2024-38804 · WordPress · Wp Extended

Name of the Vulnerable Software and Affected Versions: WP Extended plugin for WordPress versions up to, and including, 3.0.8 Description: The issue allows authenticated attackers, with subscriber access and above, to read the contents of arbitrary files on the server, which can contain sensitive...

PT-2024-38990 · Linksys · Linksys Wrt54G

Name of the Vulnerable Software and Affected Versions: Linksys WRT54G version 4.21.5 Description: A critical issue affects the function validate services port of the file /apply.cgi in the component POST Parameter Handler. The manipulation of the argument services array leads to a stack-based...