PT-2024-38922 · Feehicms · Feehicms

Name of the Vulnerable Software and Affected Versions: FeehiCMS versions up to 2.1.1 Description: A critical issue has been found in FeehiCMS, affecting the createBanner function of the file /admin/index.php?r=banner%2Fbanner-create. The manipulation of the argument BannerFormimg leads to...

PT-2024-6436 · Tenda · Tenda O1

Name of the Vulnerable Software and Affected Versions: Tenda O1 version 1.0.0.710648 Description: A critical issue affects the fromDhcpSetSer function of the file /goform/DhcpSetSer, allowing a remote attacker to exploit a stack-based buffer overflow vulnerability. The manipulation of the argumen...

PT-2024-38882 · Unknown · Sourcecodester Music Gallery Site

Name of the Vulnerable Software and Affected Versions: SourceCodester Music Gallery Site version 1.0 Description: A critical vulnerability was found in SourceCodester Music Gallery Site. This issue affects unknown code of the file /classes/Master.php?f=delete category. The manipulation of the id...

PT-2024-31178 · Tenda · Tenda Ax1806

Name of the Vulnerable Software and Affected Versions: Tenda AX1806 version 1.0.0.1 Description: The issue is a stack overflow that occurs via the iptv.city.vlan parameter in the setIptvInfo function. This allows for potential exploitation. No information is provided about the estimated number of...

PT-2024-31175 · Tenda · Tenda Ax1806

Name of the Vulnerable Software and Affected Versions: Tenda AX1806 version 1.0.0.1 Description: The issue is a stack overflow that occurs via the iptv.city.vlan parameter in the formGetIptv function. This allows for potential exploitation. Recommendations: For Tenda AX1806 version 1.0.0.1, as a...

PT-2024-31179 · Tenda · Tenda Ax1806

Name of the Vulnerable Software and Affected Versions: Tenda AX1806 version 1.0.0.1 Description: The issue is a stack overflow that occurs via the adv.iptv.stballvlans parameter in the setIptvInfo function. This allows for potential exploitation. No information is provided about the estimated...

PT-2024-38817 · D Link · D-Link Dns-321 +16

Name of the Vulnerable Software and Affected Versions: D-Link DNS-120 up to 20240814 D-Link DNR-202L up to 20240814 D-Link DNS-315L up to 20240814 D-Link DNS-320 up to 20240814 D-Link DNS-320L up to 20240814 D-Link DNS-320LW up to 20240814 D-Link DNS-321 up to 20240814 D-Link DNR-322L up to...

PT-2024-31142 · Tenda · Tenda Fh1206

Name of the Vulnerable Software and Affected Versions: Tenda FH1206 version V1.2.0.88155 EN Description: The issue is a Buffer Overflow vulnerability via the function fromSetIpBind. This vulnerability can lead to remote code execution RCE. There is no information about the estimated number of...

PT-2024-31144 · Tenda · Tenda Fh1206

Name of the Vulnerable Software and Affected Versions: Tenda FH1206 version V1.2.0.88155 EN Description: The issue is a Buffer Overflow vulnerability via the function formWrlsafeset. This vulnerability can be exploited, but details about real-world incidents are not provided. The estimated number...

PT-2024-38790 · Totolink · Totolink Ac1200 T8

Name of the Vulnerable Software and Affected Versions: TOTOLINK AC1200 T8 version 4.1.5cu.862 B20230228 Description: A critical issue affects the setTracerouteCfg function, leading to a buffer overflow. This can be exploited remotely. The vendor was contacted about this issue but did not respond...

UBUNTU-CVE-2022-48894

In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu-v3: Don't unregister on shutdown Similar to SMMUv2, this driver calls iommudeviceunregister from the shutdown path, which removes the IOMMU groups with no coordination whatsoever with their users - shutdown methods...

PT-2024-38681 · Sourcecodester · Yoga Class Registration System

Name of the Vulnerable Software and Affected Versions: SourceCodester Yoga Class Registration System version 1.0 Description: A problematic vulnerability has been found in the system, affecting an unknown function of the file /php-ycrs/classes/SystemSettings.php. The manipulation of the address...

PT-2024-6467 · Totolink · Totolink X6000R

Name of the Vulnerable Software and Affected Versions: TOTOLINK X6000R version 9.4.0cu.852 20230719 Description: A critical issue has been found in the TOTOLINK X6000R, affecting the function setSyslogCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument rtLogServer leads to...

PT-2024-30237 · Tenda · Tenda Fh1206

Name of the Vulnerable Software and Affected Versions: Tenda FH1206 version 02.03.01.35 Description: A stack overflow vulnerability was discovered in the fromPptpUserSetting function via the delno parameter. This issue allows attackers to cause a Denial of Service DoS via a crafted POST request t...

PT-2024-5845 · Tenda · Tenda Fh1201

Name of the Vulnerable Software and Affected Versions: Tenda FH1201 version 1.2.0.14 408 Description: The issue is related to a stack overflow vulnerability in the fromAddressNat function of the Tenda FH1201 router's firmware. This vulnerability can be exploited by sending a specially crafted POS...

PT-2024-7660 · Tenda · Tenda Fh1206

Name of the Vulnerable Software and Affected Versions: Tenda FH1206 version 02.03.01.35 Description: The issue is caused by a stack overflow in the fromNatlimit function via the page parameter. This allows attackers to cause a Denial of Service DoS via a crafted POST request to the affected API...

PT-2024-38272 · Unknown · Youdiancms

Name of the Vulnerable Software and Affected Versions: YouDianCMS version 7 Description: A critical issue has been found, affecting the curl exec function in the file /App/Core/Extend/Function/ydLib.php. The manipulation of the url argument leads to server-side request forgery. This issue can be...

PT-2024-5666 · Tenda · Tenda I22

Name of the Vulnerable Software and Affected Versions: Tenda i22 version 1.0.0.34687 Description: A critical issue was found in the formApPortalPhoneAuth function of the /goform/apPortalPhoneAuth file. The manipulation of the data argument leads to a buffer overflow. This can be exploited remotel...

PT-2024-28320 · Snapstate · Snapstate

Name of the Vulnerable Software and Affected Versions: snapstate version 0.0.9 Description: The issue is related to a prototype pollution vulnerability via the attemptNestedProperty function. This allows attackers to execute arbitrary code or cause a Denial of Service DoS by injecting arbitrary...

PT-2024-28322 · Ais · Ais-Ltd Strategyen

Name of the Vulnerable Software and Affected Versions: ais-ltd strategyen version 0.4.0 Description: The issue allows attackers to execute arbitrary code or cause a Denial of Service DoS via injecting arbitrary properties using the mergeObjects function. This is a result of prototype pollution...