PT-2023-8955 · Libde265 +4 · Libde265 +4

Name of the Vulnerable Software and Affected Versions: libde265 version 1.10.12 Description: The issue is related to a buffer overflow vulnerability in the slice segment header function within the slice.cc component of the libde265 video codec implementation. This vulnerability can be exploited b...

PT-2023-8943 · Gpac +2 · Gpac +2

Name of the Vulnerable Software and Affected Versions: GPAC version 2.3-DEV-rev566-g50c2ab06f-master Description: The issue is related to a stack overflow in the hevc parse vps extension function, located in the media tools/av parsers.c file. This is caused by incorrect use of dynamic memory duri...

PT-2023-6821 · Gpac +2 · Gpac +2

Name of the Vulnerable Software and Affected Versions: GPAC version 2.3-DEV-rev605-gfc9e29089-master Description: The issue is related to a buffer overflow in the gf isom find od id for track function of the GPAC multimedia platform. This can lead to a denial of service. The vulnerable function i...

PT-2023-30050 · Cacti +2 · Cacti +2

Name of the Vulnerable Software and Affected Versions: Cacti version 1.2.25 Description: The issue allows a remote attacker to obtain sensitive information via the form actions function in the managers.php file. Recommendations: For Cacti version 1.2.25, consider disabling the form actions functi...

PT-2023-6448 · Tp Link · Tp-Link Tl-Wr886N

Name of the Vulnerable Software and Affected Versions: TP-LINK TL-WR886N version 7.0 3.0.14 Build 221115 Rel.56908n.bin Description: The issue is related to a stack overflow via the upgradeInfoRegister function, which can be exploited by a remote attacker to execute arbitrary code. This is due to...

PT-2023-30073 · Totolink · Totolink X2000R

Name of the Vulnerable Software and Affected Versions: TOTOLINK X2000R Gh version 1.0.0-B20230221.0948.web Description: A stack overflow issue was discovered via the function formWlSiteSurvey. This issue affects the specified version of the TOTOLINK X2000R Gh router. Recommendations: For TOTOLINK...

PT-2023-6447 · Tp Link · Tp-Link Tl-Wdr7660 +1

Name of the Vulnerable Software and Affected Versions: TP-LINK TL-WR886N version 7.0 3.0.14 Build 221115 Rel.56908n.bin TP-LINK TL-WDR7660 version 2.0.30 Description: The issue is related to a stack overflow via the deviceInfoRegister function, which can be exploited by a remote attacker to execu...

PT-2023-30021 · Totolink · Totolink X6000R

Name of the Vulnerable Software and Affected Versions: TOTOLINK X6000R version 9.4.0cu.652 B20230116 Description: A remote command execution issue was discovered, which can be exploited via the sub 411994 function. Recommendations: For TOTOLINK X6000R version 9.4.0cu.652 B20230116, consider...

PT-2023-30090 · Totolink · Totolink X2000R

Name of the Vulnerable Software and Affected Versions: TOTOLINK X2000R Gh version 1.0.0-B20230221.0948.web Description: A stack overflow issue was discovered in the function formTcpipSetup, which can be exploited. Recommendations: For version 1.0.0-B20230221.0948.web, as a temporary workaround,...

PT-2023-30016 · Totolink · Totolink X6000R

Name of the Vulnerable Software and Affected Versions: TOTOLINK X6000R version 9.4.0cu.652 B20230116 Description: A remote command execution issue was discovered via the sub 412688 function, allowing for potential exploitation. Recommendations: For TOTOLINK X6000R version 9.4.0cu.652 B20230116,...

PT-2023-30079 · Totolink · Totolink X2000R

Name of the Vulnerable Software and Affected Versions: TOTOLINK X2000R Gh version 1.0.0-B20230221.0948.web Description: A stack overflow issue was discovered in the function formSetLg. Recommendations: For version 1.0.0-B20230221.0948.web, as a temporary workaround, consider disabling the formSet...

PT-2023-29572 · Zzcms · Zzcms

Name of the Vulnerable Software and Affected Versions: zzzCMS version 2.1.9 Description: The issue allows a remote attacker to execute arbitrary code via a crafted file to the down url function in the zzz.php file. This enables the attacker to potentially gain control over the system...

PT-2023-6593 · Tp Link · Tp-Link Tl-Wr886N

Name of the Vulnerable Software and Affected Versions: TP-LINK TL-WR886N version 7.0 3.0.14 Build 221115 Rel.56908n.bin Description: The issue is related to a stack overflow in the registerRequestHandle function, which can be exploited by a remote attacker to impact the integrity, availability, a...

PT-2023-6595 · Tp Link · Tp-Link Tl-Wr886N

Name of the Vulnerable Software and Affected Versions: TP-LINK TL-WR886N version 7.0 3.0.14 Build 221115 Rel.56908n.bin Description: The issue is related to a stack overflow in the getRegVeriRegister function of the TP-LINK TL-WR886N router's firmware, which can be exploited by a remote attacker ...

PT-2023-29538 · Prestashop · Creative Popup

Name of the Vulnerable Software and Affected Versions: Creative Popup versions up to 1.6.9 Description: A SQL injection issue exists in the Creative Popup module for PrestaShop, allowing a guest to perform SQL injection via the cp download popup function. Recommendations: For versions up to 1.6.9...

PT-2023-29703 · Torbot +1 · Torbot +1

Name of the Vulnerable Software and Affected Versions: Torbot versions prior to 4.0.0 Description: The issue concerns the torbot.modules.validators.validate link function, which uses the python-validators URL validation regex. This regular expression has exponential complexity, allowing an attack...

PT-2023-25752 · Totolink · Totolink Cp300+

Name of the Vulnerable Software and Affected Versions: TOTOLINK CP300+ version 5.2cu.7594 B20200910 Description: A stack overflow issue was discovered via the pingIp parameter in the setDiagnosisCfg function. This allows for potential exploitation. Recommendations: For TOTOLINK CP300+ version...

PT-2023-29051 · D Link · Dlink Dph-400Se

Name of the Vulnerable Software and Affected Versions: DLINK DPH-400SE FRU version 2.2.15.8 Description: An issue in the software allows a remote attacker to escalate privileges via the User Modify function in the Maintenance/Access function component. Recommendations: For DLINK DPH-400SE FRU...

PT-2023-27700 · Unknown · Prixan Prixanconnect

Name of the Vulnerable Software and Affected Versions: Prixan prixanconnect versions up to v1.62 Description: The issue is related to a SQL injection vulnerability via the component CartsGuruCatalogModuleFrontController::importProducts. This vulnerability allows for the injection of malicious SQL...

PT-2023-5765 · D Link · D-Link Dir-823G

Name of the Vulnerable Software and Affected Versions: D-Link DIR-823G version A1V1.0.2B05 Description: The issue is related to a buffer overflow in the SetWLanRadioSettings function via the TXPower parameter. This allows attackers to cause a Denial of Service DoS via a crafted input...