PT-2023-5732 · D Link · D-Link Dir-823G

Name of the Vulnerable Software and Affected Versions: D-Link DIR-823G version A1V1.0.2B05 Description: The issue is related to a buffer overflow in the SetParentsControlInfo function when handling the Mac parameter. This allows attackers to cause a Denial of Service DoS via crafted input. The...

PT-2023-5729 · D Link · D-Link Dir-823G

Name of the Vulnerable Software and Affected Versions: D-Link DIR-823G version A1V1.0.2B05 Description: The issue is related to a buffer overflow in the SetWLanRadioSettings function when handling the GuardInt parameter. This allows attackers to cause a Denial of Service DoS via a crafted input...

PT-2023-27999 · Unknown · Zoo Management System

Name of the Vulnerable Software and Affected Versions: Zoo Management System version 1.0 Description: A stored cross-site scripting XSS vulnerability in the Add Animal Details function allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Description of...

PT-2023-27674 · Tenda · Tenda Ac6

Name of the Vulnerable Software and Affected Versions: Tenda AC6 version 1.0BR V15.03.05.16 Description: The issue concerns a Buffer Overflow that can be triggered via the function sub 7D858. Recommendations: For version 1.0BR V15.03.05.16, as a temporary workaround, consider disabling the sub...

PT-2023-27665 · Tenda · Tenda Ac6

Name of the Vulnerable Software and Affected Versions: Tenda AC6 version US AC6V1.0BR V15.03.05.16 multi TD01.bin Description: The issue concerns a command execution vulnerability in the sub ADF3C function. This vulnerability is exploited through the formSetIptv function, which obtains the list a...

PT-2023-8675 · Zbar +5 · Zbar +5

Name of the Vulnerable Software and Affected Versions: ZBar version 0.23.90 Description: A heap-based buffer overflow exists in the qr reader match centers function. Specially crafted QR codes may lead to information disclosure and/or arbitrary code execution. To trigger this issue, an attacker c...

PT-2023-27640 · Phicomm · Phicomm K2

Name of the Vulnerable Software and Affected Versions: Phicomm k2 version 22.6.529.216 Description: The Phicomm k2 router contains a command injection vulnerability via the luci.sys.call function. This issue allows for remote command execution. Recommendations: For Phicomm k2 version 22.6.529.216...

PT-2023-25476 · Skalenetwork · Skalenetwork Sgxwallet

Name of the Vulnerable Software and Affected Versions: skalenetwork sgxwallet version 1.9.0 Description: The issue allows an attacker to cause a denial of service via the trustedBlsSignMessage function. This is a Buffer Overflow vulnerability. Recommendations: For skalenetwork sgxwallet version...

PT-2023-5195 · Gnu +4 · Binutils +4

Name of the Vulnerable Software and Affected Versions: Binutils versions prior to 2.39.3 Description: The issue is related to the compare symbols function in objdump.c and is caused by incorrect clearing or release of resources. This can be exploited by an attacker to cause a denial of service or...

PT-2023-29100 · Totolink · Totolink Ex1200T

Name of the Vulnerable Software and Affected Versions: TOTOLINK EX1200L version EN V9.3.5u.6146 B20201023 Description: A critical issue was found, affecting the setDiagnosisCfg function, which leads to os command injection. This can be initiated remotely. Recommendations: For TOTOLINK EX1200L...

PT-2023-4624 · Totolink · Totolink Ex1200T

Name of the Vulnerable Software and Affected Versions: TOTOLINK EX1200L version EN V9.3.5u.6146 B20201023 Description: A critical issue has been found, affecting the setTracerouteCfg function, which can lead to os command injection. This can be exploited remotely. The issue is related to errors i...

PT-2023-26645 · Comfast · Comfast Cf-Xr11

Name of the Vulnerable Software and Affected Versions: COMFAST CF-XR11 version 2.7.2 Description: An issue in COMFAST CF-XR11 allows an attacker to execute arbitrary code via the protal delete picname parameter in the sub 41171C function at bin/webmgnt. Recommendations: For COMFAST CF-XR11 versio...

PT-2023-27113 · Icms · Icms

Name of the Vulnerable Software and Affected Versions: iCMS version 7.0.16 Description: The issue is related to a SQL injection vulnerability. It affects the bakupdata function, allowing for potential SQL injection attacks. Recommendations: For iCMS version 7.0.16, consider disabling the bakupdat...

PT-2023-26696 · Tenda · Tenda Fh1202

Name of the Vulnerable Software and Affected Versions: Tenda F1202 version 1.2.0.9 Tenda FH1202 version 1.2.0.9 Description: A stack overflow issue was discovered via the mit ssid parameter in the formWrlsafeset function. This issue affects the specified versions of Tenda F1202 and FH1202...

PT-2023-26321 · Unknown · Y Project Ruoyi

Name of the Vulnerable Software and Affected Versions: y project RuoYi versions up to 4.7.7 Description: A vulnerability has been found in the function uploadFilesPath of the component File Upload. The manipulation of the argument originalFilenames leads to cross site scripting. The attack may be...

PT-2023-25799 · Microsoft · Chakracore

Name of the Vulnerable Software and Affected Versions: ChakraCore version cbb9b Description: A stack overflow issue was discovered in ChakraCore via the Js::ScopeSlots::IsDebuggerScopeSlotArray function. Recommendations: For ChakraCore version cbb9b, as a temporary workaround, consider disabling...

PT-2023-26098 · Gpac +1 · Gpac +1

Name of the Vulnerable Software and Affected Versions: GPAC version 2.3-DEV-rev381-g817a848f6-master Description: A segmentation violation was discovered in the gf isom remove user data function at /lib/libgpac.so. This issue affects the specified version of GPAC. Recommendations: For GPAC versio...

PT-2023-26097 · Gpac +1 · Gpac +1

Name of the Vulnerable Software and Affected Versions: GPAC version 2.3-DEV-rev381-g817a848f6-master Description: A segmentation violation was discovered in the gf dump vrml sffield function at /lib/libgpac.so. This issue affects the specified version of GPAC. Recommendations: For GPAC version...

PT-2023-5384 · D Link · D-Link Dwl-6610Ap

Name of the Vulnerable Software and Affected Versions: D-LINK DWL-6610 version FW v 4.3.0.8B003C Description: The issue is related to a command injection vulnerability in the sub 2EF50 function. This vulnerability allows attackers to execute arbitrary commands via the manual-time-string parameter...

PT-2023-5078 · Milesight · Milesight Ur32L

Name of the Vulnerable Software and Affected Versions: Milesight UR32L version 32.3.0.5 Description: Multiple buffer overflow vulnerabilities exist in the vtysh ubus binary due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An...