CVE-2026-1460

A post-authentication command injection vulnerability in the “DomainName” parameter of the DHCP configuration file in Zyxel DX3301-T0 and EX3301-T0 firmware versions through 5.50ABVY.7.1C0 could allow an authenticated attacker with administrator privileges to execute OS commands on an affected...

Zyxel DX3301-T0和Zyxel EX3301-T0 操作系统命令注入漏洞

Both the Zyxel DX3301-T0 and Zyxel EX3301-T0 are products of the Chinese company Zyxel. The Zyxel DX3301-T0 is a small wireless WiFi router. The Zyxel EX3301-T0 is a secure routing gateway. Both the Zyxel DX3301-T0 and Zyxel EX3301-T0, including versions 5.50ABVY.7.1C0 and earlier, have an...

CVE-2019-25341

iNetTools for iOS 8.20 contains a denial of service vulnerability in the Whois feature that allows attackers to crash the application by manipulating input. Attackers can paste a specially crafted 98-character buffer into the Domain Name field to trigger an application crash...

CVE-2019-25341

iNetTools for iOS 8.20 contains a denial of service vulnerability in the Whois feature that allows attackers to crash the application by manipulating input. Attackers can paste a specially crafted 98-character buffer into the Domain Name field to trigger an application crash...

CVE-2019-25341 iNetTools for iOS 8.20 - 'Whois' Denial of Service

iNetTools for iOS 8.20 contains a denial of service vulnerability in the Whois feature that allows attackers to crash the application by manipulating input. Attackers can paste a specially crafted 98-character buffer into the Domain Name field to trigger an application crash...

CVE-2026-2143

A security vulnerability has been detected in D-Link DIR-823X 250416. This issue affects some unknown processing of the file /goform/setddns of the component DDNS Service. The manipulation of the argument ddnsType/ddnsDomainName/ddnsUserName/ddnsPwd leads to os command injection. The attack is...

EUVD-2019-19378

NetPCLinker 1.0.0.0 contains a buffer overflow vulnerability in the Clients Control Panel DNS/IP field that allows attackers to execute arbitrary shellcode. Attackers can craft a malicious payload in the DNS/IP input to overwrite SEH handlers and execute shellcode when adding a new client...

PT-2026-5464

NetPCLinker 1.0.0.0 contains a buffer overflow vulnerability in the Clients Control Panel DNS/IP field that allows attackers to execute arbitrary shellcode. Attackers can craft a malicious payload in the DNS/IP input to overwrite SEH handlers and execute shellcode when adding a new client...

EUVD-2002-1833

Malware in sbrugna...

ZOHO ManageEngine ADAudit Denial of Service Vulnerability

ZOHO ManageEngine ADAudit is a window Active Directory real-time auditing system from ZOHO USA. The system is capable of monitoring or auditing critical resources such as domain controllers in a network in real time. A denial of service vulnerability exists in ZOHO ManageEngine ADAudit versions...

CVE-2018-19118

Zoho ManageEngine ADAudit before 5.1 build 5120 allows remote attackers to cause a denial of service stack-based buffer overflow via the 'Domain Name' field when adding a new domain...

CVE-2018-13252

Entrust Datacard Syntera CS 5.x has XSS via the name field of "Domain or Computer Name" in the login page...

CVE-2018-13252

Entrust Datacard Syntera CS 5.x has XSS via the name field of "Domain or Computer Name" in the login page...

DEBIAN-CVE-2010-1645

Cacti before 0.8.7f, as used in Red Hat High Performance Computing HPC Solution and other products, allows remote authenticated administrators to execute arbitrary commands via shell metacharacters in 1 the FQDN field of a Device or 2 the Vertical Label field of a Graph Template...