25058 matches found
EUVD-2026-10483
The Unlimited Elements for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the form entry fields in all versions up to, and including, 2.0.5. This is due to insufficient input sanitization and output escaping on form submission data displayed in the admin Form...
EUVD-2026-10482
The Unlimited Elements for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the form entry fields in all versions up to, and including, 2.0.5. This is due to insufficient input sanitization and output escaping on form submission data displayed in the admin Form...
CLSA-2026-1773161647 go-rpm-macros: Fix of CVE-2025-61726
CVE-2025-61726: fix denial of service due to excessive memory consumption when parsing a large form - version update to 1.25.6...
CVE-2026-2724 Unlimited Elements For Elementor <= 2.0.5 - Unauthenticated Stored Cross-Site Scripting via Form Entry Fields
The Unlimited Elements for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the form entry fields in all versions up to, and including, 2.0.5. This is due to insufficient input sanitization and output escaping on form submission data displayed in the admin Form...
CVE-2026-2724
The Unlimited Elements for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the form entry fields in all versions up to, and including, 2.0.5. This is due to insufficient input sanitization and output escaping on form submission data displayed in the admin Form...
CVE-2026-2724 Unlimited Elements For Elementor <= 2.0.5 - Unauthenticated Stored Cross-Site Scripting via Form Entry Fields
The Unlimited Elements for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the form entry fields in all versions up to, and including, 2.0.5. This is due to insufficient input sanitization and output escaping on form submission data displayed in the admin Form...
CVE-2026-2724
CVE-2026-2724 concerns the WordPress plugin Unlimited Elements for Elementor (vulnerable up to 2.0.5). The issue is stored cross-site scripting via form entry fields, caused by insufficient input sanitization and output escaping on form submissions displayed in the admin Form Entries Trash view. ...
golang: net/url: Memory exhaustion in query parameter parsing in net/url
A flaw was found in the net/url package in the Go standard library. The package does not enforce a limit on the number of unique query parameters it parses. A Go application using the net/http.Request.ParseForm method will try to process all parameters provided in the request. A specially crafted...
CVE-2026-3808
A vulnerability was detected in Tenda FH1202 1.2.0.14408. The affected element is the function formWebTypeLibrary of the file /goform/webtypelibrary. Performing a manipulation of the argument webSiteId results in stack-based buffer overflow. The attack may be initiated remotely. The exploit is no...
CVE-2025-70238
Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetWANWizard52...
PT-2026-24408
Name of the Vulnerable Software and Affected Versions D-Link DIR-513 version 1.10 Description A stack buffer overflow exists due to the handling of the nextPage parameter in the 'goform/formLanguageChange' component. This issue could allow for unexpected behavior. Recommendations At the moment,...
D-Link DIR-513 goform/formAdvFirewall File Buffer Overflow Vulnerability
D-Link DIR-513 is a wireless router product from China's AUO D-Link. A buffer overflow vulnerability exists in the D-Link DIR-513 v1.10 version. The vulnerability stems from the goform/formAdvFirewall component failing to properly validate the length and size of input data, which can be exploited...
PT-2026-24399
Name of the Vulnerable Software and Affected Versions D-Link DIR-513 version 1.10 Description A stack buffer overflow condition exists in D-Link DIR-513 version 1.10. The issue is triggered by providing input to the curTime parameter within the ''/goform/formSetWizard1'' endpoint. This could allo...
CVE-2025-70246
Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formVirtualServ...
CVE-2025-70251
Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the webPage parameter to goform/formWlanGuestSetup...
编号撤回
“form” is a form state management program developed by TanStack. “R” is a statistical computing software provided by The R Foundation. This CVE number has been withdrawn...
CVE-2025-70244
Technical details beyond the brief description are not provided in the connected documents. Monitor for updates.
CVE-2025-70227
Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the nextPage parameter to goform/formLanguageChange...
CVE-2025-70247
Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formSetWizard1...
CVE-2025-70227
Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the nextPage parameter to goform/formLanguageChange...