CVE-2018-25295

The CVE-2018-25295 entry concerns the ObserverIP Scan Tool version 1.4.0.1. The vulnerability is a denial-of-service flaw triggered by submitting an excessively long string in the IP input field, with demonstrations showing a 2000-byte buffer of repeated characters causing the application to cras...

PT-2026-35265

ObserverIP Scan Tool 1.4.0.1 contains a denial of service vulnerability that allows local attackers to crash the application by submitting an excessively long string in the IP input field. Attackers can paste a 2000-byte buffer of repeated characters into the IP field and trigger a search operati...

CVE-2019-25388

Smoothwall Express 3.1-SP4-polar-x8664-update9 contains a reflected cross-site scripting vulnerability that allows unauthenticated attackers to inject malicious scripts by submitting crafted input to the ipblock.cgi endpoint. Attackers can inject script tags through the SRCIP and COMMENT paramete...

MiracleLinux 7 : qemu-kvm-1.5.3-175.el7.1 (AXSA:2020-748:04)

The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2020-748:04 advisory. QEMU: usb: out-of-bounds r/w access issue while processing usb packets CVE-2020-14364 QEMU: slirp: use-after-free in ipreass function in ipinput.c...

VulnCheck KEV: CVE-2025-34037

An OS command injection vulnerability exists in various models of E-Series Linksys routers via the /tmUnblock.cgi and /hndUnblock.cgi endpoints over HTTP on port 8080. The CGI scripts improperly process user-supplied input passed to the ttcpip parameter without sanitization, allowing...

The vulnerability in the wiz_pptp.cgi script of the Netgear R8500, XR300, R7000P, and R6400 v2 router software allows a hacker to cause a service failure.

The vulnerability in the wizpptp.cgi script of Netgear router microprogramming devices such as R8500, XR300, R7000P, and R6400 v2 lies in the copying of buffers without checking the size of the input data during the processing of the pptpuserip parameter. Exploiting this vulnerability allows a...

F5 BIG-IP 输入验证错误漏洞

F5 BIG-IP is an application delivery platform from F5 USA that integrates network traffic management, application security management, load balancing, etc. F5 BIG-IP has an input validation error vulnerability that could be exploited by an attacker to cause a denial of service on the BIG-IP syste...

The vulnerability of the ip_reass function in the QEMU hardware infrastructure, which allows a perpetrator to trigger a service failure.

The vulnerability of the ipreass function in ipinput.c in the QEMU hardware infrastructure is related to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to cause a service failure...

The vulnerability of the ip_reass function in the ip_input.c file of the TCP-IP emulator library Libslirp allows a perpetrator to gain unauthorized access to information, cause service failures, or affect the accessibility of information.

The vulnerability of the ipreass function in the ipinput.c file of the Libslirp TCP-IP emulator’s library is related to the execution of operations within acceptable data buffer limits. Exploiting this vulnerability can allow an attacker to gain unauthorized access to information, cause service...

CVE-2019-15060

The traceroute function on the TP-Link TL-WR840N v4 router with firmware through 0.9.1 3.16 is vulnerable to remote code execution via a crafted payload in an IP address input field...