CVE-2026-8728

A security vulnerability has been detected in Open5GS up to 2.7.7. The impacted element is the function ogssbidiscoveryoptionparseplmnlist in the library /lib/sbi/conv.c of the component NRF. Such manipulation of the argument target-plmn-list leads to denial of service. The attack can be executed...

RPD:bmc-rpd (=1.1), aendter.jenkins.plugins:filesystem-list-parameter-plugin (>=0.0.1 <=0.0.6) +25511 more potentially affected by CVE-2026-22745 via org.springframework:spring-webmvc (>=1.2.1 <=5.3.4)

org.springframework:spring-webmvc MAVEN version =1.2.1, =0.0.1, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =1.1.0, =4.4.0.0, =0.0.12, =0.1.15 and more Source cves: CVE-2026-22745 Source advisory: OSV:GHSA-6P4F-WCWH-5VVM...

CVE-2024-36058

The Send Basket functionality in Koha Library before 23.05.10 is susceptible to Time-Based SQL Injection because it fails to sanitize the POST parameter biblist in /cgi-bin/koha/opac-sendbasket.pl, allowing library users to read arbitrary data from the database...

EUVD-2024-55539

The Send Basket functionality in Koha Library before 23.05.10 is susceptible to Time-Based SQL Injection because it fails to sanitize the POST parameter biblist in /cgi-bin/koha/opac-sendbasket.pl, allowing library users to read arbitrary data from the database...

CVE-2024-36058

The Send Basket functionality in Koha Library before 23.05.10 is susceptible to Time-Based SQL Injection because it fails to sanitize the POST parameter biblist in /cgi-bin/koha/opac-sendbasket.pl, allowing library users to read arbitrary data from the database...

CVE-2024-36058

The Send Basket functionality in Koha Library before 23.05.10 is susceptible to Time-Based SQL Injection because it fails to sanitize the POST parameter biblist in /cgi-bin/koha/opac-sendbasket.pl, allowing library users to read arbitrary data from the database...

CVE-2025-69765

Tenda AX3 firmware v16.03.12.11 contains a stack overflow in formGetIptv function and the list parameter, which can cause memory corruption and enable remote code execution...

CVE-2025-69765

Tenda AX3 firmware v16.03.12.11 contains a stack overflow in formGetIptv function and the list parameter, which can cause memory corruption and enable remote code execution...

CVE-2025-69765

CVE-2025-69765 concerns Tenda AX3 firmware 16.03.12.11. The issue is a stack overflow in the formGetIptv function related to the list parameter, causing memory corruption and enabling remote code execution. Documentation does not provide exploit specifics or in-the-wild details. No remediation or...

Tenda Ax3 安全漏洞

The Tenda Ax3 is a Wi-Fi 6 dual-band router with a gigabit port from the Chinese company Tenda. The Tenda Ax3 v16.03.12.11 version contains a security vulnerability. This vulnerability stems from a stack overflow issue in the formGetIptv function and the list parameter, which may lead to memory...

CVE-2019-25412

Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting unsanitized input through the NTPSERVERLIST parameter. Attackers can send POST requests to the /korugan/time endpoint with script payloads in the...

CVE-2026-2528

A vulnerability was identified in Wavlink WL-WN579A3 up to 20210219. Affected by this vulnerability is the function DeleteMaclist of the file /cgi-bin/wireless.cgi. The manipulation of the argument deletelist leads to command injection. Remote exploitation of the attack is possible. The exploit i...

CVE-2026-2000

A vulnerability was found in DCN DCME-320 up to 20260121. Impacted is the function applyconfig of the file /function/system/basic/bridgecfg.php of the component Web Management Backend. Performing a manipulation of the argument iplist results in command injection. The attack is possible to be...

DCN DCME-320 命令注入漏洞

DCN DCME-320 is an Internet exchange gateway router developed by China's DCN Technology Co., Ltd. Versions of DCN DCME-320 prior to 20260121 contained a command injection vulnerability. This vulnerability stemmed from incorrect operations with the parameter iplist in the function applyconfig with...

PT-2026-6684

Name of the Vulnerable Software and Affected Versions DCN DCME-320 versions up to 20260121 Description A flaw exists in the Web Management Backend component of DCN DCME-320. Specifically, manipulating the ip list argument within the apply config function of the /function/system/basic/bridge cfg.p...

CVE-2025-69762

Tenda AX3 firmware v16.03.12.11 contains a stack overflow in formSetIptv via the list parameter, which can cause memory corruption and enable remote code execution...

CVE-2025-69762

Tenda AX3 firmware v16.03.12.11 contains a stack overflow in formSetIptv via the list parameter, which can cause memory corruption and enable remote code execution...

CVE-2025-69762

Tenda AX3 firmware v16.03.12.11 contains a stack overflow in formSetIptv via the list parameter, which can cause memory corruption and enable remote code execution...

CVE-2025-69762

Tenda AX3 firmware v16.03.12.11 contains a stack overflow in formSetIptv via the list parameter, which can cause memory corruption and enable remote code execution...

PT-2026-3774

Name of the Vulnerable Software and Affected Versions Tenda AX-1806 version 1.0.0.1 Description The Tenda AX-1806 wireless router contains a stack overflow in the deviceList parameter of the formSetWifiMacFilterCfg function. A crafted request can cause a Denial of Service DoS. The vulnerable...