D-Link DI-8100 缓冲区错误漏洞

The D-Link DI-8100 is a wireless broadband router designed for small and medium-sized network environments by D-Link Corporation. The D-Link DI-8100 version 16.07.26A1 contains a buffer overflow vulnerability. This vulnerability stems from a function in the POST Parameter Handler component called...

D-Link DI-8100 缓冲区错误漏洞

The D-Link DI-8100 is a wireless broadband router designed for small and medium-sized network environments by D-Link Corporation. The D-Link DI-8100 version 16.07.26A1 contains a buffer overflow vulnerability. This vulnerability stems from the function tgglasp in the file/tggl.asp within the HTTP...

Prefect 授权问题漏洞

Prefect is a workflow orchestration tool developed by Prefect OpenSource, enabling developers to build, monitor data pipelines, and respond to changes in those pipelines. Prefect versions 3.6.13 and earlier have a vulnerability related to authorization. This vulnerability stems from an unknown...

Code-Projects BloodBank Managing System 访问控制错误漏洞

The Code-Projects BloodBank Managing System is an open-source blood bank management system developed by Code-Projects. Version 1.0 of the code-projects BloodBank Managing System contains a vulnerability related to access control. This vulnerability stems from an unlimited upload function in the...

GoBGP 数字错误漏洞

GoBGP is an open-source implementation of the Border Gateway Protocol BGP developed by osrg. Versions of GoBGP prior to 4.3.0 contained a numerical error vulnerability. This vulnerability stemmed from an integer underflow in the function parseRibEntry within the file pkg/packet/mrt/mrt.go, allowi...

Calibre-Web Automated 授权问题漏洞

Calibre-Web Automated is a self-hosted digital library management tool developed by CrocodileStick’s individual developer. Versions of Calibre-Web Automated prior to 4.0.6 contained an authorization vulnerability. This vulnerability stemmed from an unknown feature in the Admin Endpoint component’...

GoBGP 缓冲区错误漏洞

GoBGP is an open-source implementation of the Border Gateway Protocol BGP developed by osrg. Versions of GoBGP prior to 4.3.0 contained a buffer error vulnerability. This vulnerability stems from a buffer overflow in the function PathAttributeAigp.DecodeFromBytes within the AIGP Attribute Parser...

Astra Linux – Vulnerability in libtirpc

In libtirpc before 1.3.3rc1, remote attackers could exhaust the file descriptors of a process that used libtirpc, as idle TCP connections were handled improperly. This could lead to an svcrun infinite loop without accepting new connections...

InnoShop 授权问题漏洞

InnoShop is an open-source e-commerce system based on Laravel 11, developed by InnoShop. Versions of InnoShop prior to 0.7.8 had authorization-related vulnerabilities. These vulnerabilities stemmed from improper authentication practices in the InstallServiceProvider::boot function found in the...

NextChat 访问控制错误漏洞

NextChat is an open-source project developed by NextChat for quickly deploying private ChatGPT web applications. Versions of NextChat 2.16.1 and earlier contained a access control vulnerability, which was caused by improper cross-domain policies in unknown functions in Next.js files. This...

NextChat 安全漏洞

NextChat is an open-source project developed by NextChat for quickly deploying private ChatGPT web applications. Versions of NextChat 2.16.1 and earlier contained a security vulnerability. This vulnerability stemmed from the improper authorization in the addMcpServer function within the...

TRENDnet TEW-821DAP 数据伪造问题漏洞

TRENDnet TEW-821DAP is a wireless access point from the company TRENDnet. Versions of TRENDnet TEW-821DAP prior to 1.12B01 contained a data falsification vulnerability. This vulnerability stems from insufficient validation of data authenticity in the platformdoupgradecameodev function within the...

The Ultimate Mathematical & AI Toolkit 路径遍历漏洞

The Ultimate Mathematical & AI Toolkit is a mathematical and AI toolkit developed by rUv. It supports sub-linear algorithms and consciousness exploration. Version 1.5.0 of the Ultimate Mathematical & AI Toolkit contains a path traversal vulnerability. This vulnerability stems from the exportstate...

AstrBot 安全漏洞

AstrBot is an open-source multi-platform LLM chatbot and development framework created by AstrBot. Versions of AstrBot 4.16.0 and earlier contain security vulnerabilities. These vulnerabilities stem from a hard-coded credential issue in the Dashboard component’s file...

MeTube 访问控制错误漏洞

MeTube is a self-hosted multi-site video download tool developed by Alex. Versions of MeTube prior to 2026.04.09 contained an access control vulnerability. This vulnerability stemmed from a cross-domain policy relaxation issue in the onprepare function of the app/main.py file in the CORS Policy...

CloudBase MCP 代码问题漏洞

CloudBase MCP is an open-source tool developed by Tencent CloudBase, serving as a bridge between AI programming tools and cloud deployment. Versions of CloudBase MCP 2.17.0 and earlier contain code vulnerabilities. These vulnerabilities stem from the openUrl function in the...

XXL-JOB 代码问题漏洞

XXL-JOB is a distributed task scheduling platform developed by Xuxue Li xuxueli. Versions of XXL-JOB 3.3.2 and earlier have code vulnerabilities. These vulnerabilities stem from operations on the parameter addressList in the function triggerJob of the trigger Endpoint. This operation allows for...

Processing-Claude MCP Bridge 路径遍历漏洞

Processing-Claude MCP Bridge is a bridge tool developed by Mariano, allowing for control of Processing applications via natural language. Processing-Claude MCP Bridge contains a path traversal vulnerability, which stems from the sketchname parameter in the processingserver.py file within the...

TOTOLINK N300RT 缓冲区错误漏洞

TOTOLINK N300RT is a wireless router from TOTOLINK Corporation that complies with the 802.11n standard. The TOTOLINK N300RT version 3.4.0-B20250430 contains a buffer error vulnerability. This vulnerability stems from a buffer overflow in the iscmdstringvalid function of the libapmib.so component,...

D-Link DIR-825M 缓冲区错误漏洞

The D-Link DIR-825M is a router produced by D-Link Corporation. Version 1.1.12 of the D-Link DIR-825M contains a buffer overflow vulnerability. This vulnerability arises from the parameter submit-url in the function sub414BA8 within the file /file/boafrm/formWanConfigSetup, which leads to a buffe...