CVE-2023-36622

The websocket configuration endpoint of the Loxone Miniserver Go Gen.2 before 14.1.5.9 allows remote authenticated administrators to inject arbitrary OS commands via the timezone parameter...

CVE-2023-33669

Tenda AC8V4.0-V16.03.34.06 was discovered to contain a stack overflow via the timeZone parameter in the sub44db3c function...

CVE-2022-43259

Tenda AC15 V15.03.05.18 was discovered to contain a stack overflow via the timeZone parameter in the formfastsettingwifiset function...

CVE-2022-24163

Tenda AX3 v16.03.12.10CN was discovered to contain a stack overflow in the function fromSetSysTime. This vulnerability allows attackers to cause a Denial of Service DoS via the timeZone parameter...

CVE-2022-43102

Tenda AC23 V16.03.07.45cn was discovered to contain a stack overflow via the timeZone parameter in the fromSetSysTime function...

CVE-2022-43028

Tenda TX3 USTX3V1.0brV16.03.13.11multiTDE01 was discovered to contain a stack overflow via the timeZone parameter at /goform/SetSysTimeCfg...

CVE-2021-37354

Xerox Phaser 4622 v35.013.01.000 was discovered to contain a buffer overflow in the function sub3226AC via the TIMEZONE variable. This vulnerability allows attackers to cause a Denial of Service DoS via crafted overflow data...

CVE-2020-24032

tz.pl on XoruX LPAR2RRD and STOR2RRD 2.70 virtual appliances allows cmd=set=OS command injection via shell metacharacters in a timezone...

CVE-2020-22079

Stack-based buffer overflow in Tenda AC-10U AC1200 Router USAC10UV1.0RTLV15.03.06.48multiTDE01 allows remote attackers to execute arbitrary code via the timeZone parameter to goform/SetSysTimeCfg...

CVE-2024-55063

Multiple Code Injection vulnerabilities in EasyVirt DC NetScope = 8.7.0 allows remote authenticated attackers to execute arbitrary code via the 1 lang parameter to /international/keyboard/options; the 2 keyboardlayout or 3 keyboardvariant parameter to /international/settings/keyboard; the 4...

MGASA-2025-0156 Updated java-1.8.0-openjdk, java-11-openjdk, java-17-openjdk & java-latest-openjdk packages fix security vulnerabilities

Better TLS connection support. CVE-2025-21587 Improve compiler transformations. CVE-2025-30691 Enhance Buffered Image handling. CVE-2025-30698 The updated timezone data are needed by the new Java packages...

Updated java-1.8.0-openjdk, java-11-openjdk, java-17-openjdk & java-latest-openjdk packages fix security vulnerabilities

Better TLS connection support. CVE-2025-21587 Improve compiler transformations. CVE-2025-30691 Enhance Buffered Image handling. CVE-2025-30698 The updated timezone data are needed by the new Java packages...

SUSE-SU-2025:1525-1 Security update for java-1_8_0-openjdk

This update for java-180-openjdk fixes the following issues: Update to version jdk8u452 icedtea-3.35.0 Security issues fixed: - CVE-2025-21587: unauthorized creation, deletion or modification of critical data through the JSSE component. bsc1241274 - CVE-2025-30691: unauthorized update, insert or...

perl-DateTime-TimeZone bug fix and enhancement update

An update is available for perl-DateTime-TimeZone. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the...

perl-DateTime-TimeZone bug fix and enhancement update

An update is available for perl-DateTime-TimeZone. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the...

Configure Audit Rules for Time Changes

The system time is essential for the normal running of services. The system time can be changed through synchronization with the time server and manual operations of administrators. The latter is prone to attacks because attackers can change the system time to invalidate some protection policies...

The vulnerability of the form_fast_setting_wifi_set() function (/goform/fast_setting_wifi_set) in the Tenda AC6 router’s microprogramming software allows a hacker to trigger a service failure.

The vulnerability of the formfastsettingwifiset function /goform/fastsettingwifiset in the Tenda AC6 router’s microprogramming software is related to buffer overflow in the stack when processing the timeZone parameter. Exploiting this vulnerability could allow a remote attacker to cause a service...

CVE-2025-3328

A vulnerability was found in Tenda AC1206 15.03.06.23. It has been classified as critical. Affected is the function formfastsettingwifiset of the file /goform/fastsettingwifiset. The manipulation of the argument ssid/timeZone leads to buffer overflow. It is possible to launch the attack remotely...

Tenda AC1206 缓冲区错误漏洞

Shenzhen Jixiang Tengda Technology Co., Ltd AC1206 is a high-performance wireless router designed for 200M and above broadband users. A buffer overflow vulnerability exists in the Shenzhen Jixiang Tengda Technology Company Limited AC1206. The vulnerability stems from the formfastsettingwifiset...

[SECURITY] [DLA 4105-1] tzdata new timezone database

------------------------------------------------------------------------- Debian LTS Advisory DLA-4105-1 [email protected] https://www.debian.org/lts/security/ Emilio Pozuelo Monfort April 01, 2025 https://wiki.debian.org/LTS -...