404 matches found
CVE-2025-11785 Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50
Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. In the 'ShowMeterPasswords' function, there is an unlimited user input that is copied to a fixed-size buffer via 'sprintf'. The 'GetParametermeter' function retrieves the user input, which is directly incorporated...
CVE-2025-11782 Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50
Stack-based buffer overflow vulnerability in Circutor SGE-PLC1000/SGE-PLC50 v9.0.2. The 'ShowDownload' function uses “sprintf” to format a string that includes the user-controlled input of 'GetParametermeter' in the fixed-size buffer 'acStack4c' 64 bytes without checking the length. An attacker c...
PT-2025-48670
Name of the Vulnerable Software and Affected Versions Circutor SGE-PLC1000/SGE-PLC50 version 9.0.2 Description A stack-based buffer overflow exists due to insufficient input validation. The GetParametermeter function retrieves user-supplied input, specifically the meter parameter, and copies it...
kernel: i40e: add validation for ring_len param
A flaw was identified in the Intel “i40e” Ethernet driver in the Linux Kernel where the ringlen parameter supplied by a VF virtual function is passed unchecked to the hardware memory context. If a malicious Virtual function provides a too-large or misaligned ringlen, it may allow the device to...
Fortinet FortiExtender 安全漏洞
Fortinet FortiExtender is a wireless WAN wide area network extender device from Fortinet. The Fortinet FortiExtender suffers from a buffer overflow vulnerability that originates from buffer copying without checking the input size, which can be exploited by an attacker to cause an authenticated us...
HP Integrated Lights-Out Buffer Copy without Checking Size of Input (CVE-2021-29202)
"A local buffer overflow vulnerability was discovered in HPE Integrated Lights-Out 4 iLO 4 %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if description scriptid504415; scriptversion"1.1"; scriptsetattributeattribute:"pluginmodificationdate", value:"2025/11/13";...
Unchecked Input For Loop Condition
com.liferay.portal, com.liferay.portal.impl is vulnerable to unchecked input for loop condition. The vulnerability is due to improper validation of input data in XML-RPC requests, which allows an attacker to perform a denial-of-service DoS attack by sending a crafted XML-RPC request...
CVE-2025-12142
CVE-2025-12142 affects ABB Terra AC wallbox (versions up to 1.8.33). The issue is a classic buffer overflow (buffer copy without checking input size). According to connected sources, processing crafted input may lead to code execution or firmware behavior alteration. Remediation referenced across...
ABB Terra AC wallbox 安全漏洞
The ABB Terra AC wallbox is ABB's superior EV home charger, offering high value quality, future-proof flexibility, and advanced security and protection. A security vulnerability exists in ABB Terra AC wallbox version 1.8.33 and earlier, which originates from buffer copying without checking the...
CVE-2025-8483
The The Discussion Board – WordPress Forum Plugin plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 2.5.5. This is due to the software allowing users to execute an action that does not properly validate a value before running doshortcode. Th...
Juniper Networks Junos OS SRX和Juniper Networks Junos OS MX 安全漏洞
Juniper Networks Junos OS is a Juniper Networks USA network operating system dedicated to the company's hardware devices. The operating system provides a secure programming interface and the Junos SDK. A security vulnerability exists in Juniper Networks Junos OS on SRX Series and MX Series versio...
WordPress plugin Find Me On 安全漏洞
WordPress Find Me On plugin is a downgraded plugin that is mainly used to add social media link portals to your website. WordPress Find Me On plugin suffers from a SQL injection vulnerability that stems from the application's lack of validation of externally entered SQL statements. The...
SUSE CVE-2025-59731
When decoding an OpenEXR file that uses DWAA or DWAB compression, the specified raw length of run-length-encoded data is not checked when using it to calculate the output data. We read rlerawsize from the input file at 0, we decompress and decode into the buffer td-rlerawdata of size rlerawsize a...
EUVD-2024-47635
Malicious code in bioql PyPI...
EUVD-2023-26572
Malicious code in bioql PyPI...
EUVD-2025-13674
Malicious code in bioql PyPI...
EUVD-2023-54128
Malicious code in bioql PyPI...
EUVD-2023-58962
Malicious code in bioql PyPI...
EUVD-2023-12458
Malicious code in bioql PyPI...
CVE-2025-21481
CVE-2025-21481 is linked to memory corruption during private key encryption in a trusted application, specifically within the Adreno GPU DRM driver. The PT-2025-23797 entry describes a use-after-free condition in the Direct Rendering Manager (DRM) Driver of the Adreno GPU, affecting unspecified A...