637 matches found
CVE-2023-27890
The Export User plugin through 2.0 for MyBB allows XSS during the process of an admin generating DSGVO data for a user, via the Custom User Title, Location, or Bio field. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...
CVE-2023-34941
A stored cross-site scripting XSS vulnerability in the urlFilterList function of Asus RT-N10LX Router v2.0.0.39 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the URL Keyword List text field. NOTE: This vulnerability only affects products that are no...
CVE-2021-28246
CA eHealth Performance Manager through 6.3.2.12 is affected by Privilege Escalation via a Dynamically Linked Shared Object Library. A regular user must create a malicious library in the writable RPATH, to be dynamically linked when the emtgtctl2 executable is run. The code in the library will be...
CVE-2019-9748
In tinysvcmdns through 2018-01-16, an mDNS server processing a crafted packet can perform arbitrary data read operations up to 16383 bytes from the start of the buffer. This can lead to a segmentation fault in uncompressnlabel in mdns.c and a crash of the server depending on the memory protection...
PT-2025-21828 · D Link · D-Link Dap-2695
Name of the Vulnerable Software and Affected Versions: D-Link DAP-2695 version 120b36r137 ALL en 20210528 Description: A vulnerability was found in the ARP Spoofing Prevention Page component, specifically in the file /adv arpspoofing.php. The manipulation of the harp mac argument leads to...
RUSTSEC-2025-0036 surf is unmaintained
The developer has indicated that the crate is unmaintained. The last release is over three years old from 2021, the crate depends on the deprecated async-std crate and on a very old version of rustls for TLS support. Possible alternatives - reqwest - ureq...
surf is unmaintained
The developer has indicated that the crate is unmaintained. The last release is over three years old from 2021, the crate depends on the deprecated async-std crate and on a very old version of rustls for TLS support. Possible alternatives - reqwest - ureq...
PT-2025-21911 · Crates.Io · Surf
The developer has indicated that the crate is unmaintained. The last release is over three years old from 2021, the crate depends on the deprecated async-std crate and on a very old version of rustls for TLS support. Possible alternatives - reqwest - ureq...
CVE-2025-4451 D-Link DIR-619L formSetWAN_Wizard52 buffer overflow
A vulnerability has been found in D-Link DIR-619L 2.04B04 and classified as critical. Affected by this vulnerability is the function formSetWANWizard52. The manipulation of the argument curTime leads to buffer overflow. The attack can be launched remotely. The vendor was contacted early about thi...
fast_id_map has a soundness issue and is unmaintained
FastMap::get lacks sufficient checks to its parameter index and is used to unsafely get a Vec element. fastidmap is unmaintained...
GHSA-4H96-MV53-2C86 fast_id_map has a soundness issue and is unmaintained
FastMap::get lacks sufficient checks to its parameter index and is used to unsafely get a Vec element. fastidmap is unmaintained...
PT-2025-20400 · Crates.Io · Fast Id Map
FastMap::get lacks sufficient checks to its parameter index and is used to unsafely get a Vec element. fast id map is unmaintained...
RUSTSEC-2025-0034 soundness issue and unmaintained
FastMap::get lacks sufficient checks to its parameter index and is used to unsafely get a Vec element. fastidmap is unmaintained...
soundness issue and unmaintained
FastMap::get lacks sufficient checks to its parameter index and is used to unsafely get a Vec element. fastidmap is unmaintained...
soundness issue and unmaintained
shaman::cryptoutil::writeu64vle and other functions mentioned above cannot garantee memory safety of getunchecked later if both length are zero. shaman is unmaintained...
soundness issue and unmaintained
wrenrust::macros::defaultrealloc lacks sufficient checks to it pointer parameter which passed into free and realloc wrenrust is unmaintained...
RUSTSEC-2025-0064 soundness issue and unmaintained
wrenrust::macros::defaultrealloc lacks sufficient checks to it pointer parameter which passed into free and realloc wrenrust is unmaintained...
RUSTSEC-2025-0113 soundness issue and unmaintained
shaman::cryptoutil::writeu64vle and other functions mentioned above cannot garantee memory safety of getunchecked later if both length are zero. shaman is unmaintained...
CVE-2025-4348 D-Link DIR-600L formSetWanL2TP buffer overflow
A vulnerability was found in D-Link DIR-600L up to 2.07B01. It has been rated as critical. Affected by this issue is the function formSetWanL2TP. The manipulation of the argument host leads to buffer overflow. The attack may be launched remotely. This vulnerability only affects products that are ...
CVE-2025-4342 D-Link DIR-600L formEasySetupWizard3 buffer overflow
A vulnerability, which was classified as critical, has been found in D-Link DIR-600L up to 2.07B01. Affected by this issue is the function formEasySetupWizard3. The manipulation of the argument host leads to buffer overflow. The attack may be launched remotely. This vulnerability only affects...