Edimax EW-7438RPn 安全漏洞

The Edimax EW-7438RPn is a wireless signal extender from the Taiwan, China-based Xunzhou Edimax Corporation. A security vulnerability exists in the Edimax EW-7438RPn version 1.31, which originates from the operation of the function formSDHCP in the file /goform/formSDHCP on the parameter...

Tenda i12 路径遍历漏洞

The Tenda i12 is a ceiling-mounted wireless access point produced by the Chinese company Tenda. The version Tenda i12 1.0.0.113862 contains a path traversal vulnerability. This vulnerability stems from a path traversal issue in the HTTP Handler component, which may lead to path traversal attacks...

CVE-2026-5604

A security flaw has been discovered in Tenda CH22 1.0.0.1. The impacted element is the function formCertLocalPrecreate of the file /goform/CertLocalPrecreate of the component Parameter Handler. Performing a manipulation of the argument standard results in stack-based buffer overflow. Remote...

CVE-2026-24111

An issue was discovered in Tenda W20E V4.0brV15.11.0.6. Attackers may exploit the vulnerability by specifying the value of userInfo. When userInfo is passed into the addAuthUser function and processed by sscanf without size validation, it could lead to buffer overflow...

📄 Samsung QuramDng Malformed DNG TrimBounds Opcode Out‑Of‑Bounds Read

A vulnerability exists in the image decoding logic of Quram DNG parser within libimagecodec.quram.so. The flawed bounds validation in handling TrimBounds opcode triggers out-of-bounds reads on heap-allocated image buffers. This issue allows remote attackers to craft a malicious DNG payload, embed...

ABB B&R PCs

SUMMARY ABB became aware of vulnerability in the product versions listed as affected in the advisory. An update is now available that addresses and remediates the vulnerability. A network attacker could exploit the vulnerabilities to execute remote code, initiate DoS attacks, conduct DNS cache...

CVE-2020-7511

A CWE-327: Use of a Broken or Risky Cryptographic Algorithm vulnerability exists in Easergy T300 Firmware version 1.5.2 and older which could allow an attacker to acquire a password by brute force...

CVE-2022-4982

DBLTek GoIP-1 firmware versions up to and including GHSFVT-1.1-67-5 contain a local file inclusion vulnerability. The device's web server exposes handlers frame.html and frame.A100.html that accept a path parameter content or sidebar which is not properly validated or canonicalized. An attacker c...

PT-2025-44658

Name of the Vulnerable Software and Affected Versions Totolink A7000R version 9.1.0u.6115 B20201022 Description The software contains a stack overflow issue through the wifiOff parameter within the sub 421A04 function. A crafted request can trigger a Denial of Service DoS. Recommendations At the...

EUVD-2016-3416

Malware in sbrugna...

EUVD-2006-0381

Malware in sbrugna...

EUVD-2020-17884

Malware in sbrugna...

EUVD-2014-4647

Malware in sbrugna...

EUVD-2022-52940

Malicious code in bioql PyPI...

EUVD-2021-34029

Malicious code in bioql PyPI...

CVE-2025-9357 Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 langSwitchByBBS stack-based overflow

A vulnerability was identified in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This affects the function langSwitchByBBS of the file /goform/langSwitchByBBS. The manipulation of the argument langSelectionOnly leads to stack-bas...

CVE-2025-55605

CVE-2025-55605 affects Tenda AX3 (V16.03.12.10_CN). A buffer overflow in saveParentControlInfo is triggered via the deviceName parameter, enabling potential denial of service. Public sources (CNVD/CNVD-related entries, Red Hat, NVD, CVE list, PT-Security) confirm the fault originates in saveParen...

CVE-2025-34129 LILIN DVR RCE via Malicious FTP/NTP Configuration

A command injection vulnerability exists in LILIN Digital Video Recorder DVR devices prior to firmware version 2.0b6020200207 due to insufficient sanitization of the FTP and NTP Server fields in the service configuration. An attacker with access to the configuration interface can upload a malicio...

CVE-2023-47565

An OS command injection vulnerability has been found to affect legacy QNAP VioStor NVR models running QVR Firmware 4.x. If exploited, the vulnerability could allow authenticated users to execute commands via a network. We have already fixed the vulnerability in the following versions: QVR Firmwar...

CVE-2023-38433

Fujitsu Real-time Video Transmission Gear "IP series" use hard-coded credentials, which may allow a remote unauthenticated attacker to initialize or reboot the products, and as a result, terminate the video transmission. Affected products and versions are as follows: IP-HE950E firmware versions...