PT-2024-2494 · Tenda · Tenda Ac7

Name of the Vulnerable Software and Affected Versions: Tenda AC7 version 15.03.06.44 Description: A critical issue was found in the saveParentControlInfo function of the /goform/saveParentControlInfo file, which is related to a stack-based buffer overflow. This can be exploited remotely by...

PT-2024-21039 · 74Cms · 74Cms

Name of the Vulnerable Software and Affected Versions: 74CMS version 3.28.0 Description: A critical issue has been found in the function sendCompanyLogo of the file /controller/company/Index.phpsendCompanyLogo of the component Company Logo Handler. The manipulation of the argument imgBase64 leads...

PT-2024-2386 · Tenda · Tenda Ac15

Name of the Vulnerable Software and Affected Versions: Tenda AC15 versions 15.03.05.18 through 15.03.20 multi Description: The issue is related to the function formSetSambaConf at the /goform/setsambacfg endpoint, where the usbName parameter is not properly sanitized, leading to OS command...

PT-2024-2265 · Tenda · Tenda Ac18

Name of the Vulnerable Software and Affected Versions: Tenda AC18 version 15.03.05.05 Description: A critical issue affects the formSetDeviceName function of the /goform/SetOnlineDevName file, leading to a stack-based buffer overflow when the devName or mac argument is manipulated. This can be...

PT-2024-3377 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.8-rc7 Description: The issue is related to a double-free vulnerability in the ns update nuse function, which can lead to a denial of service. When nvme identify ns fails, it frees the pointer to the struct nvm...

PT-2024-2266 · Tenda · Tenda Ac18

Name of the Vulnerable Software and Affected Versions: Tenda AC18 version 15.03.05.05 Description: A critical vulnerability was found in the function setSchedWifi of the file /goform/openSchedWifi. The manipulation of the arguments schedStartTime and schedEndTime leads to a stack-based buffer...

PT-2024-13669 · Projeqtor · Projeqtor

Name of the Vulnerable Software and Affected Versions: ProjeQtOr version 11.0.2 Description: A Cross Site Scripting XSS issue allows a remote attacker to execute arbitrary code via a crafted script to the checkvalidHtmlText function in the ack.php and security.php files. This enables the attacker...

PT-2024-6391 · Gpac +2 · Gpac +2

Name of the Vulnerable Software and Affected Versions: GPAC version 2.2.1 Description: The issue is related to a Use-After-Free UAF vulnerability in the dasher configure pid function. This vulnerability can be exploited by a remote attacker to cause a denial of service. The dasher configure pid...

PT-2024-20329 · Unknown · Mediaserver

Name of the Vulnerable Software and Affected Versions: media-server version 1.0.0 Description: The issue is related to a Use-After-Free UAF vulnerability. This vulnerability occurs when the sip subscribe remove function is used. The UAF vulnerability is a type of memory corruption bug that can...

PT-2024-15940 · Unknown · Flink-Extended Ai-Flow +1

Name of the Vulnerable Software and Affected Versions: flink-extended ai-flow version 0.3.1 Description: A critical issue has been found, affecting the function cloudpickle.loads of the file ai flowclicommandsworkflow command.py. This issue leads to deserialization and can be exploited remotely...

PT-2023-31215 · Totolink · Totolink A7000R

Name of the Vulnerable Software and Affected Versions: TOTOLink A7000R version 9.1.0u.6115 B20201022 Description: The issue is a stack overflow vulnerability. It can be exploited via the setIpPortFilterRules function. Recommendations: For TOTOLink A7000R version 9.1.0u.6115 B20201022, as a...

PT-2023-8889 · D Link · D-Link Dir-882

Name of the Vulnerable Software and Affected Versions: D-Link DIR-882 version DIR882A1 FW130B06 Description: The issue is caused by a stack overflow in the sub 477AA0 function of the D-Link DIR-882 router's firmware. This can allow a remote attacker to cause a denial of service or execute arbitra...

PT-2023-6593 · Tp Link · Tp-Link Tl-Wr886N

Name of the Vulnerable Software and Affected Versions: TP-LINK TL-WR886N version 7.0 3.0.14 Build 221115 Rel.56908n.bin Description: The issue is related to a stack overflow in the registerRequestHandle function, which can be exploited by a remote attacker to impact the integrity, availability, a...

PT-2023-27700 · Unknown · Prixan Prixanconnect

Name of the Vulnerable Software and Affected Versions: Prixan prixanconnect versions up to v1.62 Description: The issue is related to a SQL injection vulnerability via the component CartsGuruCatalogModuleFrontController::importProducts. This vulnerability allows for the injection of malicious SQL...

PT-2023-5765 · D Link · D-Link Dir-823G

Name of the Vulnerable Software and Affected Versions: D-Link DIR-823G version A1V1.0.2B05 Description: The issue is related to a buffer overflow in the SetWLanRadioSettings function via the TXPower parameter. This allows attackers to cause a Denial of Service DoS via a crafted input...

PT-2023-5729 · D Link · D-Link Dir-823G

Name of the Vulnerable Software and Affected Versions: D-Link DIR-823G version A1V1.0.2B05 Description: The issue is related to a buffer overflow in the SetWLanRadioSettings function when handling the GuardInt parameter. This allows attackers to cause a Denial of Service DoS via a crafted input...

PT-2023-5732 · D Link · D-Link Dir-823G

Name of the Vulnerable Software and Affected Versions: D-Link DIR-823G version A1V1.0.2B05 Description: The issue is related to a buffer overflow in the SetParentsControlInfo function when handling the Mac parameter. This allows attackers to cause a Denial of Service DoS via crafted input. The...

PT-2023-26097 · Gpac +1 · Gpac +1

Name of the Vulnerable Software and Affected Versions: GPAC version 2.3-DEV-rev381-g817a848f6-master Description: A segmentation violation was discovered in the gf dump vrml sffield function at /lib/libgpac.so. This issue affects the specified version of GPAC. Recommendations: For GPAC version...

PT-2023-5078 · Milesight · Milesight Ur32L

Name of the Vulnerable Software and Affected Versions: Milesight UR32L version 32.3.0.5 Description: Multiple buffer overflow vulnerabilities exist in the vtysh ubus binary due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An...

PT-2023-5085 · Milesight · Milesight Ur32L

Name of the Vulnerable Software and Affected Versions: Milesight UR32L version 32.3.0.5 Description: The issue is caused by a buffer overflow vulnerability in the handle interface acl function of the vtysh ubus binary, due to the use of an unsafe sprintf pattern. This can be triggered by a...