CVE-2026-8836

A vulnerability was found in lwIP up to 2.2.1. Affected is the function snmpparseinboundframe of the file src/apps/snmp/snmpmsg.c of the component snmpv3 USM Handler. Performing a manipulation of the argument msgAuthenticationParameters results in stack-based buffer overflow. The attack may be...

Astra Linux - уязвимость в node-brace-expansion

A vulnerability was discovered in the juliangruber brace-expansion library, up to versions 1.1.11/2.0.1/3.0.0/4.0.0. This issue has been identified as problematic. The affected function is the “expand” function of the file index.js. Manipulation of this function leads to inefficient use of regula...

CVE-2023-50671

In exiftags 1.01, nikonprop1 in nikon.c has a heap-based buffer overflow write of size 28 because snprintf can write to an unexpected address...

PT-2025-35469

Name of the Vulnerable Software and Affected Versions: D-Link DI-7400G+ version 19.12.25A1 Description: A security flaw exists in the D-Link DI-7400G+ router. The issue is located in the sub 478D28 function of the /mng platform.asp file. Manipulation of the addr argument with the input echo 12345...

PT-2025-23912 · Unknown · Phpgurukul Complaint Management System

Name of the Vulnerable Software and Affected Versions: PHPGurukul Complaint Management System version 2.0 Description: A critical vulnerability was found in the PHPGurukul Complaint Management System. The issue affects an unknown function of the file /admin/between-date-complaintreport.php. The...

CVE-2024-7659

A vulnerability, which was classified as problematic, was found in projectsend up to r1605. Affected is the function generaterandomstring of the file includes/functions.php of the component Password Reset Token Handler. The manipulation leads to insufficiently random values. It is possible to...

CVE-2025-1209

A vulnerability classified as problematic has been found in code-projects Wazifa System 1.0. Affected is the function searchuser of the file /searchresualts.php. The manipulation of the argument firstname/lastname leads to cross site scripting. It is possible to launch the attack remotely. The...

PT-2024-17619 · Unknown · Code-Projects Online Class/Exam Scheduling System

Name of the Vulnerable Software and Affected Versions: code-projects Online Class and Exam Scheduling System version 1.0 Description: A critical issue has been found in the system, affecting an unknown function of the file /pages/rank update.php. The manipulation of the id argument leads to SQL...

DRIVE.NET, Inc.: [www.drive2.ru] Insufficient Security Configurability - Email notification is not being sent while changing passwords

Email notification was not sent while changing passwords. This issue was fixed. Best Practices As recommended practices, Due to missing notification email when changing password, If the password has been maliciously changed, the user will not be able to notice it, so immediate security measures...