CVE-2026-2329 Grandstream GXP1600 VoIP Phones - Unauthenticated stack buffer overflow

An unauthenticated stack-based buffer overflow vulnerability exists in the HTTP API endpoint /cgi-bin/api.values.get. A remote attacker can leverage this vulnerability to achieve unauthenticated remote code execution RCE with root privileges on a target device. The vulnerability affects all six...

CVE-2025-14186 Grandstream GXP1625 Network Status api.values.post cross site scripting

A security flaw has been discovered in Grandstream GXP1625 1.0.7.4. The impacted element is an unknown function of the file /cgi-bin/api.values.post of the component Network Status Page. Performing manipulation of the argument vpnip results in basic cross site scripting. Remote exploitation of th...

CVE-2025-14186 Grandstream GXP1625 Network Status api.values.post cross site scripting

A security flaw has been discovered in Grandstream GXP1625 1.0.7.4. The impacted element is an unknown function of the file /cgi-bin/api.values.post of the component Network Status Page. Performing manipulation of the argument vpnip results in basic cross site scripting. Remote exploitation of th...

EUVD-2022-7702

Malicious code in bioql PyPI...

MESbook Information Disclosure Vulnerability

MESbook is a web-based system from MESbook Inc. connects to factory machines and converts data into information for real-time management. MESbook has an information disclosure vulnerability that can be exploited by a local attacker to access different resources by changing the application's API...