120932 matches found
TOTOLINK A3300R cstecgi.cgi File Buffer Overflow Vulnerability
TOTOLINK A3300R is a dual-band wireless router manufactured by China's Gion Electronics TOTOLINK, mainly used for home and small network environments. The TOTOLINK A3300R suffers from a buffer overflow vulnerability that originates from the parameter ip of the function setDmzCfg in the file...
TOTOLINK A3300R setOpModeCfg function stack buffer overflow vulnerability
TOTOLINK A3300R is a dual-band wireless router manufactured by China's Gion Electronics TOTOLINK, mainly used for home and small network environments. The TOTOLINK A3300R suffers from a stack buffer overflow vulnerability that originates from the parameter opmode in the setOpModeCfg function in t...
Tenda CH22 fromSafeMacFilter function buffer overflow vulnerability
Tenda CH22 is a network device from Tenda, China. A buffer overflow vulnerability exists in the Tenda CH22 version 1.0.0.1, which originates from the failure of the fromSafeMacFilter function parameter page in the /goform/SafeMacFilter file to correctly validate the length of the input data, and...
Tenda CH22 fromSafeClientFilter function buffer overflow vulnerability
Tenda CH22 is a network device from Tenda, China. Tenda CH22 version 1.0.0.1 suffers from a buffer overflow vulnerability, which originates from the parameter page of the function fromSafeClientFilter in the file /goform/SafeClientFilter fails to correctly validate the length of the input data, a...
Tenda CH22 fromP2pListFilter function buffer overflow vulnerability
Tenda CH22 is a network device from Tenda, China. Tenda CH22 version 1.0.0.1 suffers from a buffer overflow vulnerability, which originates from the parameter page of the function fromP2pListFilter in the file /goform/P2pListFilter fails to correctly validate the length of the input data, and can...
TOTOLINK A3300R enable parameter buffer overflow vulnerability
The TOTOLINK A3300R is a wireless router from China's Gion Electronics TOTOLINK. A buffer overflow vulnerability exists in TOTOLINK A3300R version 17.0.0cu.557B20221024, which originates from the parameter enable in the file /cgi-bin/cstecgi.cgi that fails to correctly validate the length and siz...
Tenda CH22 fromVirtualSer function buffer overflow vulnerability
Tenda CH22 is a network device from Tenda, China. Tenda CH22 version 1.0.0.1 suffers from a buffer overflow vulnerability, which originates from the parameter page of the function fromVirtualSer in the file /goform/VirtualSer that fails to correctly validate the length of the input data, and can ...
CVE-2025-34277
Nagios Log Server versions prior to 2024R1.3.1 contain a code injection vulnerability where malformed dashboard ID values are not properly validated before being forwarded to an internal API. An attacker able to supply crafted dashboard ID values can cause the system to execute attacker-controlle...
CVE-2025-34277
Nagios Log Server versions prior to 2024R1.3.1 contain a code injection vulnerability where malformed dashboard ID values are not properly validated before being forwarded to an internal API. An attacker able to supply crafted dashboard ID values can cause the system to execute attacker-controlle...
CVE-2024-14005
Nagios XI versions prior to 2024R1.2 contain a command injection vulnerability in the Docker Wizard. Insufficient validation of user-supplied input in the wizard allows an authenticated administrator to inject shell metacharacters that are incorporated into backend command invocations. Successful...
CVE-2025-34284
CVE-2025-34284 affects Nagios XI versions before 2024R2, via the WinRM plugin. The issue arises from insufficient validation of user-supplied parameters in the WinRM plugin, allowing an authenticated administrator to inject shell metacharacters that are used in backend command invocations. Exploi...
[SECURITY] [DSA 6046-1] chromium security update
------------------------------------------------------------------------- Debian Security Advisory DSA-6046-1 [email protected] https://www.debian.org/security/ Andres Salomon October 30, 2025 https://www.debian.org/security/faq -...
CVE-2025-10921
A heap-based buffer-overflow in GIMP’s HDR RGBE file parsing CVE-2025-10921 / ZDI-25-910 allows an attacker to execute arbitrary code when a user opens or is tricked into previewing a malicious HDR file. The flaw is caused by missing length validation before copying user-supplied HDR data into a...
EUVD-2025-36899
A flaw was found in the X.Org X server and Xwayland when processing X11 Present extension notifications. Improper error handling during notification creation can leave dangling pointers that lead to a use-after-free condition. This can cause memory corruption or a crash, potentially allowing an...
CVE-2025-62229
A flaw was found in the X.Org X server and Xwayland when processing X11 Present extension notifications. Improper error handling during notification creation can leave dangling pointers that lead to a use-after-free condition. This can cause memory corruption or a crash, potentially allowing an...
thunderbird: firefox: Memory safety bugs
A flaw was found in Thunderbird and Firefox. The Mozilla Foundation's Security Advisory describes the following issue: Memory safety bugs present in Firefox ESR 115.28, Firefox ESR 140.3, Thunderbird ESR 140.3, Firefox 143 and Thunderbird 143. Some of these bugs showed evidence of memory corrupti...
CVE-2025-60595
SPH Engineering UgCS 5.13.0 is vulnerable to Arbitary code execution...
Google Chrome Heap Buffer Overflow Vulnerability
Google Chrome is a web browser developed by Google Inc. Google Chrome suffers from a heap buffer overflow vulnerability that stems from a heap buffer overflow issue in the WebGPU component. An attacker can exploit this vulnerability to execute arbitrary code on the system or cause denial of heap...
KLA89786 Multiple vulnerabilities in Google Chrome
Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to cause denial of service, spoof user interface, bypass security restrictions, execute arbitrary code. Below is a complete list of vulnerabilities: 1. Type Confusion vulnerability in V8 can be...
Nagios Log Server 安全漏洞
Nagios Log Server is a suite of centralized log management, monitoring, and analysis software from Nagios Corporation. A security vulnerability exists in Nagios Log Server versions prior to 2024R1.3.1, which stems from not properly validating dashboard ID values and could lead to the execution of...