D-Link Router 安全漏洞

D-Link Router is an application WIFI router from China AUO D-Link. It provides the function of connecting to the network. A security vulnerability exists in D-Link Router that stems from the cgibin binary not filtering the HTTP SOAPAction header field, which could lead to remote code execution...

Dell SmartFabric OS10 Detection

Binary data dellsmartfabricos10detect.nbin...

TOTOLINK A950RG Buffer Overflow Vulnerability

TOTOLINK A950RG is an ultra-generation Giga wireless router from China's Gion Electronics TOTOLINK that supports high-speed network connectivity and multi-device management. The TOTOLINK A950RG suffers from a buffer overflow vulnerability that stems from a failure to properly validate the length...

TOTOLINK A720R Command Injection Vulnerability (CNVD-2025-29711)

TOTOLINK A720R is a wireless router from China's Gion Electronics TOTOLINK with dual-band Wi-Fi capabilities, focusing on high-speed internet and signal coverage. The TOTOLINK A720R suffers from a command injection vulnerability that stems from insufficient validation of the sysconf binary when...

CVE-2025-64076

CVE-2025-64076 affects the cbor2 library (Python CBOR) via the C extension decode_definite_long_string() in source/decoder.c. The advisory describes two issues: (1) an integer underflow in chunk processing leads to out-of-bounds reads, potentially triggering resource exhaustion; (2) a missing Py_...

Wapiti Web Application Vulnerability Scanner 3.2.10

Wapiti is a web application vulnerability scanner. It will scan the web pages of a deployed web application and will fuzz the URL parameters and forms to find common web vulnerabilities. This is the binary release...

[SECURITY] Fedora 42 Update: uv-0.9.7-2.fc42

An extremely fast Python package installer and resolver, written in Rust. Designed as a drop-in replacement for common pip and pip-tools workflows. Highlights: =E2=80=A2 =E2=9A=96=EF=B8=8F Drop-in replacement for common pip, pip-tools, and virtualenv commands. =E2=80=A2 =E2=9A=A1=EF=B8=8F 10-100x...

CVE-2025-63745

A NULL pointer dereference vulnerability was discovered in radare2 6.0.5 and earlier within the info function of binne.c. A crafted binary input can trigger a segmentation fault, leading to a denial of service when the tool processes malformed data...

CVE-2025-60698

A command injection vulnerability exists in the D-Link DIR-882 Router firmware DIR882A1FW102B02 within the prog.cgi and rc binaries. The sub432F60 function in prog.cgi stores user-supplied SetSysLogSettings/IPAddress values in NVRAM via nvramsafeset"SysLogRemoteIPAddress", .... These values are...

JetBrains ReSharper Installed (Windows)

Binary data jetbrainsresharperwininstalled.nbin...

Automated Side-Channel Analysis of Cryptographic Protocol Implementations

We extract the first formal model of WhatsApp from its implementation by combining binary-level analysis via CryptoBap with reverse engineering via Ghidra to handle this large closed-source application. Using this model, we prove forward secrecy, identify a known clone-attack against...

CVE-2025-63745

A NULL pointer dereference vulnerability was discovered in radare2 6.0.5 and earlier within the info function of binne.c. A crafted binary input can trigger a segmentation fault, leading to a denial of service when the tool processes malformed data...

CVE-2025-63745

CVE-2025-63745 affects radare2 up to version 6.0.5, where a NULL pointer dereference in the info() function of bin_ne.c can be triggered by crafted binary input, causing a segmentation fault and denial of service when processing malformed data. Affected component: radare2’s bin_ne.c (info() funct...

Autodesk Installer Installed

Binary data autodeskinstallerinstalled.nbin...

CVE-2025-60675

A command injection vulnerability exists in the D-Link DIR-823G router firmware DIR823GV1.0.2B0520181207.bin in the timelycheck and sysconf binaries, which process the /tmp/newqos.rule configuration file. The vulnerability occurs because parsed fields from the configuration file are concatenated...

EUVD-2025-175311

A stack buffer overflow exists in the ToToLink A720R Router firmware V4.1.5cu.614B20230630 within the sysconf binary sub401EE0 function. The binary reads the /proc/stat file using fgets into a local buffer and subsequently parses the line using sscanf into a single-byte variable with the %s forma...

CVE-2025-60701

A command injection vulnerability exists in the D-Link DIR-882 Router firmware DIR882A1FW102B02 within the prog.cgi and rc binaries. The sub433188 function in prog.cgi stores user-supplied email configuration parameters EmailFrom, EmailTo, SMTPServerAddress, SMTPServerPort, AccountName in NVRAM v...

CVE-2025-60697

A command injection vulnerability exists in the D-Link DIR-882 Router firmware DIR882A1FW102B02 within the prog.cgi and rc binaries. The sub4438A4 function in prog.cgi stores user-supplied DDNS parameters ServerAddress and Hostname in NVRAM via nvramsafeset. These values are later retrieved in th...

CVE-2025-60693

A stack-based buffer overflow exists in the getmergemac function of the httpd binary on Linksys E1200 v2 routers Firmware E1200v2.0.11.001us.tar.gz. The function concatenates up to six user-supplied CGI parameters matching 05 into a fixed-size buffer a2 without proper bounds checking, appending...

CVE-2025-60695

A stack-based buffer overflow vulnerability exists in the mtkdut binary of Linksys E7350 routers Firmware 1.1.00.032. The function sub4045A8 reads up to 256 bytes from /sys/class/net/%s/address into a local buffer and then copies it into caller-provided buffer a1 using strcpy without boundary...