JLSEC-2026-252 Issue summary: Calling the OpenSSL API function SSL_select_next_proto with an empty supported...

Issue summary: Calling the OpenSSL API function SSLselectnextproto with an empty supported client protocols buffer may cause a crash or memory contents to be sent to the peer. Impact summary: A buffer overread can have a range of potential consequences such as unexpected application beahviour or ...

CVE-2026-41324

basic-ftp is an FTP client for Node.js. Versions prior to 5.3.0 are vulnerable to denial of service through unbounded memory growth while processing directory listings from a remote FTP server. A malicious or compromised server can send an extremely large or never-ending listing response to...

CVE-2026-41324

CVE-2026-41324 affects the Node.js FTP client library basic-ftp . Versions prior to 5.3.0 are vulnerable to a denial-of-service caused by unbounded memory growth when processing directory listings from a remote FTP server. A malicious server can send an extremely large or never-ending listing to ...

basic-ftp vulnerable to denial of service via unbounded memory consumption in Client.list()

Summary [email protected] is vulnerable to denial of service through unbounded memory growth while processing directory listings from a remote FTP server. A malicious or compromised server can send an extremely large or never-ending listing response to Client.list, causing the client process to...

Tenda WH450 安全漏洞

Tenda WH450 is a wireless access point from Tenda China. A security vulnerability exists in Tenda WH450 version 1.0.0.18, which originates from an incorrect manipulation of the parameter page in the file /goform/DhcpListClient, which could result in a stack buffer overflow...

CVE-2025-14136

A security flaw has been discovered in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. This vulnerability affects the function RE2000v2RepeatergetwiredclientlistsetClientsName of the file modform.so. The manipulation of the argume...

EUVD-2025-201545

A vulnerability was determined in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. Affected by this issue is the function RE2000v2RepeatergetwirelessclientlistsetClientsName of the file modform.so. Executing manipulation of the...

CVE-2025-14133

A vulnerability was found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. Affected by this vulnerability is the function APgetwirelessclientlistsetClientsName of the file modform.so. Performing manipulation of the argument...

CVE-2025-14134 Linksys RE6500/RE6250/RE6300/RE6350/RE7000/RE9000 mod_form.so stack-based overflow

A vulnerability was determined in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. Affected by this issue is the function RE2000v2RepeatergetwirelessclientlistsetClientsName of the file modform.so. Executing manipulation of the...

CVE-2025-14133 Linksys RE6500/RE6250/RE6300/RE6350/RE7000/RE9000 mod_form.so AP_get_wireless_clientlist_setClientsName stack-based overflow

A vulnerability was found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. Affected by this vulnerability is the function APgetwirelessclientlistsetClientsName of the file modform.so. Performing manipulation of the argument...

PT-2025-49360

Name of the Vulnerable Software and Affected Versions Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 versions 1.0.013.001 through 1.2.07.001 Description A stack-based buffer overflow exists in the AP get wireless clientlist setClientsName function within the mod form.so file...

Linux Distros Unpatched Vulnerability : CVE-2024-5535

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Issue summary: Calling the OpenSSL API function SSLselectnextproto with an empty supported client protocols buffer may cause a crash or memory contents to be se...

📄 TightVNC 2.8.83 Control Pipe Manipulation

TightVNC version 2.8.83 suffers from a control pipe manipulation vulnerability. Exploit Title: TightVNC 2.8.83 - Control Pipe Manipulation Date: 06/09/2025 Exploit Author: Ionut Zevedei [email protected] Exploit Repository: https://github.com/zeved/CVE-2024-42049-PoC Vendor Homepage:...

CVE-2010-2826

SQL injection vulnerability in Cisco Wireless Control System WCS 6.0.x before 6.0.196.0 allows remote authenticated users to execute arbitrary SQL commands via vectors related to the ORDER BY clause of the Client List screens, aka Bug ID CSCtf37019...

openssl: SSL_select_next_proto buffer overread

A flaw was found in OpenSSL. Affected versions of this package are vulnerable to Information Exposure through the SSLselectnextproto function. This flaw allows an attacker to cause unexpected application behavior or a crash by exploiting the buffer overread condition when the function is called...

openssl: SSL_select_next_proto buffer overread

A flaw was found in OpenSSL. Affected versions of this package are vulnerable to Information Exposure through the SSLselectnextproto function. This flaw allows an attacker to cause unexpected application behavior or a crash by exploiting the buffer overread condition when the function is called...

CLSA-2024-1731344946 openssl: Fix of CVE-2024-5535

CVE-2024-5535: Validate provided client list in ssl/ssllib.c. Clarify SSLselectnextproto documentation...

CLSA-2024-1730801437 openssl: Fix of CVE-2024-5535

CVE-2024-5535: Validate provided client list in ssl/ssllib.c. Clarify SSLselectnextproto documentation...

FiberHome HG6544C 安全漏洞

The FiberHome HG6544C is a router from China's FiberHome that is equipped with an indicator light and an Ethernet LAN interface. A security vulnerability exists in the FiberHome HG6544C RP2743 version, which stems from a cross-site scripting vulnerability that allows an attacker to execute...

openssl: SSL_select_next_proto buffer overread

A flaw was found in OpenSSL. Affected versions of this package are vulnerable to Information Exposure through the SSLselectnextproto function. This flaw allows an attacker to cause unexpected application behavior or a crash by exploiting the buffer overread condition when the function is called...