PT-2025-10589 · Assimp +2 · Assimp +2

Name of the Vulnerable Software and Affected Versions: Open Asset Import Library Assimp version 5.4.3 Description: A critical issue has been found in the Open Asset Import Library Assimp, affecting the function Assimp::BaseImporter::ConvertToUTF8 of the file BaseImporter.cpp in the File Handler...

PT-2025-3477 · Tenda · Tenda Ac18

Name of the Vulnerable Software and Affected Versions: Tenda AC18 version V15.03.05.19 Description: A command injection issue exists due to the lack of neutralization of special elements when processing the usbName parameter in the formSetSambaConf function. This allows a remote attacker to execu...

PT-2024-17397 · WordPress · Wp System

Name of the Vulnerable Software and Affected Versions: WP System plugin for WordPress versions up to, and including, 1.1.1 Description: The issue is related to Cross-Site Request Forgery due to missing or incorrect nonce validation on the generate wp system page content function. This allows...

PT-2024-37303 · Langchain Ai · Langchain

Name of the Vulnerable Software and Affected Versions: langchain-ai/langchain versions prior to 0.2.4 Description: A vulnerability in the FAISS.deserialize from bytes function allows for pickle deserialization of untrusted data, which can lead to the execution of arbitrary commands via the...

PT-2024-6467 · Totolink · Totolink X6000R

Name of the Vulnerable Software and Affected Versions: TOTOLINK X6000R version 9.4.0cu.852 20230719 Description: A critical issue has been found in the TOTOLINK X6000R, affecting the function setSyslogCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument rtLogServer leads to...

PT-2024-6208 · Unknown +2 · Hdf5 Library +2

Name of the Vulnerable Software and Affected Versions: HDF5 Library versions prior to 1.14.4 Description: The issue is related to the function H5E printf stack in the file H5Eint.c of the HDF5 Library, which is associated with uncontrolled recursion. This can lead to stack consumption. Exploitati...

PT-2024-29942

Name of the Vulnerable Software and Affected Versions Tenda W9 version 1.0.0.74456 Description A critical vulnerability has been found in the function formwrlSSIDset of the file /goform/wifiSSIDset. The manipulation of the argument ssidIndex leads to a stack-based buffer overflow. It is possible ...

PT-2024-13203 · Cobham · Cobham Sailor Vsat Ku

Name of the Vulnerable Software and Affected Versions: Cobham SAILOR VSAT Ku version 164B019 Description: The issue is related to a Cross Site Scripting XSS vulnerability, which allows a remote attacker to execute arbitrary code via a crafted script to the c set rslog decode function in the acu w...

PT-2023-8942 · Gpac +2 · Gpac +2

Name of the Vulnerable Software and Affected Versions: GPAC version 2.3-DEV-rev566-g50c2ab06f-master Description: The issue is related to the gf filterpacket del function in the /gpac/src/filter core/filter.c file of the GPAC multimedia platform. It involves incorrect use of dynamic memory, which...

PT-2023-30090 · Totolink · Totolink X2000R

Name of the Vulnerable Software and Affected Versions: TOTOLINK X2000R Gh version 1.0.0-B20230221.0948.web Description: A stack overflow issue was discovered in the function formTcpipSetup, which can be exploited. Recommendations: For version 1.0.0-B20230221.0948.web, as a temporary workaround,...

PT-2023-24436 · Nanomq · Nanomq

Name of the Vulnerable Software and Affected Versions: NanoMQ version 0.17.2 Description: A use-after-free issue exists due to improper data tracing. This can be triggered by calling the function nni mqtt msg get publish property in the file mqtt msg.c, potentially allowing an attacker to cause a...

PT-2023-9521 · Openlink +4 · Openlink Virtuoso-Opensource +4

Name of the Vulnerable Software and Affected Versions: openlink virtuoso-opensource version 7.2.9 Description: The issue is related to the mp box deserialize string function, which is vulnerable due to improper neutralization of special elements used in SQL commands. This can be exploited by a...

PT-2022-11663 · Unknown · Simplerisk

Name of the Vulnerable Software and Affected Versions: SimpleRisk versions prior to 20220306-001 Description: A vulnerability has been found in SimpleRisk, classified as problematic. It affects the function checkAndSetValidation of the file simplerisk/js/common.js. The manipulation of the argumen...

PT-2022-27159 · Totolink · Totolink Lr350

Name of the Vulnerable Software and Affected Versions: TOTOLINK LR350 version 9.3.5u.6369 B20220309 Description: The issue is a post-authentication buffer overflow that occurs via the sPort/ePort parameter in the setIpPortFilterRules function. This allows for potential exploitation after...

PT-2022-12393 · Gpac · Gpac

Name of the Vulnerable Software and Affected Versions: GPAC version 1.1.0 Description: The issue is related to an invalid call in the gf node changed function, which can lead to a Denial of Service DoS. Recommendations: For GPAC version 1.1.0, consider disabling the gf node changed function as a...

PT-2021-20145 · Gocr +1 · Gocr +1

Name of the Vulnerable Software and Affected Versions: gocr versions 0.53 through 0.53-20200802 Description: A stack-based buffer overflow issue was found in the try to divide boxes function in pgm2asc.c. This issue can potentially be exploited. Recommendations: For gocr versions 0.53 through...

PT-2021-6726 · Lwip · Lwip

Name of the Vulnerable Software and Affected Versions: lwIP version git head Description: A buffer overflow vulnerability in the icmp6 send response with addrs and netif function allows attackers to access sensitive information via a crafted ICMPv6 packet. The issue is related to the copying of a...

PT-2021-6495 · Libde265 +4 · Libde265 +4

Name of the Vulnerable Software and Affected Versions: libde265 version 1.0.4 Description: The issue is related to a heap buffer overflow in the mc chroma function of the libde265 video codec implementation for h.265. This can be exploited by a remote attacker using a specially crafted file,...

PT-2018-14538 · Guardzilla · Guardzilla Gz621W

Name of the Vulnerable Software and Affected Versions: Guardzilla GZ621W version 0.5.1.4 Description: The issue is related to a Buffer Overflow in the TK set deviceModel req handle function, which is part of the cloud communication component. Recommendations: For Guardzilla GZ621W version 0.5.1.4...

PT-2022-18248 · Unknown +1 · Gpac Mp4Box +1

Name of the Vulnerable Software and Affected Versions: GPAC mp4box version 1.1.0-DEV-rev1759-geb2d1e6dd Description: The issue is a heap-buffer-overflow vulnerability in the function gf isom apple enum tag. This vulnerability can be exploited, but no specific details about the estimated number of...