PT-2025-26566 · Totolink · Totolink A3002Ru

Name of the Vulnerable Software and Affected Versions: TOTOLINK A3002R version 1.1.1-B20200824.0128 Description: A critical issue affects the function formRoute of the file /boafrm/formRoute. The manipulation of the argument subnet leads to a stack-based buffer overflow. This issue can be exploit...

PT-2025-26233 · Wasm3 · Wasm3

Name of the Vulnerable Software and Affected Versions: wasm3 version 0.5.0 Description: A vulnerability has been found in the function MarkSlotAllocated of the file source/m3 compile.c, leading to out-of-bounds write. The manipulation can be exploited locally. The exploit has been disclosed to th...

PT-2025-24413 · Rt-Thread · Rt-Thread

Name of the Vulnerable Software and Affected Versions: RT-Thread version 5.1.0 Description: A critical issue has been found in the function sys thread sigprocmask of the file rt-thread/components/lwp/lwp syscall.c. The manipulation of the argument how leads to improper validation of array index...

PT-2025-23237

Name of the Vulnerable Software and Affected Versions hdf5 version 1.14.6 Description A heap buffer overflow issue was discovered via the H5VM memcpyvv function. Recommendations For version 1.14.6, consider restricting the use of the H5VM memcpyvv function until a patch is available...

PT-2025-23164 · Yasm +2 · Yasm +2

Name of the Vulnerable Software and Affected Versions: yasm version 9defefae Description: A NULL pointer dereference was discovered via the yasm section bcs append function at section.c. Recommendations: For version 9defefae, consider disabling the yasm section bcs append function as a temporary...

PT-2025-27715

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.13.0-rc3-syzkaller-gdfa94ce54f41 Description: A use-after-free issue has been identified in the Linux kernel, specifically in the page pool recycle in ring function. This issue was reported by syzbot and is...

PT-2025-22884 · Assimp +1 · Assimp +1

Name of the Vulnerable Software and Affected Versions: Assimp version 5.4.3 Description: A vulnerability was found in the Open Asset Import Library Assimp. It has been rated as problematic. The issue affects the function MDLImporter::ImportUVCoordinate 3DGS MDL345 of the file...

PT-2025-22858 · Netcore · Netcore B6V2 +2

Name of the Vulnerable Software and Affected Versions: Netcore NBR1005GPEV2 versions up to 20250508 Netcore NBR200V2 versions up to 20250508 Netcore B6V2 versions up to 20250508 Description: A critical issue affects the tools ping function of the file /usr/bin/network tools. The manipulation of t...

CVE-2019-5266

Huawei Share function in P30 9.1.0.193C00E190R2P1 smartphone has an insufficient input validation vulnerability. Attackers can exploit this vulnerability by sending crafted packets to the affected device. Successful exploit may cause the function will be disabled...

PT-2025-21859 · Code Projects · Code-Projects Police Station Management System

Name of the Vulnerable Software and Affected Versions: code-projects Police Station Management System version 1.0 Description: A critical issue was found in the function criminal::display of the file source.cpp of the component Display Record. The manipulation of the argument N leads to buffer...

PT-2025-20545 · Seedprod · Website Builder By Seedprod

Name of the Vulnerable Software and Affected Versions: The Website Builder by SeedProd versions up to, and including, 6.18.15 Description: The issue allows authenticated attackers with Subscriber-level access and above to read the content of arbitrary landing page revisions due to a missing...

PT-2025-19937 · D Link · D-Link Dir-600

Name of the Vulnerable Software and Affected Versions: D-Link DIR-600L versions up to 2.07B01 Description: A critical vulnerability was found in the D-Link DIR-600L, affecting the function formWlSiteSurvey. The manipulation of the argument host leads to a buffer overflow. This issue can be...

PT-2025-19945 · Tenda · Tenda Dap-1520

Name of the Vulnerable Software and Affected Versions: Tenda DAP-1520 version 1.10B04 BETA02 Description: A critical vulnerability has been found, affecting the mod graph auth uri handler function of the Authentication Handler component. This issue leads to a stack-based buffer overflow and can b...

PT-2025-19809 · Tenda · Tenda Ac1206

Name of the Vulnerable Software and Affected Versions: Tenda AC1206 versions up to 15.03.06.23 Description: A critical vulnerability was found in Tenda AC1206, affecting the function formSetCfm of the file /goform/setcfm. The manipulation leads to buffer overflow. The attack can be initiated...

NETGEAR RAX5 安全漏洞

The NETGEAR RAX5 is a wireless router from NETGEAR. NETGEAR RAX5 suffers from a command injection vulnerability that stems from the iface parameter in the vifdisable function failing to correctly filter constructed command special characters, commands, and so on. An attacker can exploit this...

PT-2025-19810 · Tenda · Tenda Ac1206

Name of the Vulnerable Software and Affected Versions: Tenda AC1206 versions up to 15.03.06.23 Description: A critical issue affects the setSchedWifi function of the file /goform/openSchedWifi. The manipulation leads to buffer overflow. The attack may be initiated remotely. The exploit has been...

PT-2025-19722 · NetGear · Netgear Rax5

Name of the Vulnerable Software and Affected Versions: NETGEAR RAX5 version 1.0.2.26 Description: A command injection issue was discovered in the NETGEAR RAX5 AX1600 WiFi Router via the iface parameter in the vif disable function. Recommendations: For version 1.0.2.26, consider disabling the vif...

SUSE CVE-2025-23144

In the Linux kernel, the following vulnerability has been resolved: backlight: ledbl: Hold ledaccess lock when calling ledsysfsdisable Lockdep detects the following issue on led-backlight removal: 142.315935 ------------ cut here ------------ 142.315954 WARNING: CPU: 2 PID: 292 at...

PT-2025-18790 · Tenda · Tenda Ac9

Name of the Vulnerable Software and Affected Versions: Tenda AC9 version 15.03.06.42 multi Description: A command injection issue was found in the formsetUsbUnload function via the deviceName parameter, allowing attackers to execute arbitrary commands through a crafted request. Recommendations: F...

PT-2025-18677 · Tenda · Tenda W20E

Name of the Vulnerable Software and Affected Versions: Tenda W20E version 15.11.0.6 Description: A command injection issue was discovered in the formSetDebugCfg function via the enable parameter. This issue allows attackers to execute arbitrary commands through a manipulated request...