PT-2025-7597 · Libming · Libming

Name of the Vulnerable Software and Affected Versions: libming version 0.4.8 Description: A memory leak has been identified in the readSizedString function in util/read.c, which allows attackers to cause a denial of service via a crafted file. Recommendations: For libming version 0.4.8, consider...

PT-2025-7563 · Tenda · Tenda Ac8V4

Name of the Vulnerable Software and Affected Versions: Tenda AC8V4 version 16.03.34.06 Description: A stack overflow issue was discovered in the sub 49E098 function through the shareSpeed parameter. This issue allows for potential exploitation. No information is available regarding the estimated...

PT-2025-6906

Name of the Vulnerable Software and Affected Versions: GNU elfutils version 0.192 Description: A problem has been found in GNU elfutils that affects the gelf getsymshndx function of the file strip.c in the eu-strip component. This issue leads to denial of service and must be approached locally. T...

PT-2025-6905

Name of the Vulnerable Software and Affected Versions: GNU elfutils version 0.192 Description: A vulnerability was found in GNU elfutils, affecting the function elf strptr in the library /libelf/elf strptr.c of the component eu-strip. The manipulation leads to denial of service. It is possible to...

PT-2025-6851 · Unknown · Code-Projects Wazifa System

Name of the Vulnerable Software and Affected Versions: code-projects Wazifa System version 1.0 Description: A problematic issue has been found in the searchuser function of the /search resualts.php file. The manipulation of the firstname/lastname argument leads to cross site scripting. It is...

PT-2025-6861 · Ywoa · Ywoa

Name of the Vulnerable Software and Affected Versions: ywoa versions 2024.07.03 and earlier Description: A problematic issue has been found in the function extract of the file c-main/src/main/java/com/redmoon/weixin/aes/XMLParse.java of the component WXCallBack Interface. The manipulation leads t...

PT-2025-6121 · Lumsoft · Lumsoft Erp

Name of the Vulnerable Software and Affected Versions: Lumsoft ERP version 8 Description: A critical issue was found in the function DoUpload/DoWebUpload of the file /Api/FileUploadApi.ashx. The manipulation of the argument file leads to unrestricted upload. It is possible to launch the attack...

PT-2025-6096 · Gnu +3 · Gnu Binutils +3

Name of the Vulnerable Software and Affected Versions: GNU Binutils versions 2.43 through 2.44 Description: A problematic vulnerability was found in GNU Binutils, affecting the bfd set format function of the file format.c. The manipulation leads to memory corruption. The attack can be launched...

PT-2025-2256 · WordPress · Wp Image Uploader

Name of the Vulnerable Software and Affected Versions: WP Image Uploader plugin for WordPress version 1.0.1 and earlier Description: The issue is related to insufficient file path validation in the gky image uploader main function function, allowing unauthenticated attackers to delete arbitrary...

PT-2025-12358

Name of the Vulnerable Software and Affected Versions D-Link DSL-3788 revA1 version 1.01R1B036 EU EN Description The issue is related to a buffer overflow that can occur through the COMM MAKECustomMsg function of the webproc cgi. This function is part of the web procedure and can be exploited,...

PT-2025-1372 · Unknown +1 · Gpac Mp4Box +1

Name of the Vulnerable Software and Affected Versions: GPAC MP4box version 2.1-DEV-rev574-g9d5bb184b Description: The issue is related to a buffer overflow in the gf vvc read pps bs internal function of media tools/av parsers.c. A check is needed for num exp tile columns. Recommendations: For GPA...

PT-2025-4014 · Joeybling · Bootplus

Name of the Vulnerable Software and Affected Versions: JoeyBling bootplus up to 247d5f6c209be1a5cf10cd0fa18e1d8cc63cf55d Description: A vulnerability has been found in the qrCode function of the file src/main/java/io/github/controller/QrCodeController.java. The manipulation of the text argument...

PT-2025-2882 · Gpac +2 · Gpac +2

Name of the Vulnerable Software and Affected Versions: gpac version 2.4 Description: The issue is related to a SEGV at src/isomedia/drm sample.c:1562:96 in the isom cenc get sai by saiz saio function in MP4Box. This indicates a potential problem with memory access or handling in the specified...

PT-2025-3951 · Tduckcloud · Tduck-Platform

Name of the Vulnerable Software and Affected Versions: TDuckCloud tduck-platform versions up to 4.0 Description: A critical issue was found in the TDuckCloud tduck-platform, affecting the function QueryProThemeRequest of the file src/main/java/com/tduck/cloud/form/request/QueryProThemeRequest.jav...

PT-2025-7558 · Tenda · Tenda Ac8

Name of the Vulnerable Software and Affected Versions: Tenda AC8 version 16.03.34.06 Description: The issue is related to a Buffer Overflow in the get parentControl list Info function. Recommendations: For Tenda AC8 version 16.03.34.06, consider disabling the get parentControl list Info function...

PT-2025-4742 · Re11S · Re11S

Name of the Vulnerable Software and Affected Versions: RE11S version 1.11 Description: A stack overflow issue was discovered in the formWlSiteSurvey function through the selSSID parameter. Recommendations: For RE11S version 1.11, consider disabling the formWlSiteSurvey function or restricting...

PT-2025-2536 · Wavlink · Wavlink Ac3000

Name of the Vulnerable Software and Affected Versions: Wavlink AC3000 version M33A8.V5030.210505 Description: A buffer overflow vulnerability exists in the set wzdgw4G function of adm.cgi. This issue can be triggered by a specially crafted HTTP request, leading to a stack-based buffer overflow. A...

PT-2025-2537 · Wavlink · Wavlink Ac3000

Name of the Vulnerable Software and Affected Versions: Wavlink AC3000 version M33A8.V5030.210505 Description: A buffer overflow issue exists in the qos.cgi qos sta settings functionality. This can be triggered by a specially crafted HTTP request, leading to a stack-based buffer overflow. An...

PT-2025-2445 · Wavlink · Wavlink Ac3000

Name of the Vulnerable Software and Affected Versions: Wavlink AC3000 version M33A8.V5030.210505 Description: A buffer overflow issue exists in the set info functionality of usbip.cgi. This can be triggered by a specially crafted HTTP request, leading to a stack-based buffer overflow. An attacker...

PT-2025-2310 · Wavlink · Wavlink Ac3000

Name of the Vulnerable Software and Affected Versions: Wavlink AC3000 version M33A8.V5030.210505 Description: A command execution issue exists in the adm.cgi set TR069 functionality. This allows an attacker to execute arbitrary commands by sending a specially crafted HTTP request. The vulnerabili...