CVE-2026-1460

CVE-2026-1460 affects Zyxel DX3301-T0 and EX3301-T0 devices up to firmware 5.50(ABVY.7.1)C0. A post-authentication command-injection vulnerability exists in the DHCP configuration file’s DomainName parameter. An authenticated attacker with administrator privileges could execute OS commands on an ...

EUVD-2026-25970

A post-authentication command injection vulnerability in the “DomainName” parameter of the DHCP configuration file in Zyxel DX3301-T0 and EX3301-T0 firmware versions through 5.50ABVY.7.1C0 could allow an authenticated attacker with administrator privileges to execute OS commands on an affected...

CVE-2026-1460

A post-authentication command injection vulnerability in the “DomainName” parameter of the DHCP configuration file in Zyxel DX3301-T0 and EX3301-T0 firmware versions through 5.50ABVY.7.1C0 could allow an authenticated attacker with administrator privileges to execute OS commands on an affected...

CVE-2026-1460

A post-authentication command injection vulnerability in the “DomainName” parameter of the DHCP configuration file in Zyxel DX3301-T0 and EX3301-T0 firmware versions through 5.50ABVY.7.1C0 could allow an authenticated attacker with administrator privileges to execute OS commands on an affected...

PT-2026-35646

A post-authentication command injection vulnerability in the “DomainName” parameter of the DHCP configuration file in Zyxel DX3301-T0 and EX3301-T0 firmware versions through 5.50ABVY.7.1C0 could allow an authenticated attacker with administrator privileges to execute OS commands on an affected...

CVE-2025-29231

A stored cross-site scripting XSS vulnerability in the pagesave component of Linksys E5600 V1.1.0.26 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the hostname and domainName parameters...

EUVD-2019-14782

Malware in sbrugna...

EUVD-2012-1087

Malware in sbrugna...

EUVD-2010-2171

Malware in sbrugna...

CVE-2022-29383

NETGEAR ProSafe SSL VPN firmware FVS336Gv2 and FVS336Gv3 was discovered to contain a SQL injection vulnerability via USERDBDomains.Domainname at cgi-bin/platform.cgi...

NETGEAR ProSafe SSL VPN firmware FVS336G SQL注入漏洞

The NETGEAR FVS336G is a VPN Virtual Private Network firewall router from NETGEAR. A security vulnerability exists in the NETGEAR ProSafe SSL VPN firmware FVS336Gv2 and FVS336Gv3 versions, which stems from a missing filter escape in USERDBDomains.Domainname in cgi-bin/platform.cgi, which can be...

Stack overflow

An exploitable stack buffer overflow vulnerability vulnerability exists in the iocheckd service ‘I/O-Check’ functionality of WAGO PFC 200 Firmware version 03.02.0214. The destination buffer sp+0x440 is overflowed with the call to sprintf for any domainname values that are greater than...

Updated docker packages fix security vulnerability

Security issues fixed for containerd, docker, docker-runc and golang-github-docker-libnetwork: CVE-2018-16873: cmd/go: remote command execution during "go get -u" bsc1118897 CVE-2018-16874: cmd/go: directory traversal in "go get" via curly braces in import paths bsc1118898 CVE-2018-16875:...

openSUSE Security Update : docker (openSUSE-2019-189)

This update for containerd, docker, docker-runc and golang-github-docker-libnetwork fixes the following issues : Security issues fixed for containerd, docker, docker-runc and golang-github-docker-libnetwork : - CVE-2018-16873: cmd/go: remote command execution during 'go get -u' bsc1118897 -...

SUSE SLED15 / SLES15 Security Update : docker (SUSE-SU-2019:0286-1)

This update for containerd, docker, docker-runc and golang-github-docker-libnetwork fixes the following issues : Security issues fixed for containerd, docker, docker-runc and golang-github-docker-libnetwork : CVE-2018-16873: cmd/go: remote command execution during 'go get -u' bsc1118897...

domainname.gov.au Improper Access Control vulnerability

Open Bug Bounty ID: OBB-676003 Description| Value ---|--- Affected Website:| domainname.gov.au Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| IAC Improper Access Control / CWE-284 CVSSv3 Score:| 6.5...

Airties RT-210 Multiple Parameter Cross-Site Scripting Vulnerability

Airties RT-210 is a router product from Turkey. The Airties RT-210's web interface ddns.stm file fails to adequately filter the 'ddnsdomainame' and 'ddnsaccount' parameters, allowing remote attackers to exploit vulnerabilities to inject malicious script or HTML code, which can be used to obtain...

CVE-2014-9020

Cross-site scripting XSS vulnerability in the Quick Stats page psilan.cgi in ZTE ZXDSL 831 and 831CII allows remote attackers to inject arbitrary web script or HTML via the domainname parameter in a save action. NOTE: this issue was SPLIT from CVE-2014-9021 per ADT1 due to different affected...

Cross site scripting

Cross-site scripting XSS vulnerability in the Quick Stats page psilan.cgi in ZTE ZXDSL 831 and 831CII allows remote attackers to inject arbitrary web script or HTML via the domainname parameter in a save action. NOTE: this issue was SPLIT from CVE-2014-9021 per ADT1 due to different affected...

CVE-2011-5149

Multiple cross-site scripting XSS vulnerabilities in SpamTitan 5.08 and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 testaddr or 2 testpass parameter to auth-settings.php; 3 hostname, 4 domainname, or 5 mailserver parameter to setup-relay.php; or 6 subnetmask or...