45 matches found
DRUPAL-CONTRIB-2026-014
This module enables you to block bots by Firewall. The module doesn't sufficiently sanitize user input leading to a reflected Cross-site scripting XSS vulnerability. This vulnerability is mitigated by the fact that the vulnerable functionality is only presented to users that are "challenged" or...
CVE-2025-67186
TOTOLINK A950RG V4.1.2cu.5204B20210112 contains a buffer overflow vulnerability in the setUrlFilterRules interface of /lib/cstemodules/firewall.so. The vulnerability occurs because the url parameter is not properly validated for length, allowing remote attackers to trigger a buffer overflow,...
CVE-2025-67187
A stack-based buffer overflow vulnerability was identified in TOTOLINK A950RG V4.1.2cu.5204B20210112. The flaw exists in the setIpQosRules interface of /lib/cstemodules/firewall.so where the comment parameter is not properly validated for length...
CVE-2025-67186
TOTOLINK A950RG V4.1.2cu.5204B20210112 contains a buffer overflow vulnerability in the setUrlFilterRules interface of /lib/cstemodules/firewall.so. The vulnerability occurs because the url parameter is not properly validated for length, allowing remote attackers to trigger a buffer overflow,...
CVE-2025-67187
A stack-based buffer overflow vulnerability was identified in TOTOLINK A950RG V4.1.2cu.5204B20210112. The flaw exists in the setIpQosRules interface of /lib/cstemodules/firewall.so where the comment parameter is not properly validated for length...
CVE-2025-67187
A stack-based buffer overflow vulnerability was identified in TOTOLINK A950RG V4.1.2cu.5204B20210112. The flaw exists in the setIpQosRules interface of /lib/cstemodules/firewall.so where the comment parameter is not properly validated for length...
PT-2026-5955
Name of the Vulnerable Software and Affected Versions TOTOLINK A950RG version 4.1.2cu.5204 B20210112 Description A stack-based buffer overflow exists in the setIpQosRules interface of /lib/cste modules/firewall.so. The issue is due to insufficient validation of the length of the comment parameter...
CVE-2025-67186
TOTOLINK A950RG V4.1.2cu.5204B20210112 contains a buffer overflow vulnerability in the setUrlFilterRules interface of /lib/cstemodules/firewall.so. The vulnerability occurs because the url parameter is not properly validated for length, allowing remote attackers to trigger a buffer overflow,...
CVE-2025-67187
CVE-2025-67187 affects TOTOLINK A950RG (v4.1.2cu.5204_B20210112) via /lib/cste_modules/firewall.so, setIpQosRules: the comment parameter is not properly validated for length, causing a stack-based buffer overflow. Affected component is the setIpQosRules interface; root cause is insufficient input...
EUVD-2025-206718
TOTOLINK A950RG V4.1.2cu.5204B20210112 contains a buffer overflow vulnerability in the setUrlFilterRules interface of /lib/cstemodules/firewall.so. The vulnerability occurs because the url parameter is not properly validated for length, allowing remote attackers to trigger a buffer overflow,...
EUVD-2025-206712
A stack-based buffer overflow vulnerability was identified in TOTOLINK A950RG V4.1.2cu.5204B20210112. The flaw exists in the setIpQosRules interface of /lib/cstemodules/firewall.so where the comment parameter is not properly validated for length...
PT-2026-5954
Name of the Vulnerable Software and Affected Versions TOTOLINK A950RG version 4.1.2cu.5204 B20210112 Description The software contains a buffer overflow issue in the setUrlFilterRules interface of /lib/cste modules/firewall.so. The issue is due to insufficient validation of the length of the url...
CVE-2025-67187
A stack-based buffer overflow vulnerability was identified in TOTOLINK A950RG V4.1.2cu.5204B20210112. The flaw exists in the setIpQosRules interface of /lib/cstemodules/firewall.so where the comment parameter is not properly validated for length...
EUVD-2008-0375
Malware in sbrugna...
TOTOLINK A3100R 安全漏洞
TOTOLINK A3100R is a series of wireless routers from China's Gion Electronics TOTOLINK. The TOTOLINK A3100R suffers from a buffer overflow vulnerability that originates from the failure of the priority parameter of the setMacQos interface in /lib/cstemodules/firewall.so to correctly validate the...
SAMSUNG Mobile devices security vulnerability
SAMSUNG Mobile devices are a range of Samsung mobile devices, including cell phones, tablets, etc. from the South Korean company Samsung. A security vulnerability exists in SAMSUNG Mobile devices due to an implicit intent hijacking vulnerability in the Firewall application module. The vulnerabili...
Improper Input Validation
In certain situations it is possible for an unmanaged rule to exist on the target system that has the same comment as the rule specified in the manifest. This could allow for unmanaged rules to exist on the target system and leave the system in an unsafe state. A flaw was found in the Puppet...
CVE-2022-0675 Puppet Firewall Module May Leave Unmanaged Rules
In certain situations it is possible for an unmanaged rule to exist on the target system that has the same comment as the rule specified in the manifest. This could allow for unmanaged rules to exist on the target system and leave the system in an unsafe state...
Puppet 输入验证错误漏洞
Puppet is a set of configuration management tools based on client/server C/S architecture from Puppet Labs in the United States, which can be used to manage profiles, users, cron tasks, packages, system services, and more. A security vulnerability exists in the Puppet Firewall Module, which stems...
CVE-2021-22411
There is an out-of-bounds write vulnerability in some Huawei products. The code of a module have a bad judgment logic. Attackers can exploit this vulnerability by performing multiple abnormal activities to trigger the bad logic and cause out-of-bounds write. This may compromise the normal service...