27 matches found
CVE-2026-3622
The vulnerability exists in the UPnP component of TL-WR841N v14, where improper input validation leads to an out-of-bounds read, potentially causing a crash of the UPnP service. Successful exploitation can cause the UPnP service to crash, resulting in a Denial-of-Service condition. This...
CVE-2026-22224
The CVE-2026-22224 entry details a command injection vulnerability in the TP-Link Archer BE230 v1.2, exploitable after admin authentication in the device’s cloud communication interface. Affected version is v1.2
CVE-2025-55590
TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain an command injection vulnerability via the component bupload.html...
Linux Distros Unpatched Vulnerability : CVE-2024-36032
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: Bluetooth: qca: fix info leak when fetching fw build id Add the missing sanity checks and mo...
UBUNTU-CVE-2024-36032
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: qca: fix info leak when fetching fw build id Add the missing sanity checks and move the 255-byte build-id buffer off the stack to avoid leaking stack data through debugfs in case the build-info reply is malformed...
CVE-2023-4466 Poly CCX 400/CCX 600/Trio 8800/Trio C60 Web Interface protection mechanism
A vulnerability has been found in Poly CCX 400, CCX 600, Trio 8800 and Trio C60 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Web Interface. The manipulation leads to protection mechanism failure. The attack can be launched remotely. Th...
CVE-2023-46535
TP-LINK TL-WR886N V7.03.0.14Build221115Rel.56908n.bin was discovered to contain a stack overflow via the function getResetVeriRegister...
CVE-2023-46525
TP-LINK TL-WR886N V7.03.0.14Build221115Rel.56908n.bin was discovered to contain a stack overflow via the function loginRegister...
CVE-2023-46526
TP-LINK TL-WR886N V7.03.0.14Build221115Rel.56908n.bin was discovered to contain a stack overflow via the function resetCloudPwdRegister...
CVE-2023-46534
TP-LINK TL-WR886N V7.03.0.14Build221115Rel.56908n.bin was discovered to contain a stack overflow via the function modifyAccPwdRegister...
PT-2023-6592 · Tp Link · Tp-Link Tl-Wr886N
Name of the Vulnerable Software and Affected Versions: TP-LINK TL-WR886N version 7.0 3.0.14 Build 221115 Rel.56908n.bin Description: The issue is related to a stack overflow in the chkResetVeriRegister function, which can be exploited by a remote attacker to impact the integrity, availability, an...
CVE-2023-39678
A cross-site scripting XSS vulnerability in the device web interface Log Query page of BDCOM OLT P3310D-2AC 10.1.0F Build 69083 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the username parameter...
Update of kernel, kernel-headers, kernel-debug-devel, kernel-debug, perf, python-perf, kernel-debug-devel, kernel-devel
KB-127: Bump version separete fw build...
CVE-2021-28857
TP-Link's TL-WPA4220 4.0.2 Build 20180308 Rel.37064 username and password are sent via the cookie...
CVE-2020-8675
Insufficient control flow management in firmware build and signing tool for IntelR Innovation Engine before version 1.0.859 may allow an unauthenticated user to potentially enable escalation of privilege via physical access...
Design/Logic Flaw
Insufficient control flow management in firmware build and signing tool for IntelR Innovation Engine before version 1.0.859 may allow an unauthenticated user to potentially enable escalation of privilege via physical access...
TP-LINK TL-WR840N v5 XSS Injection Vulnerability
The TP-Link TL-WR840N is a wireless router from China P&L TP-Link. A cross-site scripting vulnerability exists in TP-LINK TL-WR840N v5 00000005 using firmware version 0.9.1 3.16 v0001.0 Build 171211 Rel.58800n. The vulnerability stems from the lack of proper validation of client data by the WEB...
Google Partially Patches Flaw in Chrome for Android 3 Years After Disclosure
Google has finally patched a privacy vulnerability in its Chrome web browser for Android that exposes users' device model and firmware version, eventually enabling remote attackers to identify unpatched devices and exploit known vulnerabilities. The vulnerability, which has not yet given any CVE...
Chrome in Android Leaks Device Fingerprinting Info
Google has issued a partial fix for an Android issue dating back to 2015 – after originally rejecting the bug report on the grounds of the mobile OS “working as intended.” The issue – which still doesn’t have a CVE designation despite being partially addressed as a problem – has to do with how...
TP-Link Archer C50 Wireless Router 171227 CSRF
Exploit Title: TP-Link Archer C50 Wireless Router 171227 - Cross-Site Request Forgery Configuration File Disclosure Date: 2018-11-07 Exploit Author: Wadeek Vendor Homepage: https://www.tp-link.com/ Hardware Version: Archer C50 v3 00000001 Firmware Link:...