EUVD-2026-32928

SDMC NE6037 cable modem routers running firmware 7.1.6.0.25 and 7.1.6.1.9B9 contain a hardcoded password vulnerability in the web management interface recovery endpoints mgmt.php, npcmd.php that allows unauthenticated attackers to gain root access by submitting the hardcoded credential to the...

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Apple Safari

Vue-After-Free A PlayStation Vue userland code execution e...

CVE-2021-41788

MediaTek microchips, as used in NETGEAR devices through 2021-12-13 and other devices, mishandle attempts at Wi-Fi authentication flooding. Affected Chipsets MT7603E, MT7612, MT7613, MT7615, MT7622, MT7628, MT7629, MT7915; Affected Software Versions 7.4.0.0...

TOTOLINK A7100RU 安全漏洞

TOTOLINK A7100RU is a wireless router from China Gion Electronics TOTOLINK. A security vulnerability exists in the TOTOLINK A7100RU V7.4, A950RG V5.9, and T10 V5.9 versions, which originates from enabling the chrootlocaluser option and could lead to unauthorized access to system files...

CVE-2025-6265

A path traversal vulnerability in the fileupload-cgi CGI program of Zyxel NWA50AX PRO firmware version 7.10ACGE.2 and earlier could allow an authenticated attacker with administrator privileges to access specific directories and delete files, such as the configuration file, on the affected device...

CVE-2021-37378

Cross Site Scripting XSS vulnerability in Teradek Cube and Cube Pro firmware version 7.3.x and earlier allows remote attackers to run arbitrary code via the Friendly Name field in System Information Settings. NOTE: Vedor states the product has reached End of Life and will not be receiving any...

CVE-2021-37376

Cross Site Scripting XSS vulnerability in Teradek Bond, Bond 2 and Bond Pro firmware version 7.3.x and earlier allows remote attackers to run arbitrary code via the Friendly Name field in System Information Settings. NOTE: Vedor states the product has reached End of Life and will not be receiving...

Teradek Slice 跨站脚本漏洞

Teradek Slice is a rackmount video decoder from Teradek. A security vulnerability exists in Teradek Slice 1st generation firmware version 7.3.x and earlier. An attacker could exploit the vulnerability to execute arbitrary code via the Friendly Name field in System Information Settings...

CVE-2021-23847

A Missing Authentication in Critical Function in Bosch IP cameras allows an unauthenticated remote attacker to extract sensitive information or change settings of the camera by sending crafted requests to the device. Only devices of the CPP6, CPP7 and CPP7.3 family with firmware 7.70, 7.72, and...

Apple AirPort Base Station Resource Management Error Vulnerability

The Apple AirPort Base Station is a wireless router from Apple USA. A resource management error vulnerability exists in Apple AirPort Base Station using firmware versions prior to 7.9.1. The vulnerability arises from a network system or product mismanagement of system resources e.g., memory, disk...

Apple AirPort Base Station Buffer Overflow Vulnerability

The Apple AirPort Base Station is a wireless router from Apple USA. A buffer overflow vulnerability exists in the Apple AirPort Base Station using firmware versions prior to 7.9.1. The vulnerability stems from a network system or product performing operations on memory without properly validating...

Cisco SPA514G Denial of Service Vulnerability

Cisco Small Business SPA514G IP Phones is an IP phone from Cisco USA. A resource management error vulnerability exists in Cisco Small Business SPA514G IP Phones using firmware version 7.6.2SR2A and earlier, which arises from the program incorrectly handling SIP request messages. A remote attacker...

CVE-2018-0389

A vulnerability in the implementation of Session Initiation Protocol SIP processing in Cisco Small Business SPA514G IP Phones could allow an unauthenticated, remote attacker to cause an affected device to become unresponsive, resulting in a denial of service DoS condition. The vulnerability is du...

CVE-2018-17873

An incorrect access control vulnerability in the FTP configuration of WiFiRanger devices with firmware version 7.0.8rc3 and earlier allows an attacker with adjacent network access to read the SSH Private Key and log in to the root account...

CVE-2018-11543

A Local File Inclusion LFI vulnerability in the Sonus SBC 1000 / SBC 2000 / SBC SWe Lite web interface allows for the downloading of arbitrary files via an unspecified vector. It affects the 1000 and 2000 devices 6.0.x up to Build 446, 6.1.x up to Build 492, and 7.0.x up to Build 485. It affects...

CVE-2018-5473

An Improper Restriction of Operations within the Bounds of a Memory Buffer issue was discovered in GE D60 Line Distance Relay devices running firmware Version 7.11 and prior. The SSH functions of the device are vulnerable to buffer overflow conditions that may allow a remote attacker to execute...

CVE-2018-5475

A Stack-based Buffer Overflow issue was discovered in GE D60 Line Distance Relay devices running firmware Version 7.11 and prior. Multiple stack-based buffer overflow vulnerabilities have been identified, which may allow remote code execution...

CVE-2017-12260

A vulnerability in the implementation of Session Initiation Protocol SIP functionality in Cisco Small Business SPA50x, SPA51x, and SPA52x Series IP Phones could allow an unauthenticated, remote attacker to cause an affected device to become unresponsive, resulting in a denial of service DoS...

CVE-2009-2189

The ICMPv6 implementation on the Apple Time Capsule, AirPort Extreme Base Station, and AirPort Express Base Station with firmware before 7.5.2 does not limit the rate of 1 Router Advertisement and 2 Neighbor Discovery packets, which allows remote attackers to cause a denial of service resource...