Tenda FH1206 fromGstDhcpSetSer Function Buffer Overflow Vulnerability

The Tenda FH1206 is a wireless router from Tenda China. The Tenda FH1206 fromGstDhcpSetSer function suffers from a buffer overflow vulnerability that originates from the failure of the fromGstDhcpSetSer function in the /goform/GstDhcpSetSer page to correctly validate the length of the input data,...

CVE-2023-48194

Vulnerability in Tenda AC8v4 .V16.03.34.09 due to sscanf and the last digit of s8 being overwritten with \x0. After executing setclientqos, control over the gp register can be obtained...

CVE-2024-36843

libmodbus v3.1.6 was discovered to contain a heap overflow via the modbusmappingfree function...

Siemens SIMATIC RTLS Locating Manager Hidden Function Vulnerability

SIMATIC RTLS Locating Manager is used to configure, operate and maintain the SIMATIC RTLS unit, a real-time wireless positioning system that provides locating solutions. A hidden function vulnerability exists in Siemens SIMATIC RTLS Locating Manager due to an affected application containing hidde...

URL Manipulation

oceanic.js is vulnerable to a URL Manipulation. The vulnerability is due to improper input handling in certain functions such as Client.rest.channels.removeBan, which allows an attacker to manipulate the request specially crafted input to be normalized into unintended URLs, potentially resulting ...

Tenda i21 formGetDiagnoseInfo function buffer overflow vulnerability

Tenda i21 is a wireless access point from Tenda China. A buffer overflow vulnerability exists in Tenda i21 version 1.0.0.144656, which originates from the parameter cmdinput of the formGetDiagnoseInfo function that fails to correctly validate the length and size of the input data, and can be...

Roothub 安全漏洞

Roothub is a forum system developed using SSM and MySQL. A security vulnerability exists in Roothub v2.6, which was discovered to contain an SQL injection vulnerability via the "s" parameter in the search function...

WordPress Stop Spammers Security plugin <= 2024.4 - Cross-Site Request Forgery (CSRF) via sfs_process vulnerability

Cross-Site Request Forgery CSRF via sfsprocess vulnerability discovered by Lucio Sá in WordPress Plugin Stop Spammers versions = 2024.4...

PT-2024-30201 · Tenda · Tenda A301

Name of the Vulnerable Software and Affected Versions: Tenda A301 version 15.13.08.12 multi TDE01 Description: A critical issue affects the function formAddMacfilterRule of the file /goform/setBlackRule. The manipulation of the argument deviceList leads to stack-based buffer overflow. The attack...

CVE-2024-32764 myQNAPcloud Link

A missing authentication for critical function vulnerability has been reported to affect myQNAPcloud Link. If exploited, the vulnerability could allow users with the privilege level of some functionality via a network. We have already fixed the vulnerability in the following version: myQNAPcloud...

CVE-2024-30391

A Missing Authentication for Critical Function vulnerability in the Packet Forwarding Engine pfe of Juniper Networks Junos OS on MX Series with SPC3, and SRX Series allows an unauthenticated network-based attacker to cause limited impact to the integrity or availability of the device. If a device...

CVE-2024-30391 Junos OS: MX Series with SPC3, and SRX Series: When IPsec authentication is configured with "hmac-sha-384" and "hmac-sha-512" no authentication of traffic is performed

A Missing Authentication for Critical Function vulnerability in the Packet Forwarding Engine pfe of Juniper Networks Junos OS on MX Series with SPC3, and SRX Series allows an unauthenticated network-based attacker to cause limited impact to the integrity or availability of the device. If a device...

CVE-2024-26475

An issue in radareorg radare2 v.0.9.7 through v.5.8.6 and fixed in v.5.8.8 allows a local attacker to cause a denial of service via the grubsfsreadextent function...

Clojure Security Vulnerabilities

Clojure is a programming language open-sourced by Clojure. A security vulnerability exists in Clojure versions 1.20 through 1.12.0-alpha5. An attacker can exploit this vulnerability to cause a denial of service via the clojure.core$partial$fn5920 function...

CVE-2024-27088

es5-ext contains ECMAScript 5 extensions. Passing functions with very long names or complex default argument names into functioncopy or functiontoStringTokens may cause the script to stall. The vulnerability is patched in v0.10.63...

Abandoned Cart Lite for WooCommerce < 5.16.1 - Improper Authorization via wcal_delete_expired_used_coupon_code

Description The plugin is vulnerable to unauthorized access of data due to a missing capability check on the wcaldeleteexpiredusedcouponcode function. This makes it possible for unauthenticated attackers to preview emails, granted they are able to obtain a nonce via a separate vulnerability...

CVE-2023-52039

An issue discovered in TOTOLINK X6000R v9.4.0cu.852B20230719 allows attackers to run arbitrary commands via the sub415AA4 function...

Stack overflow

A vulnerability was found in Totolink LR1200GB 9.1.0u.6619B20230130. It has been declared as critical. This vulnerability affects the function setIpPortFilterRules of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument sPort leads to stack-based buffer overflow. The attack can be...

CVE-2023-6493

The Depicter Slider – Responsive Image Slider, Video Slider & Post Slider plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.0.6. This is due to missing or incorrect nonce validation on the 'save' function. This makes it possible for...

CVE-2023-41119

An issue was discovered in EnterpriseDB Postgres Advanced Server EPAS before 11.21.32, 12.x before 12.16.20, 13.x before 13.12.16, 14.x before 14.9.0, and 15.x before 15.4.0. It contains the function dbmsaqmovetoexceptionqueue that may be used to elevate a user's privileges to superuser. This...