CVE-2022-45712

IP-COM M50 V15.11.0.3310768 was discovered to contain a buffer overflow via the rules parameter in the formAddDnsForward function...

CVE-2022-29392

TOTOLINK N600R V4.3.0cu.7647B20210106 was discovered to contain a stack overflow via the comment parameter in the function FUN00418c24...

CVE-2022-29395

TOTOLINK N600R V4.3.0cu.7647B20210106 was discovered to contain a stack overflow via the apcliKey parameter in the function FUN0041bac4...

CVE-2021-29532

TensorFlow is an end-to-end open source platform for machine learning. An attacker can force accesses outside the bounds of heap allocated arrays by passing in invalid tensor values to tf.rawops.RaggedCross. This is because the...

CVE-2021-39561

An issue was discovered in swftools through 20200710. A stack-buffer-overflow exists in the function Gfx::opSetFillColorN located in Gfx.cc. It allows an attacker to cause code Execution...

CVE-2021-45297

An infinite loop vulnerability exists in Gpac 1.0.1 in gfgetbitsize...

CVE-2021-21813

Within the function HandleFileArg the argument filepattern is under control of the user who passes it in from the command line. filepattern is passed directly to memcpy copying the path provided by the user into a staticly sized buffer without any length checks resulting in a stack-buffer overflo...

CVE-2020-23151

rConfig 3.9.5 allows command injection by sending a crafted GET request to lib/ajaxHandlers/ajaxArchiveFiles.php since the path parameter is passed directly to the exec function without being escaped...

CVE-2025-44888

FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the stpconfname parameter in the webstpglobalSettingpost function...

CVE-2025-45835

A null pointer dereference vulnerability was discovered in Netis WF2880 v2.1.40207. The vulnerability exists in the FUN004904c8 function of the cgitest.cgi file. Attackers can trigger this vulnerability by controlling the environment variable value CONTENTLENGTH, causing the program to crash and...

CVE-2025-45513

Tenda FH451 V1.0.0.9 has a stack overflow vulnerability in the function.P2pListFilter...

CVE-2025-3453

The Password Protected – Password Protect your WordPress Site, Pages, & WooCommerce Products – Restrict Content, Protect WooCommerce Category and more plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.7.7 via the 'passwordprotectedcookie'...

CVE-2025-46420 Libsoup: memory leak on soup_header_parse_quality_list() via soup-headers.c

A flaw was found in libsoup. It is vulnerable to memory leaks in the soupheaderparsequalitylist function when parsing a quality list that contains elements with all zeroes...

The vulnerability of the nh_create_ipv6() function in the net/ipv4/nexthop.c module of the Linux operating system’s IPv4 kernel implementation allows a attacker to cause a service failure.

The vulnerability of the nhcreateipv6 function in the net/ipv4/nexthop.c module of the Linux operating system’s IPv4 kernel implementation is related to the use of the NULL pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...

CVE-2025-3407

A vulnerability was found in Nothings stb up to f056911. It has been declared as critical. Affected by this vulnerability is the function stbhwbuildtilesetfromimage. The manipulation of the argument hcount/vcount leads to out-of-bounds read. The attack can be launched remotely. This product takes...

CVE-2025-29087

In SQLite 3.44.0 through 3.49.0 before 3.49.1, the concatws SQL function can cause memory to be written beyond the end of a malloc-allocated buffer. If the separator argument is attacker-controlled and has a large string e.g., 2MB or more, an integer overflow occurs in calculating the size of the...

The vulnerability of the !defined() function (kernel/sched/core.c) in the Linux operating system’s kernel allows a hacker to cause a service failure.

The vulnerability of the !defined function in the Linux kernel/sched/core.c file is related to the execution of a loop with an unreachable exit condition. Exploiting this vulnerability could allow an attacker to cause a service failure...

pgAdmin 安全漏洞

pgAdmin is pgAdmin open source an open source management and development platform for the open source database PostgreSQL. A security vulnerability exists in pgAdmin versions prior to 4 9.2 that stems from insecurely passing parameters to the eval function, which could lead to remote code executi...

CVE-2023-52987

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-mtrace: prevent underflow in sofipc4prioritymaskdfswrite The "id" comes from the user. Change the type to unsigned to prevent an array underflow...

CVE-2025-29488

libming v0.4.8 was discovered to contain a memory leak via the parseSWFINITACTION function...