1775 matches found
G Auto-Hyperlink <= 1.0.1 - SQL Injection
The G Auto-Hyperlink WordPress plugin through 1.0.1 does not sanitise or escape an 'id' GET parameter before using it in a SQL statement, to select data to be displayed in the admin dashboard, leading to an authenticated SQL injection id: CVE-2021-24627 info: name: G Auto-Hyperlink = 1.0.1 - SQL...
EUVD-2026-42504
An issue in Generic OEM UZ801v2.1 4G LTE Router V3.4.3 allows a remote attacker to execute arbitrary code via the /ajax web management API endpoint in MifiService.apk...
CVE-2026-14721 UTT HiPER 1250GW Web Endpoint ConfigWirelessBase_5g stack-based overflow
A vulnerability has been found in UTT HiPER 1250GW up to 3.2.7-210907-180535. This affects an unknown function of the file /goform/ConfigWirelessBase5g of the component Web Endpoint. The manipulation of the argument ssid leads to stack-based buffer overflow. The attack is possible to be carried o...
MINI-V68C-V447-GPVC
Bulletin has no description...
SUSE CVE-2026-55577
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to versions 6.9.13-51 and 7.1.2-26, a heap buffer overflow occurs in the MVG decoder that could result in an out of bounds write when processing a crafted image. This issue has been fixed in...
GHSA-3PP7-M8F5-89GX vulnerabilities
Vulnerabilities for packages: firefox, firefox-esr...
Linux Distros Unpatched Vulnerability : CVE-2026-58014
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A flaw was found in GLib. An off-by-one error can occur in the gkeyfilegetlocalestringlist function in the gkeyfile.c file when loading a key file with an empty...
EUVD-2026-40316
A flaw was found in GLib. An off-by-one error can occur in the gkeyfilegetlocalestringlist function in the gkeyfile.c file when loading a key file with an empty value. This flaw can cause an out-of-bounds access of 1 byte or a denial of service when the out-of-bounds access crosses a page boundar...
CVE-2025-2902
Improper Authorization Vulnerability of Maintenance Utility in Hitachi Virtual Storage Platform. This issue affects Hitachi Virtual Storage Platform E390, E590, E790, E990, E1090, E390H, E590H, E790H, E1090H: before DKCMAIN Ver. 93-07-26-xx/00, GUM Ver. 93-07-26/00; Hitachi Virtual Storage Platfo...
CVE-2026-13517 Tenda JD12L WifiBasicSet formWifiBasicSet stack-based overflow
A flaw has been found in Tenda JD12L 16.03.53.23. The impacted element is the function formWifiBasicSet of the file /goform/WifiBasicSet. Executing a manipulation of the argument security5g can lead to stack-based buffer overflow. The attack may be launched remotely. The exploit has been publishe...
EUVD-2026-40014
A flaw has been found in Tenda JD12L 16.03.53.23. The impacted element is the function formWifiBasicSet of the file /goform/WifiBasicSet. Executing a manipulation of the argument security5g can lead to stack-based buffer overflow. The attack may be launched remotely. The exploit has been publishe...
GHSA-W879-237Q-WC7R vulnerabilities
Vulnerabilities for packages: aactl, k9s, tflint, gitlab-kas, neuvector-sigstore-interface, syft, kubescape, kubernetes-dashboard, minio, buildah, podman, eksctl, knative-serving, pulumi-language-dotnet, caddy, flux-kustomize-controller, istio, dagger, k8sgpt, nuclei, rancher-agent,...
MINI-GQRM-PMG6-6V5G
Bulletin has no description...
UBUNTU-CVE-2026-56788
RTKLIB through 2.4.3 contains an out-of-bounds read vulnerability in getcodepri function when processing unrecognized RINEX observation codes, allowing attackers to trigger denial of service. Crafted RINEX files with unknown observation types cause negative array indexing into the codepris table,...
CVE-2026-56111
Marlin Firmware through 2.1.2.7, fixed in commit 1f255d1, when built with MESHBEDLEVELING enabled, contains an out-of-bounds write vulnerability in the M421 G-code handler that allows attackers to corrupt firmware memory by supplying out-of-range X and Y grid indices. Attackers can send a single...
CVE-2026-56111
Marlin Firmware 2.1.2.7 with MESH_BED_LEVELING enabled is affected. The vulnerability is an out-of-bounds write in the M421 G-code handler that allows an attacker-controlled 32-bit float value to be written past the z_values array bounds by providing crafted X/Y grid indices. This can corrupt adj...
CVE-2026-56111 Marlin Firmware 2.1.2.7 Out-of-Bounds Write via M421 G-code Handler
Marlin Firmware through 2.1.2.7, fixed in commit 1f255d1, when built with MESHBEDLEVELING enabled, contains an out-of-bounds write vulnerability in the M421 G-code handler that allows attackers to corrupt firmware memory by supplying out-of-range X and Y grid indices. Attackers can send a single...
MINI-6MGR-V25C-G9MM
Bulletin has no description...
MINI-8G92-52FW-22QP
Bulletin has no description...
CVE-2026-36605
Mercusys AC12G EU V1 router with firmware AC12GEUV1200909 is vulnerable to a HTTP denial of service via a low number of crafted incomplete HTTP requests, causing a persistent crash that requires physical power cycling to recover...