55 matches found
Giga Messenger WordPress - Cross-Site Scripting
Giga Messenger WordPress plugin = 2.3.1 contains a reflected cross-site scripting caused by lack of sanitization and escaping of a parameter before outputting it in the page, letting attackers execute malicious scripts in the context of high privilege users, exploit requires attacker to craft a...
Malicious code in lobaic-gib-giga (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 768445c5a75505d80e82f45ead562c007e3083a6e9c43e71df29fc1e0cc14cdc This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
EUVD-2025-137666
Malicious code in polymer-giga-agka npm...
EUVD-2014-7586
Malware in sbrugna...
EUVD-2024-51533
Malicious code in bioql PyPI...
EUVD-2025-29104
Malicious code in bioql PyPI...
EUVD-2025-29113
Malicious code in bioql PyPI...
EUVD-2025-27475
Malicious code in bioql PyPI...
EUVD-2025-27501
Malicious code in bioql PyPI...
CVE-2025-10392
A vulnerability was detected in Mercury KM08-708H GiGA WiFi Wave2 1.1.14. This affects an unknown function of the component HTTP Header Handler. The manipulation of the argument Host results in stack-based buffer overflow. The attack can be executed remotely. The exploit is now public and may be...
CVE-2025-10392 Mercury KM08-708H GiGA WiFi Wave2 HTTP Header stack-based overflow
A vulnerability was detected in Mercury KM08-708H GiGA WiFi Wave2 1.1.14. This affects an unknown function of the component HTTP Header Handler. The manipulation of the argument Host results in stack-based buffer overflow. The attack can be executed remotely. The exploit is now public and may be...
CVE-2025-10392
The CVE-2025-10392 entry concerns Mercury KM08-708H GiGA WiFi Wave2 1.1.14. Affects the HTTP Header Handler component, where manipulating the Host argument causes a stack-based buffer overflow. The vulnerability is exploitable remotely, with exploit code publicly available. Documents indicate a C...
CVE-2025-10392 Mercury KM08-708H GiGA WiFi Wave2 HTTP Header stack-based overflow
A vulnerability was detected in Mercury KM08-708H GiGA WiFi Wave2 1.1.14. This affects an unknown function of the component HTTP Header Handler. The manipulation of the argument Host results in stack-based buffer overflow. The attack can be executed remotely. The exploit is now public and may be...
CVE-2025-10385
The CVE-2025-10385 entry concerns Mercury KM08-708H GiGA WiFi Wave2 (version 1.1). Affected code is the function sub_450B2C in /goform/mcr_setSysAdm; manipulating the ChgUserId argument causes a buffer overflow. The issue is exploitable remotely and has public PoC/exploits. Reported impact indica...
CVE-2025-10385 Mercury KM08-708H GiGA WiFi Wave2 mcr_setSysAdm sub_450B2C buffer overflow
A vulnerability has been found in Mercury KM08-708H GiGA WiFi Wave2 1.1. Affected by this issue is the function sub450B2C of the file /goform/mcrsetSysAdm. The manipulation of the argument ChgUserId leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been...
Mercury KM08-708H GiGA WiFi Wave2 安全漏洞
Mercury KM08-708H GiGA WiFi Wave2 is a wireless router from Mercury China. A security vulnerability exists in Mercury KM08-708H GiGA WiFi Wave2 version 1.1, which originates from an incorrect operation of the function sub450B2C in the parameter ChgUserId in the file /goform/mcrsetSysAdm, which...
Mercury KM08-708H GiGA WiFi Wave2 安全漏洞
Mercury KM08-708H GiGA WiFi Wave2 is a wireless router from Mercury China. A security vulnerability exists in Mercury KM08-708H GiGA WiFi Wave2 version 1.1.14, which originates from a stack buffer overflow in the HTTP Header Handler component's operation on the parameter Host, which could lead to...
PT-2025-37395
Name of the Vulnerable Software and Affected Versions: Mercury KM08-708H GiGA WiFi Wave2 version 1.1 Description: A buffer overflow issue exists in the sub 450B2C function of the /goform/mcr setSysAdm file. The vulnerability is triggered by manipulating the ChgUserId argument, allowing for remote...
CVE-2025-54083
Insecure Storage of Sensitive Information vulnerability in Calix GigaCenter ONT Quantenna SoC modules allows admin access to the web interface.This issue affects GigaCenter ONT: 844E, 844G, 844GE, 854GE...
CVE-2025-54084 Calix Gigacenter ONT - Command Injection
OS Command 'OS Command Injection' vulnerability in Calix GigaCenter ONT Quantenna SoC modules allows authenticated attackers with 'super' user credentials to execute arbitrary OS commands through improper input validation, potentially leading to full system compromise.This issue affects GigaCente...