CVE-2026-8779

A vulnerability was determined in omec-project amf up to 2.1.3-dev. Impacted is the function NGSetupRequest of the file ngap/handler.go. Executing a manipulation of the argument InformationElement can lead to memory corruption. The attack can be launched remotely. The exploit has been publicly...

PT-2025-53668

Name of the Vulnerable Software and Affected Versions omec-project UPF versions up to 2.1.3-dev Description A flaw exists in omec-project UPF that may allow for remote exploitation. The issue resides in the handleSessionEstablishmentRequest function within the /pfcpiface/pfcpiface/messages...

CVE-2025-12070

The ViaAds plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.1.2. This is due to missing nonce validation on the ViaAdspluginHandler function. This makes it possible for unauthenticated attackers to modify the plugin's API key and cookie...

PT-2025-23436 · Unknown · Mist Community Edition

Name of the Vulnerable Software and Affected Versions: Mist Community Edition versions up to 4.7.1 Description: A critical issue has been found, affecting the create token function of the API Token Handler component. This leads to improper access controls, allowing remote attacks. The issue has...

CVE-2023-6613

A vulnerability classified as problematic has been found in Typecho 1.2.1. Affected is an unknown function of the file /admin/options-theme.php of the component Logo Handler. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclos...

CVE-2022-39847

Use after free vulnerability in setnftpid and signalhandler function of NFC driver prior to SMR Oct-2022 Release 1 allows attackers to perform malicious actions...

CVE-2021-46896

Buffer Overflow vulnerability in PX4-Autopilot allows attackers to cause a denial of service via handler function handling msgid 332...

CVE-2025-2148 PyTorch Tuple torch.ops.profiler._call_end_callbacks_on_jit_fut memory corruption

A vulnerability was found in PyTorch 2.6.0+cu124. It has been declared as critical. Affected by this vulnerability is the function torch.ops.profiler.callendcallbacksonjitfut of the component Tuple Handler. The manipulation of the argument None leads to memory corruption. The attack can be launch...

CVE-2024-8682

CVE-2024-8682 affects JNews theme for WordPress (versions up to and including 11.6.6). The vulnerability allows unauthenticated users to register as site users because register_handler() does not adequately validate if user registration is enabled before creating a user. Impact is unauthorized us...

CVE-2025-25632

Tenda AC15 v15.03.05.19 is vulnerable to Command Injection via the handler function in /goform/telnet...

CVE-2024-42947

An issue in the handler function in /goform/telnet of Tenda FH1201 v1.2.0.14 408 allows attackers to execute arbitrary commands via a crafted HTTP request...

CVE-2024-42978

CVE-2024-42978 affects the Tenda FH1206 router (version v02.03.01.35). The vulnerability lies in the handler function for /goform/telnet, where insufficient input sanitization allows remote attackers to execute arbitrary commands via a crafted HTTP request. CVSS v3.1 base score 9.8 (CRITICAL) wit...

CVE-2024-42978

An issue in the handler function in /goform/telnet of Tenda FH1206 v02.03.01.35 allows attackers to execute arbitrary commands via a crafted HTTP request...

CVE-2023-51091

Tenda M3 V1.0.0.124856 was discovered to contain a stack overflow via the function R7WebsSecurityHandler...

Tenda W30E Handler Function Command Execution Vulnerability

The Tenda W30E is a router from the Chinese company Tenda. A command execution vulnerability exists in Tenda W30E version V16.01.0.124843, which originates from the handler function of /goform/telnet failing to correctly filter construct command special characters, commands, etc. The vulnerabilit...

Buffer overflow

A buffer overflow vulnerability exists in the httpd nextpage functionality of Yifan YF325 v1.020221108. A specially crafted network request can lead to command execution. An attacker can send a network request to trigger this vulnerability.This buffer overflow is in the nextpage parameter in the...

Buffer overflow

Buffer Overflow vulnerability in PX4-Autopilot allows attackers to cause a denial of service via handler function handling msgid 332...

PX4 Drone Autopilot 安全漏洞

PX4 Drone Autopilot is a PX4 Drone Autopilot for Drones open source. A security vulnerability exists in PX4 Drone Autopilot that stems from the presence of a buffer overflow vulnerability that allows an attacker to cause a denial of service via a handler function...

PT-2023-12616 · Unknown · Px4-Autopilot

Name of the Vulnerable Software and Affected Versions: PX4-Autopilot affected versions not specified Description: The issue allows attackers to cause a denial of service via a handler function handling msgid 332. This is related to a Buffer Overflow vulnerability. Recommendations: At the moment,...

CVE-2021-46896

Buffer Overflow vulnerability in PX4-Autopilot allows attackers to cause a denial of service via handler function handling msgid 332...