21103 matches found
PT-2026-41721
Name of the Vulnerable Software and Affected Versions lwIP versions prior to 2.2.2 Description A stack-based buffer overflow exists in the snmpv3 USM Handler component. A remote attacker can trigger this issue by manipulating the msgAuthenticationParameters argument within the snmp parse inbound...
amf 缓冲区错误漏洞
AMF is an open-source library under the Apache License, developed by Free5GC. Versions of AMF such as 2.1.3-dev and earlier contain a buffer error vulnerability. This vulnerability stems from unknown functions in the ngap/dispatcher.go file within the NGAP Message Handler component, which can lea...
Edimax BR-6428nS 缓冲区错误漏洞
The Edimax BR-6428nS is a wireless router produced by Edimax Corporation. The Edimax BR-6428NS v41.10 version has a buffer overflow vulnerability. This vulnerability stems from the function formPPTPSetup in the POST Request Handler component, which handles the parameter pptpUserName and results i...
amf 安全漏洞
AMF is an open-source library under the Apache License, developed by Free5GC. Versions of AMF such as 2.1.3-dev and earlier contain security vulnerabilities. These vulnerabilities stem from unknown functions in the NGAP Message Handler component, specifically in the file ngap/handler.go, which...
litemall 注入漏洞
Litemall is a small shopping system developed by Linlinjava’s individual developers. Versions of Litemall 1.8.0 and earlier had a injection vulnerability. This vulnerability stemmed from the function backup/load in the Database Setting Handler component’s file...
Edimax BR-6428nS 注入漏洞
The Edimax BR-6428nS is a wireless router produced by Edimax Corporation. The Edimax BR-6428NS v41.10 version has a vulnerability known as “injection flaw.” This flaw arises from the function formStaDrvSetup in the POST Request Handler component, which processes the parameter stadrvssid. This...
PT-2026-41633
A flaw has been found in projectworlds hospital-management-system-in-php 1.0. Affected by this vulnerability is the function getAllPatientDetail of the file update info.php of the component GET Parameter Handler. Executing a manipulation of the argument appointment no can lead to sql injection. T...
Edimax BR-6228NC 注入漏洞
The Edimax BR-6228NC is a wireless broadband router produced by Edimax Corporation. Version 1.22 of the Edimax BR-6228NC has a vulnerability known as “injection flaw.” This flaw arises from the function mp in the POST Request Handler component, which processes the command parameter. The improper...
Projectworlds Hospital Management System 注入漏洞
Projectworlds Hospital Management System is a hospital management system developed by the Austrian company Projectworlds. Version 1.0 of the Projectworlds Hospital Management System has a SQL injection vulnerability. This vulnerability arises from the function getAllPatientDetail in the GET...
CVE-2026-8769
A vulnerability was determined in vercel ai up to 3.0.97. The impacted element is the function createJsonResponseHandler/createJsonErrorResponseHandler of the file packages/provider-utils/src/response-handler.ts of the component provider-utils. This manipulation causes resource consumption. The...
CVE-2026-8769 vercel ai provider-utils response-handler.ts createJsonErrorResponseHandler resource consumption
A vulnerability was determined in vercel ai up to 3.0.97. The impacted element is the function createJsonResponseHandler/createJsonErrorResponseHandler of the file packages/provider-utils/src/response-handler.ts of the component provider-utils. This manipulation causes resource consumption. The...
CVE-2026-8769 vercel ai provider-utils response-handler.ts createJsonErrorResponseHandler resource consumption
A vulnerability was determined in vercel ai up to 3.0.97. The impacted element is the function createJsonResponseHandler/createJsonErrorResponseHandler of the file packages/provider-utils/src/response-handler.ts of the component provider-utils. This manipulation causes resource consumption. The...
CVE-2026-8769
A vulnerability was determined in vercel ai up to 3.0.97. The impacted element is the function createJsonResponseHandler/createJsonErrorResponseHandler of the file packages/provider-utils/src/response-handler.ts of the component provider-utils. This manipulation causes resource consumption. The...
CVE-2026-8766
A flaw has been found in Kilo-Org kilocode up to 7.0.47. This issue affects the function Load of the file packages/opencode/src/config/config.ts of the component Environment Variable Handler. Executing a manipulation of the argument KILOCONFIGCONTENT can lead to information disclosure. It is...
CVE-2026-8766 Kilo-Org kilocode Environment Variable config.ts load information disclosure
A flaw has been found in Kilo-Org kilocode up to 7.0.47. This issue affects the function Load of the file packages/opencode/src/config/config.ts of the component Environment Variable Handler. Executing a manipulation of the argument KILOCONFIGCONTENT can lead to information disclosure. It is...
CVE-2026-8766 Kilo-Org kilocode Environment Variable config.ts load information disclosure
A flaw has been found in Kilo-Org kilocode up to 7.0.47. This issue affects the function Load of the file packages/opencode/src/config/config.ts of the component Environment Variable Handler. Executing a manipulation of the argument KILOCONFIGCONTENT can lead to information disclosure. It is...
CVE-2026-8766
CVE-2026-8766 affects Kilo-Org kilocode
GHSA-F63H-WC26-PMVC AstrBot: File upload vulnerability in the function post_file of the file astrbot/dashboard/routes/chat.py
A vulnerability was detected in AstrBotDevs AstrBot up to 4.23.5. Impacted is the function postfile of the file astrbot/dashboard/routes/chat.py of the component File Upload Handler. The manipulation of the argument filename results in path traversal. It is possible to launch the attack remotely...
AstrBot: File upload vulnerability in the function post_file of the file astrbot/dashboard/routes/chat.py
A vulnerability was detected in AstrBotDevs AstrBot up to 4.23.5. Impacted is the function postfile of the file astrbot/dashboard/routes/chat.py of the component File Upload Handler. The manipulation of the argument filename results in path traversal. It is possible to launch the attack remotely...
CVE-2026-8757
A vulnerability was found in adenhq hive up to 0.11.0. This affects the function readeventstail of the file core/framework/server/routessessions.py of the component Delete Request Handler. Performing a manipulation results in path traversal. The attack may be initiated remotely. The exploit has...