365 matches found
EUVD-2025-28597
Malicious code in bioql PyPI...
EUVD-2025-13616
Malicious code in bioql PyPI...
EUVD-2025-28379
Malicious code in bioql PyPI...
EUVD-2022-43431
Malicious code in bioql PyPI...
EUVD-2023-33337
Malicious code in bioql PyPI...
EUVD-2023-41065
Malicious code in bioql PyPI...
CVE-2025-10123
A vulnerability was determined in D-Link DIR-823X up to 250416. Affected by this vulnerability is the function sub415028 of the file /goform/setstaticleases. Executing manipulation of the argument Hostname can lead to command injection. The attack can be launched remotely. The exploit has been...
PT-2025-36565
Name of the Vulnerable Software and Affected Versions: D-Link DIR-823X versions up to 250416 Description: A vulnerability exists in D-Link DIR-823X routers that allows for remote command injection. The vulnerability is located in the sub 415028 function of the /goform/set static leases file...
CVE-2025-50976
IPFire 2.29 DNS management interface dns.cgi fails to properly sanitize user-supplied input in the NAMESERVER, REMARK, and TLSHOSTNAME query parameters, resulting in a reflected cross-site scripting XSS vulnerability...
CVE-2025-9603
A vulnerability was determined in Telesquare TLR-2005KSH 1.2.4. The affected element is an unknown function of the file /cgi-bin/internet.cgi?Command=lanCfg. Executing manipulation of the argument Hostname can lead to command injection. The attack may be performed from a remote location. The...
CVE-2025-9603 Telesquare TLR-2005KSH internet.cgi command injection
A vulnerability was determined in Telesquare TLR-2005KSH 1.2.4. The affected element is an unknown function of the file /cgi-bin/internet.cgi?Command=lanCfg. Executing manipulation of the argument Hostname can lead to command injection. The attack may be performed from a remote location. The...
Telesquare TLR-2005Ksh 安全漏洞
The Telesquare TLR-2005Ksh is a wireless router from the South Korean company Telesquare. A security vulnerability exists in Telesquare TLR-2005Ksh version 1.2.4, which originates from a command injection attack due to misuse of the parameter Hostname in the file /cgi-bin/internet.cgi...
CVE-2025-50976
IPFire 2.29 DNS management interface dns.cgi fails to properly sanitize user-supplied input in the NAMESERVER, REMARK, and TLSHOSTNAME query parameters, resulting in a reflected cross-site scripting XSS vulnerability...
CVE-2025-50976
IPFire 2.29 DNS management interface dns.cgi fails to properly sanitize user-supplied input in the NAMESERVER, REMARK, and TLSHOSTNAME query parameters, resulting in a reflected cross-site scripting XSS vulnerability...
PT-2025-34800 · Ipfire · Ipfire
Name of the Vulnerable Software and Affected Versions: IPFire version 2.29 Description: The DNS management interface dns.cgi in IPFire fails to properly sanitize user-supplied input in the NAMESERVER, REMARK, and TLS HOSTNAME query parameters. This results in a reflected cross-site scripting XSS...
CVE-2025-50976
IPFire 2.29 DNS management interface (dns.cgi) is affected by a reflected XSS due to insufficient sanitization of user input in the NAMESERVER, REMARK, and TLS_HOSTNAME query parameters. The root cause is improper input handling in dns.cgi, enabling reflected XSS payloads. Documented impact is li...
TOTOLINK A3002R hostname parameter buffer overflow vulnerability
The TOTOLINK A3002R is a wireless router manufactured by China's Gion Electronics TOTOLINK, whose main function is to provide wireless network connectivity for home or small office environments. The TOTOLINK A3002R suffers from a buffer overflow vulnerability that originates in the hostname...
CVE-2025-55587
TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow in the hostname parameter at /boafrm/formMapDelDevice. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input...
CVE-2025-55587
TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow in the hostname parameter at /boafrm/formMapDelDevice. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input...
CVE-2025-55587
TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow in the hostname parameter at /boafrm/formMapDelDevice. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input...