365 matches found
EUVD-2022-39194
Malicious code in bioql PyPI...
EUVD-2025-28597
Malicious code in bioql PyPI...
EUVD-2025-13616
Malicious code in bioql PyPI...
EUVD-2025-28379
Malicious code in bioql PyPI...
EUVD-2022-43431
Malicious code in bioql PyPI...
EUVD-2023-33337
Malicious code in bioql PyPI...
CVE-2025-10123
A vulnerability was determined in D-Link DIR-823X up to 250416. Affected by this vulnerability is the function sub415028 of the file /goform/setstaticleases. Executing manipulation of the argument Hostname can lead to command injection. The attack can be launched remotely. The exploit has been...
PT-2025-36565
Name of the Vulnerable Software and Affected Versions: D-Link DIR-823X versions up to 250416 Description: A vulnerability exists in D-Link DIR-823X routers that allows for remote command injection. The vulnerability is located in the sub 415028 function of the /goform/set static leases file...
CVE-2025-50976
IPFire 2.29 DNS management interface dns.cgi fails to properly sanitize user-supplied input in the NAMESERVER, REMARK, and TLSHOSTNAME query parameters, resulting in a reflected cross-site scripting XSS vulnerability...
CVE-2025-9603
A vulnerability was determined in Telesquare TLR-2005KSH 1.2.4. The affected element is an unknown function of the file /cgi-bin/internet.cgi?Command=lanCfg. Executing manipulation of the argument Hostname can lead to command injection. The attack may be performed from a remote location. The...
CVE-2025-9603 Telesquare TLR-2005KSH internet.cgi command injection
A vulnerability was determined in Telesquare TLR-2005KSH 1.2.4. The affected element is an unknown function of the file /cgi-bin/internet.cgi?Command=lanCfg. Executing manipulation of the argument Hostname can lead to command injection. The attack may be performed from a remote location. The...
Telesquare TLR-2005Ksh 安全漏洞
The Telesquare TLR-2005Ksh is a wireless router from the South Korean company Telesquare. A security vulnerability exists in Telesquare TLR-2005Ksh version 1.2.4, which originates from a command injection attack due to misuse of the parameter Hostname in the file /cgi-bin/internet.cgi...
CVE-2025-50976
IPFire 2.29 DNS management interface dns.cgi fails to properly sanitize user-supplied input in the NAMESERVER, REMARK, and TLSHOSTNAME query parameters, resulting in a reflected cross-site scripting XSS vulnerability...
CVE-2025-50976
IPFire 2.29 DNS management interface dns.cgi fails to properly sanitize user-supplied input in the NAMESERVER, REMARK, and TLSHOSTNAME query parameters, resulting in a reflected cross-site scripting XSS vulnerability...
CVE-2025-50976
IPFire 2.29 DNS management interface (dns.cgi) is affected by a reflected XSS due to insufficient sanitization of user input in the NAMESERVER, REMARK, and TLS_HOSTNAME query parameters. The root cause is improper input handling in dns.cgi, enabling reflected XSS payloads. Documented impact is li...
PT-2025-34800 · Ipfire · Ipfire
Name of the Vulnerable Software and Affected Versions: IPFire version 2.29 Description: The DNS management interface dns.cgi in IPFire fails to properly sanitize user-supplied input in the NAMESERVER, REMARK, and TLS HOSTNAME query parameters. This results in a reflected cross-site scripting XSS...
TOTOLINK A3002R hostname parameter buffer overflow vulnerability
The TOTOLINK A3002R is a wireless router manufactured by China's Gion Electronics TOTOLINK, whose main function is to provide wireless network connectivity for home or small office environments. The TOTOLINK A3002R suffers from a buffer overflow vulnerability that originates in the hostname...
CVE-2025-55587
TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow in the hostname parameter at /boafrm/formMapDelDevice. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input...
CVE-2025-55587
TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow in the hostname parameter at /boafrm/formMapDelDevice. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input...
CVE-2025-55587
TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow in the hostname parameter at /boafrm/formMapDelDevice. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted input...