The vulnerability of the Libarchive library in the Windows operating system, allowing a hacker to execute arbitrary code

The vulnerability of the Libarchive library in the Windows operating system is related to insufficient validation of input data. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

OpenJDK: JVM class file verifier flaw allows unverified bytecode execution (8314295)

Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or...

The vulnerability of the System Management Mode (SMM) implementation of AMD microprogramming software allows a hacker to execute arbitrary code.

The vulnerability of the System Management Mode SMM implementation of AMD microprogramming software is related to insufficient verification of input data. Exploiting this vulnerability can allow a remote attacker to execute arbitrary code...

EulerOS 2.0 SP11 : libtiff (EulerOS-SA-2023-2652)

According to the versions of the libtiff package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A NULL pointer dereference flaw was found in Libtiff's LZWDecode function in the libtiff/tiflzw.c file. This flaw allows a local attacker to cra...

CVE-2023-0437 MongoDB client C Driver may infinitely loop when validating certain BSON input data

When calling bsonutf8validate on some inputs a loop with an exit condition that cannot be reached may occur, i.e. an infinite loop. This issue affects All MongoDB C Driver versions prior to versions 1.25.0...

Totolink NR1800X Buffer Overflow Vulnerability

TOTOLINK NR1800X is an outstanding 5G NR indoor Wi-Fi and SIP CPE from China's TOTOLINK. designed to provide fast and easy deployment of NR fixed data services in homes and offices. The Totolink NR1800X version 9.1.0u.6279B20210910 suffers from a buffer overflow vulnerability, which originates fr...

Tenda A18 Buffer Overflow Vulnerability

Tenda A18 is an AC1200 dual-band Wi-Fi repeater from China's Tenda. A buffer overflow vulnerability exists in Tenda A18 version v15.13.07.09, which originates from the devName parameter in the formSetDeviceName function failing to correctly validate the length of the input data, and can be...

TOTOLINK N350RT Buffer Overflow Vulnerability

The TOTOLINK N350RT is a small home router from China's Gion Electronics TOTOLINK. The TOTOLINK N350RT suffers from a buffer overflow vulnerability, which originates from the parameter v33 of the function main in /cgi-bin/cstecgi.cgi?action=login&flag=1 that fails to correctly validate the length...

JFinalCMS 安全漏洞

JFinalCMS is a content management system. A cross-site scripting vulnerability exists in JFinalcms version 5.0.0, which stems from the application's lack of effective filtering and escaping of user-supplied data, and can be exploited by an attacker to run arbitrary code when creating a new custom...

The vulnerability of the icmpping function in the universal monitoring system Zabbix allows a intruder to execute arbitrary code.

The vulnerability of the icmpping function in the Zabbix universal monitoring system is related to errors in processing input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

Tenda i29 sysScheduleRebootSet method buffer overflow vulnerability

The Tenda i29 is a wireless router from the Chinese company Tenda. The Tenda i29 suffers from a buffer overflow vulnerability that originates from the rebootTime parameter of the sysScheduleRebootSet method failing to correctly validate the length of the input data, which can be exploited by a...

Tenda i29 spdtstConfigAndStart method buffer overflow vulnerability

The Tenda i29 is a wireless router from the Chinese company Tenda. The Tenda i29 suffers from a buffer overflow vulnerability that originates from the ip parameter of the spdtstConfigAndStart method failing to properly validate the length and size of the input data, which can be exploited by a...

The vulnerability of 5G MediaTek wireless communication modules, related to insufficient validation of input data, allows attackers to trigger service interruptions.

The vulnerability of 5G wireless communication modules by MediaTek is related to insufficient verification of input data. Exploiting this vulnerability can allow a remote attacker to cause service failures...

The vulnerabilities of HCI (Host Controller Interface) and SCI interfaces, which operate according to the IEC 60870-5-104 standard, and are found in Hitachi Energy RTU500 programmable logic controllers, allow a perpetrator to trigger a service failure.

The vulnerabilities of HCI Host Controller Interface and SCI interfaces, which operate according to the IEC 60870-5-104 standard, in Hitachi Energy RTU500 programmable logic controllers, are related to insufficient verification of input data. Exploiting these vulnerabilities can allow an attacker...

Tenda AX9 /goform/setMacFilterCfg Interface Buffer Overflow Vulnerability

Tenda AX9 is a Wi-Fi 6 router from Tenda China. A buffer overflow vulnerability exists in Tenda AX9 version V22.03.01.46, which is caused by the "deviceList" parameter of /goform/setMacFilterCfg not properly validating the length of the input data. could be exploited by a remote attacker to execu...

The vulnerability of the microprogrammed protection software of the SCHWEitzer Engineering Laboratories SEL-411L phase-change relay arises due to insufficient verification of input data. This vulnerability allows a perpetrator to disclose the protected information.

The vulnerability of the microprogrammed protection software of the Schweitzer Engineering Laboratories SEL-411L phase-change relay exists due to insufficient testing of input data. Exploiting this vulnerability can allow an attacker, operating remotely, to disclose the protected information...

The vulnerability of the microprogrammed protection system for the SEL-451 phase-change relay exists due to insufficient verification of input data. This allows a perpetrator to trigger a malfunction and lock out arbitrary services.

The vulnerability of the microprogrammed protection system for the SEL-451 phase-change relay exists due to insufficient checking of input data. Exploiting this vulnerability can allow an attacker to cause malfunctions and lock out arbitrary services...

The vulnerability of the distributed file system of the Windows operating system, allowing a hacker to execute arbitrary code

The vulnerability of the distributed file system in the Windows operating system is related to insufficient checking of input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

The vulnerability of the Python programming language implementation in the IBM AIX operating system allows a perpetrator to trigger a service failure.

The vulnerability of the Python programming language implementation in the IBM AIX operating system exists due to insufficient testing of input data. Exploiting this vulnerability can allow an attacker to cause service failures...

The vulnerability of the ated_tp microprogramming software for TP-Link TL-WR841N routers allows a hacker to execute arbitrary code.

The vulnerability of TP-Link TL-WR841N router’s atedtp microprogramming system exists due to insufficient verification of input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...