AES-OCB IV Ignored on EVP_Cipher() Path

...

Edimax BR-6675nD 命令注入漏洞

Edimax BR-6675nD is a dual-band broadband wireless router from China Xunzhou Edimax. A command injection vulnerability exists in Edimax BR-6675nD version 1.12, which originates from the operation of the function stainfo on the parameter interface in the file /goform/stainfo, which could lead to...

GHSA-MR3J-P26X-72X4 Vikunja has an IDOR in Task Comments Allows Reading Arbitrary Comments

An authenticated user can read any task comment by ID, regardless of whether they have access to the task the comment belongs to, by substituting the task ID in the API URL with a task they do have access to. Details The GET /api/v1/tasks/taskID/comments/commentID endpoint performs an authorizati...

AnythingLLM 安全漏洞

AnythingLLM is an all-in-one AI application open-sourced by Mintplex. AnythingLLM suffers from a security vulnerability that stems from a suspended user not being blocked on the browser extension API key path in multi-user mode, which can be exploited by an attacker to cause the suspended user to...

Vatilon-based IP Cameras Authentication Bypass / Credential Exposure

Vatilon-based IP camera firmware contains an authentication bypass and plaintext credential exposure vulnerability in the /cgi-bin/web.cgi API. The web interface processes requests containing username and password parameters in plaintext without validating authentication state or session context,...

CVE-2025-41080 Multiple vulnerabilities in Seafile

A stored Cross-Site Scripting XSS vulnerability has been found in Seafile v12.0.10. This vulnerability allows an attacker to execute arbitrary code in the victim's browser by storing malicious payloads with POST parámetro 'p' in '/api/v2.1/repos/repoid/file/'...

D-Link Nuclias Connect 安全漏洞

D-Link Nuclias Connect is a network management software from D-Link for centralized management of wireless access points APs, supporting multi-device remote control and reporting capabilities. A directory traversal vulnerability exists in D-Link Nuclias Connect, which stems from improper cleanup ...

CVE-2025-11288

The CRMEB CVE-2025-11288 issue affects CRMEB versions up to 5.6 (and is described as affecting versions prior to 5.7 by PT-Security) in GET Parameter Handler for /adminapi/product/product. Manipulation of the cate_id argument enables SQL injection with remote exploitation possible and an exploit ...

CVE-2025-10947

A flaw has been found in Sistemas Pleno Gestão de Locação up to 2025.7.x. The impacted element is an unknown function of the file /api/areacliente/pessoa/validarCpf of the component CPF Handler. Executing a manipulation of the argument pescpf can lead to authorization bypass. The attack can be...

TP-Link TL-WR841N 安全漏洞

The TP-LINK TL-WR841N is a wireless router from China P&L TP-LINK. A security vulnerability exists in the TP-LINK TL-WR841N V11 version, which originates from insufficient validation of input parameters in the /userRpm/WlanNetworkRpm.htm file, which could result in a buffer overflow and denial of...

CVE-2025-20320 Denial of Service (DoS) through “User Interface - Views“ configuration page in Splunk Enterprise

In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7 and 9.1.10, and Splunk Cloud Platform versions below 9.3.2411.107, 9.3.2408.117, and 9.2.2406.121, a low-privileged user that does not hold the "admin" or "power" Splunk roles could craft a malicious payload through the User Interface - View...

CVE-2025-48827

vBulletin 5.0.0 through 5.7.5 and 6.0.0 through 6.0.3 allows unauthenticated users to invoke protected API controllers' methods when running on PHP 8.1 or later, as demonstrated by the /api.php?method=protectedMethod pattern, as exploited in the wild in May 2025...

CVE-2024-36442

cgi-bin/fdmcgiwebv2.cgi on Swissphone DiCal-RED 4009 devices allows an authenticated attacker to gain access to arbitrary files on the device's file system...

TOTOLINK N300RH 注入漏洞

TOTOLINK N300RH is a long range wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK N300RH suffers from a command injection vulnerability that stems from the parameter FileName in the file /cgi-bin/cstecgi.cgi failing to properly filter constructed command special characters,...

Movistar 4G router OS Command Injection Vulnerability

Movistar 4G router is a series of routers from Movistar Spain. The Movistar 4G router ESWLD71-T1v2.0.201820 firmware version has an operating system command injection vulnerability that originates from allowing authenticated users to execute commands within the router by sending a POST request to...

TOTOLINK N200RE command parameter buffer overflow vulnerability

The TOTOLINK N200RE is a wireless router for the SOHO market. The TOTOLINK N200RE suffers from a buffer overflow vulnerability that originates from a stack-based buffer overflow in the command parameter of the setDiagnosisCfg function of /cgi-bin/cstecgi.cgi. No detailed vulnerability details are...

CVE-2022-41518

TOTOLINK NR1800X V9.1.0u.6279B20210910 was discovered to contain a command injection vulnerability via the UploadFirmwareFile function at /cgi-bin/cstecgi.cgi...

RabbitMQ: /api/... XSS vulnerability

A cross-site scripting vulnerability was discovered in RabbitMQ, which allowed using api/ path info to inject and receive data. A remote attacker could use this flaw to create an "/api/..." URL, forcing a server error that resulted in the server returning an HTML page with embedded text from the...