CVE-2026-7069 D-Link DIR-825 miniupnpd upnpsoap.c AddPortMapping buffer overflow

A security flaw has been discovered in D-Link DIR-825 up to 3.00b32. This impacts the function AddPortMapping of the file upnpsoap.c of the component miniupnpd. Performing a manipulation of the argument NewPortMappingDescription results in buffer overflow. The attack needs to be approached within...

CVE-2026-7069

CVE-2026-7069 affects D-Link DIR-825 (up to firmware 3.00b32) via the miniupnpd file and its AddPortMapping function in upnpsoap.c. A buffer overflow is triggered by manipulating the NewPortMappingDescription argument, with the attack executable over the local network. Public exploit activity is ...

CVE-2026-7069 D-Link DIR-825 miniupnpd upnpsoap.c AddPortMapping buffer overflow

A security flaw has been discovered in D-Link DIR-825 up to 3.00b32. This impacts the function AddPortMapping of the file upnpsoap.c of the component miniupnpd. Performing a manipulation of the argument NewPortMappingDescription results in buffer overflow. The attack needs to be approached within...

D-Link DIR-825 缓冲区错误漏洞

The D-Link DIR-825 is a router produced by D-Link Corporation. Versions of the D-Link DIR-825 prior to 3.00b32 contained a buffer error vulnerability. This vulnerability stemmed from the AddPortMapping function in the upnpsoap.c file of the miniupnpd component, where the operation on the paramete...

Toonflow 代码问题漏洞

Toonflow is an AI short story production platform developed by HBAI-Ltd. Versions of Toonflow prior to 1.1.1 contained code vulnerabilities. These vulnerabilities stemmed from improper handling of parameters Link in the fetch function of the src/routes/setting/vendorConfig/getCodeByLink.ts file i...

python3.11 security update

3.11.13-5.3.0.1 - Remove upstream URL reference Orabug: 36073032 3.11.13-5.3 - Security fixes for CVE-2026-4786, CVE-2026-6100 Resolves: RHEL-167913, RHEL-168155...

D-Link DIR-822 注入漏洞

The D-Link DIR-822 is a wireless router produced by D-Link Corporation. The D-Link DIR-822 A101 version has a vulnerability related to command injection. This vulnerability stems from the handling of the parameter “Hostname” in the system function of the udhcpd DHCP service, located in the...

UERANSIM 安全漏洞

UERANSIM is an open-source advanced 5G UE and RAN gNodeB simulator developed by Ali Güngör of Turkey. Versions of UERANSIM 3.2.7 and earlier contained security vulnerabilities. These vulnerabilities stemmed from improper handling of the parameter pdulength in the Radio Link Simulation Layer...

CVE-2026-30346

An open redirect in the /api/google/authorize endpoint of hunvreus DevPush v0.3.2 allows attackers to redirect users to malicious sites via supplying a crafted URL...

PT-2026-35644

A vulnerability was found in D-Link DI-8100 16.07.26A1. This affects the function tgfile htm of the file tgfile.htm of the component CGI Endpoint. The manipulation of the argument fn results in buffer overflow. The attack can be executed remotely. The exploit has been made public and could be use...

EUVD-2026-25739

A vulnerability was identified in D-Link DIR-825 3.00b32. This affects the function NMBDprocess of the file sserver.c of the component nmbd. Such manipulation leads to buffer overflow. The attack can only be initiated within the local network. The exploit is publicly available and might be used...

CVE-2026-7068 D-Link DIR-825 nmbd sserver.c NMBD_process buffer overflow

A vulnerability was identified in D-Link DIR-825 3.00b32. This affects the function NMBDprocess of the file sserver.c of the component nmbd. Such manipulation leads to buffer overflow. The attack can only be initiated within the local network. The exploit is publicly available and might be used...

CVE-2026-7068

A vulnerability was identified in D-Link DIR-825 3.00b32. This affects the function NMBDprocess of the file sserver.c of the component nmbd. Such manipulation leads to buffer overflow. The attack can only be initiated within the local network. The exploit is publicly available and might be used...

CVE-2026-7068

CVE-2026-7068 affects D-Link DIR-825 (firmware 3.00b32) in the nmbd component, specifically NMBD_process in sserver.c, causing a buffer overflow. Impacted action is local-network based, with confidentiality/integrity/availability rated high by CVSS data; exploit maturity noted as PROOF-OF-CONCEPT...

CVE-2026-7067 D-Link DIR-822 udhcpd DHCP Service dhcpd.c system command injection

A vulnerability was determined in D-Link DIR-822 A101. The impacted element is the function system of the file /udhcpcd/dhcpd.c of the component udhcpd DHCP Service. This manipulation of the argument Hostname causes command injection. The attack can be initiated remotely. The exploit has been...

EUVD-2026-25737

A vulnerability was determined in D-Link DIR-822 A101. The impacted element is the function system of the file /udhcpcd/dhcpd.c of the component udhcpd DHCP Service. This manipulation of the argument Hostname causes command injection. The attack can be initiated remotely. The exploit has been...

CVE-2026-7067 D-Link DIR-822 udhcpd DHCP Service dhcpd.c system command injection

A vulnerability was determined in D-Link DIR-822 A101. The impacted element is the function system of the file /udhcpcd/dhcpd.c of the component udhcpd DHCP Service. This manipulation of the argument Hostname causes command injection. The attack can be initiated remotely. The exploit has been...

CVE-2026-7067

CVE-2026-7067 refers to a command injection in D-Link DIR-822 A_101’s udhcpd DHCP Service (file /udhcpcd/dhcpd.c, function system). The vulnerability stems from manipulating the Hostname argument, enabling remote code execution. Exploitation is possible over the network, with a publicly disclosed...

CVE-2026-7067

A vulnerability was determined in D-Link DIR-822 A101. The impacted element is the function system of the file /udhcpcd/dhcpd.c of the component udhcpd DHCP Service. This manipulation of the argument Hostname causes command injection. The attack can be initiated remotely. The exploit has been...

dbtr (>=0.3.0 <=0.3.6), dbtr-lt (=0.3.5) +1 more potentially affected by unknown CVE via elementary-data (>=0.15.1 <=0.24.0)

elementary-data PYPI version =0.15.1, =0.3.0, =0.1.2, =0.1.4 Source cves: unknown CVE Source advisory: SNYK:PYTHON-ELEMENTARYDATA-16316110...