8 matches found
PT-2026-20815
Comodo Dome Firewall 2.7.0 contains a reflected cross-site scripting vulnerability that allows attackers to inject malicious scripts by submitting unsanitized input through the NTP SERVER LIST parameter. Attackers can send POST requests to the /korugan/time endpoint with script payloads in the NT...
CVE-2026-2000
CVE-2026-2000 affects DCN DCME-320 Web Management Backend. The vulnerability is in apply_config() handling of the ip_list argument in /function/system/basic/bridge_cfg.php, where manipulation leads to command injection. It is remotely exploitable and exploits have been published. Public reports (...
Tenda AC21 安全漏洞
Tenda AC21 is a dual-band Gigabit wireless router launched by Tenda Technology, designed for home high-speed Internet needs, supporting 802.11acwave2 technology, dual-band concurrent rate up to 2033Mbps, of which the 5GHz band rate up to 1733Mbps, to meet the high-bandwidth applications, such as ...
GHSA-WQ2G-R956-J8CC pg8000 SQL injection vulnerability via a specially crafted Python list input
SQL injection vulnerability in tlocke pg8000 1.31.4 allows remote attackers to execute arbitrary SQL commands via a specially crafted Python list input to function pg8000.native.literal...
pg8000 安全漏洞
pg8000 is a PostgreSQL database driver by tlocke individual developers. A security vulnerability exists in pg8000 version 1.31.4, which stems from not properly handling Python list input and could lead to an SQL injection attack...
CVE-2025-61385
SQL injection vulnerability in tlocke pg8000 1.31.4 allows remote attackers to execute arbitrary SQL commands via a specially crafted Python list input to function pg8000.native.literal...
OpenSSL Fixes Multiple New Security Flaws with Latest Update
The OpenSSL Project has released fixes to address several security flaws, including a high-severity bug in the open source encryption toolkit that could potentially expose users to malicious attacks. Tracked as CVE-2023-0286, the issue relates to a case of type confusion that may permit an...
libXi: Sign extension issues resulting in heap-based buffer overflow
A buffer overflow flaw was found in the way the XListInputDevices function of X.Org X11's libXi runtime library handled signed numbers. A malicious X11 server could possibly use this flaw to execute arbitrary code with the privileges of the user running an X11 client...