6 matches found
CVE-2025-8978
A vulnerability was determined in D-Link DIR-619L 6.02CN02. Affected is the function FirmwareUpgrade of the component boa. The manipulation leads to insufficient verification of data authenticity. It is possible to launch the attack remotely. The complexity of an attack is rather high. The...
CVE-2025-6371 D-Link DIR-619L formSetEnableWizard stack-based overflow
A vulnerability, which was classified as critical, has been found in D-Link DIR-619L 2.06B01. Affected by this issue is the function formSetEnableWizard of the file /goform/formSetEnableWizard. The manipulation of the argument curTime leads to stack-based buffer overflow. The attack may be launch...
CVE-2024-39162
pyspider through 0.3.10 allows /update XSS. NOTE: This vulnerability only affects products that are no longer supported by the maintainer...
CVE-2023-49210
The openssl aka node-openssl NPM package through 2.0.0 was characterized as "a nonsense wrapper with no real purpose" by its author, and accepts an opts argument that contains a verb field used for command execution. NOTE: This vulnerability only affects products that are no longer supported by t...
PayloadsAllTheThings
It is an offensive tool for general-purpose payloads. The repository contains a collection of payloads, but no specific exploit or vulnerability is identified. However, the presence of a funding.yml file suggests that the repository may be used to support the work of the maintainer, swisskyrepo...
Integer overflow
An issue was discovered in ReadyTalk Avian 1.2.0. The vm::arrayCopy method defined in classpath-common.h contains multiple boundary checks that are performed to prevent out-of-bounds memory read/write. However, two of these boundary checks contain an integer overflow that leads to a bypass of the...