6334 matches found
CVE-2025-59482
Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 tmpserver modules allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted network packet containing a field whose length exceeds the maximum expected...
CVE-2025-62673
Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 tdpserver modules allows adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted network packet containing a maliciously formed field.This issue affects Archer AX53 v1.0:...
CVE-2025-62405
Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 tmpserver modules allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted network packet containing a field whose length exceeds the maximum expected...
CVE-2025-59487
Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 tmpserver modules allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code. The vulnerability arises from improper validation of a packet field whose offset is used to determine...
Malicious Package
Overview banquet-runtime-modules is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this packa...
CVE-2026-22223
An OS Command Injection vulnerability in TP-Link Archer BE230 v1.2vpn modules allows adjacent authenticated attacker execute arbitrary code. Successful exploitation could allow an attacker to gain full administrative control of the device, resulting in severe compromise of configuration integrity...
CVE-2026-0631
An OS Command Injection vulnerability in TP-Link Archer BE230 v1.2vpn modules allows an adjacent authenticated attacker to execute arbitrary code. Successful exploitation could allow an attacker to gain full administrative control of the device, resulting in severe compromise of configuration...
CVE-2025-62673
Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 tdpserver modules allows adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted network packet containing a maliciously formed field.This issue affects Archer AX53 v1.0:...
CVE-2025-62673
Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 tdpserver modules allows adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted network packet containing a maliciously formed field.This issue affects Archer AX53 v1.0:...
CVE-2025-59487
Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 tmpserver modules allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code. The vulnerability arises from improper validation of a packet field whose offset is used to determine...
CVE-2025-62404
Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 tmpserver modules allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted network packet whose length exceeds the maximum expected value.This issue...
CVE-2025-59482
Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 tmpserver modules allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted network packet containing a field whose length exceeds the maximum expected...
CVE-2025-58077
Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 tmpserver modules allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted set of network packets containing an excessive number of host entries This iss...
CVE-2025-62673
The CVE-2025-62673 issue affects TP-Link Archer AX53 v1.0 through 1.3.1 Build 20241120, with a heap-based buffer overflow in the tdpserver modules that can be triggered by a crafted network packet from a nearby attacker, potentially causing a segmentation fault or arbitrary code execution. The Re...
EUVD-2025-206674
SSH Hostkey misconfiguration vulnerability in TP-Link Archer AX53 v1.0 tmpserver modules allows attackers to obtain device credentials through a specially crafted man‑in‑the‑middle MITM attack. This could enable unauthorized access if captured credentials are reused.This issue affects Archer AX53...
CVE-2025-61983
TP-Link Archer AX53 (v1.0 through 1.3.1 Build 20241120) has a heap-based buffer overflow in the tmpserver modules. An authenticated adjacent attacker can trigger a segmentation fault or potentially execute arbitrary code by sending a crafted network packet containing an excessive number of fields...
CVE-2025-61944
Heap-based Buffer Overflow vulnerability in TP-Link Archer AX53 v1.0 tmpserver modules allows authenticated adjacent attackers to cause a segmentation fault or potentially execute arbitrary code via a specially crafted network packet containing an excessive number of fields with zero‑length...
CVE-2025-59487
TP-Link Archer AX53, v1.0–1.3.1 Build 20241120, contains a heap-based buffer overflow in the tmpserver modules. The root cause is improper validation of a packet field offset used to select the memory write location, allowing authenticated adjacent attackers to trigger segmentation faults or pote...
Compressing Vulnerable to Arbitrary File Write via Symlink Extraction
Arbitrary File Write via Symlink Extraction in github.com/node-modules/compressing Brief Introduction The compressing npm package extracts TAR archives while restoring symbolic links without validating their targets. By embedding symlinks that resolve outside the intended extraction directory, an...
Malicious code in transform-es2015-modules-amd (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 8f874dbbcc1f45c4afb0b3b6eba5bab0a03a8f0f2749b4ad737ce8562bbd1f3b The package transform-es2015-modules-amd was found to contain malicious code. Source: ghsa-malware...