Design/Logic Flaw

Transient DOS due to reachable assertion in modem while processing sib with incorrect values from network...

Sql injection

SQL Injection in HandlerPageKID.ashx in Delta Electronics DIAEnergie versions prior to v1.9.02.001 allows an attacker to inject SQL queries via Network...

CVE-2022-43452

Delta Electronics DIAEnerg ie vulnerable to SQL injection in FtyInfoSetting.aspx for DIAEnergie before v1.9.02.001. The issue arises from improper handling of input in the web app, enabling an attacker with network access and low privileges to inject arbitrary SQL queries, potentially compromisin...

Command injection

A Remote Command Execution RCE vulnerability exists in all series H/W revisions D-link DIR-810L, DIR-820L/LW, DIR-826L, DIR-830L, and DIR-836L routers via the DDNS function in ncc2 binary file. Note: DIR-810L, DIR-820L, DIR-830L, DIR-826L, DIR-836L, all hardware revisions, have reached their End ...

Code injection

Cisco IOS XE before 2.2.3 on ASR 1000 devices allows remote attackers to cause a denial of service Embedded Services Processor crash via a crafted 1 IPv4 or 2 IPv6 packet, aka Bug ID CSCsw69990...

Stack overflow

Stack-based buffer overflow in Rosoft Media Player 4.1.7, 4.1.8, and possibly earlier versions allows remote attackers to execute arbitrary code or cause a denial of service application crash via a long string in a .M3U file. NOTE: some of these details are obtained from third party information...