Tenda AC23 安全漏洞

Tenda AC23 is a dual-band gigabit wireless router from Tenda China. A security vulnerability exists in Tenda AC23 version 16.03.07.52, which stems from an incorrect manipulation of the parameter list and could result in a buffer overflow...

EUVD-2021-31336

Malicious code in bioql PyPI...

EUVD-2024-53580

Malicious code in bioql PyPI...

EUVD-2023-38624

Malicious code in bioql PyPI...

EUVD-2023-46053

Malicious code in bioql PyPI...

EUVD-2023-38622

Malicious code in bioql PyPI...

CVE-2025-59772

Cross-site scripting XSS vulnerability reflected in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to execute JavaScript code in the victim's browser by sending them a malicious URL. The relationship between parameter and assigned identifier is 'l, demo, demo2, TNTLOGIN, UO and...

PT-2025-40383

Name of the Vulnerable Software and Affected Versions AndSoft e-TMS version 25.03 Description A cross-site scripting XSS issue exists that allows an attacker to execute JavaScript code in a victim's browser. This is achieved by sending a malicious URL. The vulnerability is reflected in the...

CVE-2025-50974

The Calamaris log exporter CGI /cgi-bin/logs.cgi/calamaris.dat in IPFire 2.29 does not properly sanitize user-supplied input before incorporating parameter values into a shell command. An unauthenticated remote attacker can inject arbitrary OS commands by embedding shell metacharacters in any of...

Linux Distros Unpatched Vulnerability : CVE-2023-39946

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - eprosima Fast DDS is a C++ implementation of the Data Distribution Service standard of the Object Management Group. Prior to versions 2.11.1, 2.10.2, 2.9.2, and...

PT-2025-32465 · Unknown · Litmuschaos

Name of the Vulnerable Software and Affected Versions: LitmusChaos versions prior to 3.19.0 Description: A critical issue exists in LitmusChaos related to improper authorization. The vulnerability stems from the manipulation of the role argument during the processing of the /auth/list projects AP...

CVE-2023-41556

Tenda AC7 V1.0 V15.03.06.44, Tenda AC9 V3.0 V15.03.06.42multi, and Tenda AC5 V1.0RTLV15.03.06.28 were discovered to contain a stack overflow via parameter list at url /goform/SetIpMacBind...

CVE-2025-29100

Tenda AC8 V16.03.34.06 is vulnerable to Buffer Overflow in the fromSetRouteStatic function via the parameter list...

PT-2025-6076 · Unknown · Cool-Admin-Java

Name of the Vulnerable Software and Affected Versions: cool-admin-java version v1.0 Description: A stored cross-site scripting XSS vulnerability in the Parameter List module of cool-admin-java allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the...

CVE-2024-57409

CVE-2024-57409 affects the Cool-Admin-Java project (v1.0) with a vulnerability in the Parameter List module . The issue is a stored XSS that allows an attacker to execute arbitrary web scripts or HTML by injecting a crafted payload into the internet pictures field . Reported details indicate impa...

CVE-2024-57409

A stored cross-site scripting XSS vulnerability in the Parameter List module of cool-admin-java v1.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the internet pictures field...

libsoup: buffer overflow via UTF-8 conversion in soup_header_parse_param_list_strict

A flaw was found in the libsoup library. Decoding specially crafted UTF-8 input data with the soupheaderparseparamliststrict function can cause a heap-based buffer overflow, potentially resulting in code execution and denial of service to applications linked to the library...

libsoup: buffer overflow via UTF-8 conversion in soup_header_parse_param_list_strict

A flaw was found in the libsoup library. Decoding specially crafted UTF-8 input data with the soupheaderparseparamliststrict function can cause a heap-based buffer overflow, potentially resulting in code execution and denial of service to applications linked to the library...

PT-2024-22969 · Sportsnet · Sportsnet

Name of the Vulnerable Software and Affected Versions: SportsNET version 4.0.1 Description: The issue concerns SQL injection vulnerabilities that could allow an attacker to retrieve, update, and delete all information in the database by sending a specially crafted SQL query to the endpoint:...

Vim 安全漏洞

Vim is Vim open source a cross-platform text editor . Vim suffers from a Memory Reference Error vulnerability that stems from a confusion in the instruction responsible for freeing memory in parameter list handling. An attacker can exploit the vulnerability which may result in a program crash,...