RuvarOA sys_file_storage_id Parameter SQL Injection Vulnerability

RuvarOA is an office automation system of Ruvar China. A SQL injection vulnerability exists in RuvarOA v6.01 and v12.01, which originates from the lack of validation of the sysfilestorageid parameter of the /WorkFlow/wffiledownload.aspx file against externally entered SQL statements. An attacker...

CVE-2023-41194

D-Link DAP-1325 HNAP SetAPLanSettings SubnetMask Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this vulnerability...

CVE-2023-41191

D-Link DAP-1325 HNAP SetAPLanSettings Mode Command Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this vulnerability. The...

HTTP Parameter Tampering

github.com/navidrome/navidrome is vulnerable to HTTP Parameter Tampering. The vulnerability is due to improper parameter validation within HTTP requests. An attacker can impersonate other users and perform unauthorized actions such as creating playlists, adding songs, posting comments, and changi...

CAS <= 1.0.0 - Unauthenticated SSRF

Description The plugin does not validate a parameter before making a request to it, which could allow unauthenticated users to perform SSRF attack PoC https://example.com/wp-content/themes/cas/download.php?path=http://127.0.0.1:8080...

Tenda AX1803 Buffer Overflow Vulnerability

Tenda AX1803 is a dual-band Gigabit WIFI6 router from Tenda China. The Tenda AX1803 version 1.0.0.1 suffers from a buffer overflow vulnerability that originates from the parameter serverName/ddnsUser/ddnsPwd/ddnsDomain failing to correctly validate the length and size of the input data, which can...

SUSE CVE-2024-26922

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: validate the parameters of bo mapping operations more clearly Verify the parameters of amdgpuvmbomap/replacemap/clearingmappings in one common place...

CVE-2024-26922

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: validate the parameters of bo mapping operations more clearly Verify the parameters of amdgpuvmbomap/replacemap/clearingmappings in one common place...

DEBIAN-CVE-2024-26922

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: validate the parameters of bo mapping operations more clearly Verify the parameters of amdgpuvmbomap/replacemap/clearingmappings in one common place...

CVE-2024-26922

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: validate the parameters of bo mapping operations more clearly Verify the parameters of amdgpuvmbomap/replacemap/clearingmappings in one common place...

UBUNTU-CVE-2024-26922

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: validate the parameters of bo mapping operations more clearly Verify the parameters of amdgpuvmbomap/replacemap/clearingmappings in one common place...

CVE-2024-26922 drm/amdgpu: validate the parameters of bo mapping operations more clearly

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: validate the parameters of bo mapping operations more clearly Verify the parameters of amdgpuvmbomap/replacemap/clearingmappings in one common place...

CVE-2024-26922 drm/amdgpu: validate the parameters of bo mapping operations more clearly

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: validate the parameters of bo mapping operations more clearly Verify the parameters of amdgpuvmbomap/replacemap/clearingmappings in one common place...

Tenda FH1202 formWanParameterSetting Method Buffer Overflow Vulnerability

Tenda FH1202 is a dual-band wireless router from Tenda that supports 2.4GHz and 5GHz bands with a total transmission rate of 1200Mbps. The Tenda FH1202 suffers from a buffer overflow vulnerability that originates from the adslPwd parameter of the formWanParameterSetting method failing to correctl...

Tenda W30E 安全漏洞

Tenda W30E is an enterprise-grade wireless router designed for SOHO, small and micro business offices and small store networking, supporting Wi-Fi 6 technology. The Tenda W30E suffers from a buffer overflow vulnerability that stems from the page parameter of the fromwebExcptypemanFilter method...

CVE-2023-52364

Vulnerability of input parameters being not strictly verified in the RSMC module. Impact: Successful exploitation of this vulnerability may cause out-of-bounds write...

Tenda FH1205 formWifiBasicSet method security parameter buffer overflow vulnerability

The Tenda FH1205 is a dual-band wireless router for home users that supports the IEEE 802.11ac standard for wireless rates up to 1200Mbps, and operates in both 2.4GHz and 5GHz bands. The Tenda FH1205 suffers from a buffer overflow vulnerability that originates from the security parameter of the...

CVE-2024-29947

There is a NULL dereference pointer vulnerability in some Hikvision NVRs. Due to an insufficient validation of a parameter in a message, an attacker may send specially crafted messages to an affected product, causing a process abnormality...

Hikvision DS-7604NI-K1 安全漏洞

Hikvision DS-7604NI-K1 is a network video recorder from Hikvision China. A security vulnerability exists in Hikvision DS-7604NI-K1 V4.30.096 build221220 and earlier versions, which stems from insufficient validation of parameters in messages, and can be exploited by an attacker to send a speciall...

Cisco IOS XR Security Vulnerability

Cisco IOS XR is a set of operating systems developed by Cisco for its network devices. A security vulnerability exists in Cisco IOS XR that stems from insufficient validation of parameters contained in SSH client CLI commands, which could allow an authenticated, local attacker to elevate root...