CVE-2022-37067

H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function UpdateWanParamsMulti...

openSUSE 15 Security Update : php8 (SUSE-SU-2026:0071-1)

The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0071-1 advisory. Security fixes: - CVE-2025-14177: getimagesize function may leak uninitialized heap memory into the APPn segments when reading images in multi-chunk...

CVE-2025-13409 Form Vibes – Database Manager for Forms <= 1.4.13 - Authenticated (Admin+) SQL Injection

The Form Vibes – Database Manager for Forms plugin for WordPress is vulnerable to SQL Injection via the 'params' parameter in all versions up to, and including, 1.4.13 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This...

PT-2026-28656

Name of the Vulnerable Software and Affected Versions path-to-regexp versions prior to 0.1.13 Description A flawed regular expression is generated when three or more parameters are present within a single segment, separated by characters other than a period .. For example, /:a-:b-:c or...

CVE-2025-58173

FreshRSS is a self-hosted RSS feed aggregator. In versions 1.23.0 through 1.27.0, using a path traversal inside the language user configuration parameter, it's possible to call install.php and perform various administrative actions as an unprivileged user. These actions include logging in as the...

CVE-2025-58173 FreshRSS vulnerable to authenticated RCE via path traversal inside include()

FreshRSS is a self-hosted RSS feed aggregator. In versions 1.23.0 through 1.27.0, using a path traversal inside the language user configuration parameter, it's possible to call install.php and perform various administrative actions as an unprivileged user. These actions include logging in as the...

CVE-2025-14709

A security vulnerability has been detected in Shiguangwu sgwbox N3 2.0.25. Affected by this issue is some unknown functionality of the file /usr/sbin/httpeshellserver of the component WIRELESSCFGGET Interface. The manipulation of the argument params leads to buffer overflow. Remote exploitation o...

CVE-2025-14708 Shiguangwu sgwbox N3 WIREDCFGGET http_eshell_server buffer overflow

A weakness has been identified in Shiguangwu sgwbox N3 2.0.25. Affected by this vulnerability is an unknown functionality of the file /usr/sbin/httpeshellserver of the component WIREDCFGGET Interface. Executing manipulation of the argument params can lead to buffer overflow. The attack may be...

SGWBox N3 命令注入漏洞

SGWBox N3 is a network storage device from China's Pickup Dock SGWBox. A command injection vulnerability exists in SGWBox N3 version 2.0.25, which stems from incorrect manipulation of the parameter params in the file /usr/sbin/httpeshellserver, which could lead to command injection...

SGWBox N3 命令注入漏洞

SGWBox N3 is a network storage device from China's Pickup Dock SGWBox. A command injection vulnerability exists in SGWBox N3 version 2.0.25, which stems from incorrect manipulation of the parameter params in the file /usr/sbin/httpeshellserver, which could lead to command injection...

SGWBox N3 安全漏洞

SGWBox N3 is a network storage device from China's Pickup Dock SGWBox. A security vulnerability exists in SGWBox N3 version 2.0.25, which stems from incorrect manipulation of the parameter params in the file /usr/sbin/httpeshellserver, which could result in a buffer overflow...

CVE-2025-48618

In processLaunchBrowser of CommandParamsFactory.java, there is a possible browser interaction from the lockscreen due to improper locking. This could lead to physical escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2025-48618

In processLaunchBrowser of CommandParamsFactory.java, there is a possible browser interaction from the lockscreen due to improper locking. This could lead to physical escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-53745

CVE-2023-53745 affects the Linux kernel: a memory-leak in the vector_config path where uml_parse_vector_ifspec returning NULL requires freeing allocated params via kfree to prevent leak. The connected documents consistently describe the same fix in Linux kernel code paths (vector_config) and refe...

AZL-71404 CVE-2025-40264 affecting package kernel for versions less than 6.6.119.3-1

In the Linux kernel, the following vulnerability has been resolved: be2net: pass wrbparams in case of OS2BMC beinsertvlaninpkt is called with the wrbparams argument being NULL at besendpkttobmc call site. This may lead to dereferencing a NULL pointer when processing a workaround for specific...

ASB-A-404254549

In processLaunchBrowser of CommandParamsFactory.java, there is a possible browser interaction from the lockscreen due to improper locking. This could lead to physical escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

rubygem-rack: Rack QueryParser has an unsafe default allowing params_limit bypass via semicolon-separated parameters

An unsafe default behavior in Rack::QueryParser allows bypass of the paramslimit parameter count restriction when query string parameters are delimited by semicolons ; rather than ampersands &. The parser counts only & when enforcing the limit, while still splitting on both & and ;. As a result, ...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-989859)

"The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989859 advisory. In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: Fix memcpy field-spanning write warning in mwifiexconfigscan Replace one-element...

CVE-2025-62419

DataEase is a data visualization and analytics platform. In DataEase versions through 2.10.13, a JDBC URL injection vulnerability exists in the DB2 and MongoDB data source configuration handlers. In the DB2 data source handler, when the extraParams field is empty, the HOSTNAME, PORT, and DATABASE...

Unity Linux 20.1070e Security Update: bluez (UTSA-2025-680605)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-680605 advisory. BlueZ before 5.59 allows physically proximate attackers to obtain sensitive information because profiles/audio/avrcp.c does not validate paramslen. Tenable has...