EUVD-2026-18426

A heap-based buffer overflow vulnerability was identified in TP-Link Tapo C520WS v2.6 in the HTTP POST body parsing logic due to missing validation of remaining buffer capacity after dynamic allocation, due to insufficient boundary validation when handling externally supplied HTTP input. An...

kernel: wifi: cfg80211: fix use-after-free in cmp_bss()

A use after free vulnerbility exists in the linux kernel wifi module in the cmpbss function,an attacker could create a crafted payload to trigger, leading to damage availability and integrity of the system...

CVE-2024-46624

An issue in InfoDom Performa 365 v4.0.1 allows authenticated attackers to elevate their privileges to Administrator via a crafted payload sent to /api/users...

CVE-2024-0226 Stored Cross-Site Scripting in Synopsys Seeker

Synopsys Seeker versions prior to 2023.12.0 are vulnerable to a stored cross-site scripting vulnerability through a specially crafted payload...

CVE-2023-27017

Tenda AC10 USAC10V4.0siV16.03.10.13cn was discovered to contain a stack overflow via the sub45DC58 function. This vulnerability allows attackers to cause a Denial of Service DoS or execute arbitrary code via a crafted payload...

CVE-2022-45436

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Artica PFMS Pandora FMS v765 on all platforms, allows Cross-Site Scripting XSS. As a manager privilege user , create a network map containing name as xss payload. Once created, admin user must clic...

CVE-2013-0331

Jenkins before 1.502 and LTS before 1.480.3 allows remote authenticated users with write access to cause a denial of service via a crafted payload...