54 matches found
CVE-2025-50664
A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of parameters in the /usergroup.asp endpoint. The attacker can exploit this vulnerability by sending a crafted HTTP GET request with parameters name, mem, pri, and attr...
EUVD-2025-209351
A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of parameters in the /usergroup.asp endpoint. The attacker can exploit this vulnerability by sending a crafted HTTP GET request with parameters name, mem, pri, and attr...
PT-2026-31387
A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of parameters in the /user group.asp endpoint. The attacker can exploit this vulnerability by sending a crafted HTTP GET request with parameters name, mem, pri, and attr...
CVE-2026-5178 Totolink A3300R cstecgi.cgi setIptvCfg command injection
A security vulnerability has been detected in Totolink A3300R 17.0.0cu.557b20221024. Affected by this issue is the function setIptvCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument vlanPriLan3 leads to command injection. Remote exploitation of the attack is possible. The...
CVE-2025-32449
Unquoted search path for some PRI Driver software before version 03.03.1002 within Ring 3: User Applications may allow an escalation of privilege. Unprivileged software adversary with an authenticated user combined with a high complexity attack may enable escalation of privilege. This result may...
CVE-2025-32449
CVE-2025-32449 affects PRI Driver software before version 03.03.1002, with an unquoted search path in Ring 3: User Applications that can enable privilege escalation. The issue is local and requires an authenticated user with high attack complexity and user interaction; the vulnerability impacts c...
EUVD-2025-31409
Malicious code in bioql PyPI...
CVE-2025-11089 kidaze CourseSelectionSystem COUNT3s4.php sql injection
A vulnerability was determined in kidaze CourseSelectionSystem up to 42cd892b40a18d50bd4ed1905fa89f939173a464. This impacts an unknown function of the file /Profilers/PriProfile/COUNT3s4.php. Executing manipulation of the argument cbranch can lead to sql injection. It is possible to launch the...
CVE-2025-11032 kidaze CourseSelectionSystem COUNT3s6.php sql injection
A flaw has been found in kidaze CourseSelectionSystem up to 42cd892b40a18d50bd4ed1905fa89f939173a464. This issue affects some unknown processing of the file /Profilers/PriProfile/COUNT3s6.php. Executing manipulation of the argument CPU can lead to sql injection. The attack may be performed from...
PT-2025-39671
Name of the Vulnerable Software and Affected Versions kidaze CourseSelectionSystem versions prior to 42cd892b40a18d50bd4ed1905fa89f939173a464 Description A flaw exists in kidaze CourseSelectionSystem that allows for SQL injection. The issue is due to the manipulation of the cbe argument within an...
CVE-2025-10597 kidaze CourseSelectionSystem COUNT2.php sql injection
A vulnerability was determined in kidaze CourseSelectionSystem up to 42cd892b40a18d50bd4ed1905fa89f939173a464. This vulnerability affects unknown code of the file /Profilers/PriProfile/COUNT2.php. This manipulation of the argument cname causes sql injection. The attack may be initiated remotely...
Malicious code in @zalastax/nolb-babel-pri (npm)
The package @zalastax/nolb-babel-pri was found to contain malicious code...
MAL-2025-43145 Malicious code in @zalastax/nolb-babel-pri (npm)
The package @zalastax/nolb-babel-pri was found to contain malicious code...
Malicious code in @zalastax/nolb-pri- (npm)
The package @zalastax/nolb-pri- was found to contain malicious code...
Malicious code in @zalastax/nolb-pri_ (npm)
The package @zalastax/nolb-pri was found to contain malicious code...
Malicious code in @zalastax/nolb-pri (npm)
The package @zalastax/nolb-pri was found to contain malicious code...
MAL-2025-13301 Malicious code in @zalastax/nolb-pri (npm)
The package @zalastax/nolb-pri was found to contain malicious code...
MAL-2025-13305 Malicious code in @zalastax/nolb-pri_ (npm)
The package @zalastax/nolb-pri was found to contain malicious code...
MAL-2025-13302 Malicious code in @zalastax/nolb-pri- (npm)
The package @zalastax/nolb-pri- was found to contain malicious code...
Krüger&Matz com.pri.applock 安全漏洞
Krüger&Matz com.pri.applock is a mobile application component from Krüger&Matz. A security vulnerability exists in Krüger&Matz com.pri.applock, which stems from a content provider query method that allows PIN disclosure...