Alpine iLX-507 Stack Buffer Overflow Vulnerability (CNVD-2025-20811)

The Alpine iLX-507 is a multimedia receiver from Alpine USA. The Alpine iLX-507 suffers from a stack buffer overflow vulnerability that can be exploited by an attacker to execute code in a root context...

Alpine iLX-507 Stack Buffer Overflow Vulnerability (CNVD-2025-20813)

The Alpine iLX-507 is a multimedia receiver from Alpine USA. The Alpine iLX-507 suffers from a stack buffer overflow vulnerability that can be exploited by an attacker to execute arbitrary code in the root context...

Alpine iLX-507 Input Validation Error Vulnerability

The Alpine iLX-507 is a multimedia receiver from Alpine USA. The Alpine iLX-507 suffers from an input validation error vulnerability, which stems from improper validation of the TIDAL music streaming application credentials, that can be exploited by an attacker to execute arbitrary code in the ro...

Kenwood DMX958XR 操作系统命令注入漏洞

The Kenwood DMX958XR is an in-car infotainment system from Kenwood. The Kenwood DMX958XR suffers from a command injection vulnerability that can be exploited by an attacker to execute code in a root context...

Kenwood DMX958XR 操作系统命令注入漏洞

The Kenwood DMX958XR is an in-car infotainment system from Kenwood. The Kenwood DMX958XR suffers from a command injection vulnerability that can be exploited by an attacker to execute code in a root context...

Kenwood DMX958XR 操作系统命令注入漏洞

The Kenwood DMX958XR is an in-car infotainment system from Kenwood. The Kenwood DMX958XR suffers from a command injection vulnerability that can be exploited by an attacker to execute code in a root context...

Kenwood DMX958XR 操作系统命令注入漏洞

The Kenwood DMX958XR is an in-car infotainment system from Kenwood. The Kenwood DMX958XR suffers from a command injection vulnerability that can be exploited by an attacker to execute code in a root context...

Kenwood DMX958XR 操作系统命令注入漏洞

The Kenwood DMX958XR is an in-car infotainment system from Kenwood. The Kenwood DMX958XR suffers from a command injection vulnerability that can be exploited by an attacker to execute code in a root context...

Kenwood DMX958XR 操作系统命令注入漏洞

The Kenwood DMX958XR is an in-car infotainment system from Kenwood. The Kenwood DMX958XR suffers from a command injection vulnerability that can be exploited by an attacker to execute code in a root context...

Alpine iLX-507 信任管理问题漏洞

The Alpine iLX-507 is a multimedia receiver from Alpine USA. The Alpine iLX-507 suffers from an input validation error vulnerability, which stems from improper validation of the TIDAL music streaming application credentials, that can be exploited by an attacker to execute arbitrary code in the ro...

Alpine iLX-507 安全漏洞

The Alpine iLX-507 is a multimedia receiver from Alpine USA. The Alpine iLX-507 suffers from a stack buffer overflow vulnerability that can be exploited by an attacker to execute arbitrary code in the root context...

CVE-2024-23968

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of ChargePoint Home Flex charging stations. Authentication is not required to exploit this vulnerability. The specific flaw exists within the SrvrToSmSetAutoChnlListMsg function. The issue...

CVE-2024-8646

In Eclipse Glassfish versions prior to 7.0.10, a URL redirection vulnerability to untrusted sites existed. This vulnerability is caused by the vulnerability CVE-2023-41080 in the Apache code included in GlassFish. This vulnerability only affects applications that are explicitly deployed to the ro...

CVE-2022-45129

Payara before 2022-11-04, when deployed to the root context, allows attackers to visit META-INF and WEB-INF, a different vulnerability than CVE-2022-37422. This affects Payara Platform Community before 4.1.2.191.38, 5.x before 5.2022.4, and 6.x before 6.2022.1, and Payara Platform Enterprise befo...

CVE-2021-27253

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of NETGEAR Nighthawk R7800. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the handli...

CVE-2022-23122

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Netatalk. Authentication is not required to exploit this vulnerability. The specific flaw exists within the setfilparams function. The issue results from the lack of proper validation of the length o...

CVE-2020-15618

This vulnerability allows remote attackers to disclose sensitive information on affected installations of CentOS Web Panel cwp-e17.0.9.8.923. Authentication is not required to exploit this vulnerability. The specific flaw exists within ajaxlistaccounts.php. When parsing the username parameter, th...

CVE-2020-15636

This vulnerability allows remote attackers to execute arbitrary code on affected installations of NETGEAR R6400, R6700, R7000, R7850, R7900, R8000, RS400, and XR300 routers with firmware 1.0.4.8410.0.58. Authentication is not required to exploit this vulnerability. The specific flaw exists within...

CVE-2024-23920

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of ChargePoint Home Flex charging stations. Authentication is not required to exploit this vulnerability. The specific flaw exists within the onboardee module. The issue results from improper...

CVE-2024-23963

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Alpine Halo9 devices. An attacker must first obtain the ability to pair a malicious Bluetooth device with the target system in order to exploit this vulnerability. The specific flaw exists...