Lucene search
K

6 matches found

NVD
NVD
added 2026/02/18 10:16 p.m.6 views

CVE-2019-25349

ScadaApp for iOS 1.1.4.0 contains a denial of service vulnerability that allows attackers to crash the application by inputting an oversized buffer in the Servername field. Attackers can paste a 257-character buffer during login to trigger an application crash on iOS devices...

7.5CVSS0.00239EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/02/18 9:54 p.m.4 views

CVE-2019-25349 scadaApp for iOS 1.1.4.0 - 'Servername' Denial of Service

ScadaApp for iOS 1.1.4.0 contains a denial of service vulnerability that allows attackers to crash the application by inputting an oversized buffer in the Servername field. Attackers can paste a 257-character buffer during login to trigger an application crash on iOS devices...

7.5CVSS5.8AI score0.00239EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/12/18 12:35 a.m.14 views

CVE-2025-67074

A Buffer overflow vulnerability in function fromAdvSetMacMtuWan of bin httpd in Tenda AC10V4.0 V16.03.10.20 allows remote attackers to cause denial of service and possibly code execution by sending a post request with a crafted payload field serverName to /goform/AdvSetMacMtuWan...

6.5CVSS8AI score0.00334EPSS
Exploits1References1
OSV
OSV
added 2025/12/17 8:15 p.m.4 views

CVE-2025-67074

A Buffer overflow vulnerability in function fromAdvSetMacMtuWan of bin httpd in Tenda AC10V4.0 V16.03.10.20 allows remote attackers to cause denial of service and possibly code execution by sending a post request with a crafted payload field serverName to /goform/AdvSetMacMtuWan...

6.5CVSS6.3AI score0.00334EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/12/17 12:0 a.m.4 views

CVE-2025-67074

A Buffer overflow vulnerability in function fromAdvSetMacMtuWan of bin httpd in Tenda AC10V4.0 V16.03.10.20 allows remote attackers to cause denial of service and possibly code execution by sending a post request with a crafted payload field serverName to /goform/AdvSetMacMtuWan...

7.6AI score0.00334EPSS
Exploits1References1
OSV
OSV
added 2022/07/29 8:0 p.m.33 views

GO-2022-0370 Man-in-the-middle attack due to improper validation of certificate in mellium.im/xmpp

Websocket client connections are vulnerable to man-in-the-middle attacks via DNS spoofing. When looking up a WSS endpoint using a DNS TXT record, the server TLS certificate is incorrectly validated using the name of the server returned by the TXT record request, not the name of the the server bei...

5.9CVSS5.2AI score0.00629EPSS
Exploits0References4
Rows per page
Query Builder