EUVD-2025-197753

A vulnerability was detected in Tenda AC20 up to 16.03.08.12. The impacted element is an unknown function of the file /goform/WifiExtraSet. The manipulation of the argument wpapskcrypto results in buffer overflow. The attack can be launched remotely. The exploit is now public and may be used...

CVE-2025-13258

A vulnerability was detected in Tenda AC20 up to 16.03.08.12. The impacted element is an unknown function of the file /goform/WifiExtraSet. The manipulation of the argument wpapskcrypto results in buffer overflow. The attack can be launched remotely. The exploit is now public and may be used...

CVE-2025-13258 Tenda AC20 WifiExtraSet buffer overflow

A vulnerability was detected in Tenda AC20 up to 16.03.08.12. The impacted element is an unknown function of the file /goform/WifiExtraSet. The manipulation of the argument wpapskcrypto results in buffer overflow. The attack can be launched remotely. The exploit is now public and may be used...

Tenda AC20 安全漏洞

Tenda AC20 is a wireless router from Tenda China. A security vulnerability exists in Tenda AC20 version 16.03.08.12 and earlier, which stems from an incorrect operation of the parameter wpapskcrypto in the file /goform/WifiExtraSet, which may result in a buffer overflow...

MalRAG: A Retrieval-Augmented LLM Framework for Open-Set Malicious Traffic Identification

Fine-grained identification of IDS-flagged suspicious traffic is crucial in cybersecurity. In practice, cyber threats evolve continuously, making the discovery of novel malicious traffic a critical necessity as well as the identification of known classes. Recent studies have advanced this goal wi...

PT-2025-47105

Name of the Vulnerable Software and Affected Versions Tenda AC20 versions up to 16.03.08.12 Description A buffer overflow exists in the Tenda AC20 router. The issue is located in an unknown function within the /goform/WifiExtraSet file. Manipulation of the wpapsk crypto argument can trigger the...

MGASA-2025-0292 Updated python-django packages fix security vulnerability

Potential SQL injection via connector keyword argument in QuerySet and Q objects. CVE-2025-64459...

Updated python-django packages fix security vulnerability

Potential SQL injection via connector keyword argument in QuerySet and Q objects. CVE-2025-64459...

CLSA-2025-1763138343 tigervnc: Fix of CVE-2025-62231

CVE-2025-62231: fix improper bounds checking in XkbSetCompatMap function to prevent unsigned short overflow and potential memory corruption or crash...

CVE-2025-60676

An unauthenticated command injection vulnerability exists in the D-Link DIR-878A1 router firmware FW101B04.bin. The vulnerability occurs in the 'SetNetworkSettings' functionality of prog.cgi, where the 'IPAddress' and 'SubnetMask' parameters are directly concatenated into shell commands executed...

CVE-2025-60673

An unauthenticated command injection vulnerability exists in the D-Link DIR-878A1 router firmware FW101B04.bin. The vulnerability occurs in the 'SetDMZSettings' functionality, where the 'IPAddress' parameter in prog.cgi is stored in NVRAM and later used by librcm.so to construct iptables commands...

CVE-2025-60676

An unauthenticated command injection vulnerability exists in the D-Link DIR-878A1 router firmware FW101B04.bin. The vulnerability occurs in the 'SetNetworkSettings' functionality of prog.cgi, where the 'IPAddress' and 'SubnetMask' parameters are directly concatenated into shell commands executed...

EUVD-2025-175340

A command injection vulnerability exists in the D-Link DIR-882 Router firmware DIR882A1FW102B02 within the prog.cgi and rc binaries. The sub432F60 function in prog.cgi stores user-supplied SetSysLogSettings/IPAddress values in NVRAM via nvramsafeset"SysLogRemoteIPAddress", .... These values are...

CVE-2025-60698

A command injection vulnerability exists in the D-Link DIR-882 Router firmware DIR882A1FW102B02 within the prog.cgi and rc binaries. The sub432F60 function in prog.cgi stores user-supplied SetSysLogSettings/IPAddress values in NVRAM via nvramsafeset"SysLogRemoteIPAddress", .... These values are...

CVE-2025-40139

In the Linux kernel, the following vulnerability has been resolved: smc: Use skdstget and dstdevrcu in in smcclcprfxset. smcclcprfxset is called during connect and not under RCU nor RTNL. Using skdstgetsk-dev could trigger UAF. Let's use skdstget and devdstrcu under rcureadlock after...

CVE-2025-40149

In the Linux kernel, the following vulnerability has been resolved: tls: Use skdstget and dstdevrcu in getnetdevforsock. getnetdevforsock is called during setsockopt, so not under RCU. Using skdstgetsk-dev could trigger UAF. Let's use skdstget and dstdevrcu. Note that the only -ndoskgetlowerdev...

CVE-2025-60688

A stack buffer overflow vulnerability exists in the ToToLink LR1200GB V9.1.0u.6619B20230130 and NR1800X V9.1.0u.6681B20230703 Router firmware within the cstecgi.cgi binary setDefResponse function. The binary reads the "IpAddress" parameter from a web request and copies it into a fixed-size stack...

Prototype Pollution

spmrc is vulnerable to Prototype Pollution. The vulnerability is due to improper input validation in the set and config functions, which allows an attacker to supply a crafted payload to inject properties on Object.prototype, leading to denial of service DoS or other unexpected behaviors...

Prototype Pollution

json-schema-editor-visual is vulnerable to Prototype Pollution. The vulnerability is due to insufficient validation of user-supplied input in the setData and deleteData functions, which allows an attacker to supply a crafted payload to inject or delete properties on Object.prototype, potentially...

EUVD-2025-150392

In the Linux kernel, the following vulnerability has been resolved: crypto: skcipher - Fix reqsize handling Commit afddce13ce81d "crypto: api - Add reqsize to cryptoalg" introduced crareqsize field in cryptoalg struct to replace type specific reqsize fields. It looks like this was introduced...