34021 matches found
CVE-2025-70218
Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via POST to the goform/formAdvFirewall component...
CVE-2025-70219
Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the goform/formDeviceReboot...
PT-2026-23063
Name of the Vulnerable Software and Affected Versions D-Link DIR-513 version 1.10 Description A stack buffer overflow condition exists in D-Link DIR-513 version 1.10. The issue is triggered by providing input to the curTime parameter within the ''/goform/formLogin'' and ''/goform/getAuthCode'' AP...
CVE-2025-70226
CVE-2025-70226: A stack buffer overflow in D-Link DIR-513 v1.10 is triggered by the curTime parameter to goform/formEasySetupWizard. The issue affects the device firmware; the cited description, CVSSv3.1 base score 9.8 (CRITICAL) indicates high impact on confidentiality, integrity, and availabili...
CVE-2025-70222
CVE-2025-70222 affects D-Link DIR-513 v1.10. A stack buffer overflow is triggered via the curTime parameter in the /goform/formLogin and /goform/getAuthCode endpoints. The vulnerability is characterized as a network-accessible issue with high impact to confidentiality, integrity, and availability...
CVE-2025-70225
CVE-2025-70225 describes a stack buffer overflow in D-Link DIR-513 v1.10 exploitable via the curtime parameter to the goform/formEasySetupWWConfig component. Affected product/line: D-Link DIR-513 (firmware v1.10). The root cause is a flawed handling of the curtime value in the Easy Setup WWConfig...
CVE-2025-70222
Stack buffer overflow vulnerability in D-Link DIR-513 v1.10 via the curTime parameter to goform/formLogin,goform/getAuthCode...
D-Link DIR-513 安全漏洞
The D-Link DIR-513 is a wireless router product developed by D-Link Corporation. The D-Link DIR-513 v1.10 version has a security vulnerability, which stems from a stack buffer overflow in the curTime parameter of the goform/formAutoDetecWANwizard4 script...
D-Link DIR-513 安全漏洞
The D-Link DIR-513 is a wireless router product from the D-Link company. The D-Link DIR-513 v1.10 version has a security vulnerability, which stems from a stack buffer overflow in the curTime parameter of the goform/formEasySetupWizard module...
PT-2026-23093
Name of the Vulnerable Software and Affected Versions jackson-core versions 3.0.0 through 3.0.x Description jackson-core contains core low-level incremental "streaming" parser and generator abstractions. The UTF8DataInputJsonParser and ReaderBasedJsonParser bypass the maxNestingDepth constraint...
PT-2026-23034
Name of the Vulnerable Software and Affected Versions D-Link DIR-513 version 1.10 Description A stack buffer overflow condition exists in D-Link DIR-513 version 1.10. This issue is triggered by providing a crafted value to the curTime parameter within the ''goform/formAdvNetwork'' API endpoint. T...
CVE-2025-70223
CVE-2025-70223 affects D-Link DIR-513 v1.10. The issue is a stack buffer overflow in the curTime parameter to goform/formAdvNetwork, with CVSS 3.1: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H (base 9.8). The vulnerability is network‑level, requires no privileges and no user interaction, and impacts confi...
AZL-79397 CVE-2026-27601 affecting package krb5 1.21.3-3
Underscore.js is a utility-belt library for JavaScript. Prior to 1.13.8, the .flatten and .isEqual functions use recursion without a depth limit. Under very specific conditions, detailed below, an attacker could exploit this in a Denial of Service DoS attack by triggering a stack overflow...
AZL-79404 CVE-2026-27601 affecting package python-sqlalchemy 1.4.32-2
Underscore.js is a utility-belt library for JavaScript. Prior to 1.13.8, the .flatten and .isEqual functions use recursion without a depth limit. Under very specific conditions, detailed below, an attacker could exploit this in a Denial of Service DoS attack by triggering a stack overflow...
AZL-79323 CVE-2026-27601 affecting package cyrus-sasl-bootstrap 2.1.28-4
Underscore.js is a utility-belt library for JavaScript. Prior to 1.13.8, the .flatten and .isEqual functions use recursion without a depth limit. Under very specific conditions, detailed below, an attacker could exploit this in a Denial of Service DoS attack by triggering a stack overflow...
DEBIAN-CVE-2026-27601
Underscore.js is a utility-belt library for JavaScript. Prior to 1.13.8, the .flatten and .isEqual functions use recursion without a depth limit. Under very specific conditions, detailed below, an attacker could exploit this in a Denial of Service DoS attack by triggering a stack overflow...
AZL-79401 CVE-2026-27601 affecting package python-sphinx 4.4.0-3
Underscore.js is a utility-belt library for JavaScript. Prior to 1.13.8, the .flatten and .isEqual functions use recursion without a depth limit. Under very specific conditions, detailed below, an attacker could exploit this in a Denial of Service DoS attack by triggering a stack overflow...
CVE-2026-27601
Underscore.js is a utility-belt library for JavaScript. Prior to 1.13.8, the .flatten and .isEqual functions use recursion without a depth limit. Under very specific conditions, detailed below, an attacker could exploit this in a Denial of Service DoS attack by triggering a stack overflow...
AZL-79340 CVE-2026-27601 affecting package cyrus-sasl 2.1.28-8
Underscore.js is a utility-belt library for JavaScript. Prior to 1.13.8, the .flatten and .isEqual functions use recursion without a depth limit. Under very specific conditions, detailed below, an attacker could exploit this in a Denial of Service DoS attack by triggering a stack overflow...
AZL-79427 CVE-2026-27601 affecting package numpy 1.26.3-4
Underscore.js is a utility-belt library for JavaScript. Prior to 1.13.8, the .flatten and .isEqual functions use recursion without a depth limit. Under very specific conditions, detailed below, an attacker could exploit this in a Denial of Service DoS attack by triggering a stack overflow...