16 matches found
CVE-2026-62195
creationtimestamp| type| source ---|---|--- 2026-07-13 23:15:37+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mqkt4djxzu2i...
CVE-2026-36602
Mercusys AC12G EU V1 router with firmware AC12GEUV1200909 discloses kernel memory layout via the UPnP GetStatusInfo action. An unauthenticated attacker on the adjacent network can obtain a raw MIPS KSEG0 kernel pointer, revealing kernel memory layout and aiding further exploitation...
CVE-2026-36602
Mercusys AC12G EU V1 router with firmware AC12GEUV1200909 discloses kernel memory layout via the UPnP GetStatusInfo action. An unauthenticated attacker on the adjacent network can obtain a raw MIPS KSEG0 kernel pointer, revealing kernel memory layout and aiding further exploitation...
CVE-2026-36602
Mercusys AC12G EU V1 router with firmware AC12GEUV1200909 discloses kernel memory layout via the UPnP GetStatusInfo action. An unauthenticated attacker on the adjacent network can obtain a raw MIPS KSEG0 kernel pointer, revealing kernel memory layout and aiding further exploitation...
Mercusys AC12G 安全漏洞
The Mercusys AC12G is a Gigabit wireless router produced by the Chinese company Mercusys. The Mercusys AC12G EU V1 AC12G EU V1 version released in September 2009 contained security vulnerabilities. These vulnerabilities were caused by the UPnP GetStatusInfo operation, which disclosed the kernel...
EUVD-2026-34141
Mercusys AC12G EU V1 router with firmware AC12GEUV1200909 discloses kernel memory layout via the UPnP GetStatusInfo action. An unauthenticated attacker on the adjacent network can obtain a raw MIPS KSEG0 kernel pointer, revealing kernel memory layout and aiding further exploitation...
Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: In loopsetstatusfrominfo, the checks for lo-looffset and lo-losizelimit should be performed before reassigning them. This is because if an overflow error occurs, the original correct value will be changed to the wrong value, and ...
CVE-2026-4288
A weakness has been identified in Tiandy Easy7 Integrated Management Platform 7.17.0. The impacted element is an unknown function of the file /rest/devStatus/getDevDetailedInfo of the component Endpoint. Executing a manipulation of the argument ID can lead to sql injection. The attack can be...
GHSA-FFJ4-JQ7M-9G6V
creationtimestamp| type| source ---|---|--- 2026-01-13 21:09:23+00:00| seen| https://infosec.exchange/users/cR0w/statuses/115889836069615909 2026-01-24 21:25:24+00:00| seen| https://gist.github.com/alon710/1704fe210c52be7ed4098a296bff9e33 2026-01-24 22:40:51+00:00| seen|...
Astra Linux – Vulnerability in nbdkit
There is a flaw in the “blocksize” filter of nbdkit that can be triggered by a specific type of client request. When a client requests block status information for a very large data range, exceeding a certain limit, it causes an internal error in nbdkit, resulting in a denial of service...
EUVD-2025-26153
Malicious code in bioql PyPI...
CVE-2025-9593
A flaw has been found in itsourcecode Apartment Management System 1.0. Impacted is an unknown function of the file /report/unitstatusinfo.php. Executing manipulation of the argument usid can lead to sql injection. The attack can be executed remotely. The exploit has been published and may be used...
Apartment Management System unit_status_info.php File SQL Injection Vulnerability
Apartment Management System is an apartment management system. Apartment Management System suffers from a SQL injection vulnerability that stems from the lack of validation of externally entered SQL statements in the parameter usid in the file /report/unitstatusinfo.php. An attacker can exploit...
CVE-2025-9593 itsourcecode Apartment Management System unit_status_info.php sql injection
A flaw has been found in itsourcecode Apartment Management System 1.0. Impacted is an unknown function of the file /report/unitstatusinfo.php. Executing manipulation of the argument usid can lead to sql injection. The attack can be executed remotely. The exploit has been published and may be used...
CVE-2025-9593
Affected software: itsourcecode Apartment Management System 1.0. The vulnerability is an SQL injection in the /report/unit_status_info.php file caused by unsafely handling the usid parameter. This allows remote exploitation and an exploit has been published. Connected advisories confirm the issue...
epfoservices.in XSS vulnerability
Vulnerable URL: http://www.epfoservices.in/claimstatusinfo-newlogic.php?officename=1"...