The vulnerability of the wirelessBasic() function in the mod_form.so script of Linksys routers such as RE6250, RE6300, RE6350, RE6500, RE7000, and RE9000 allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the wirelessBasic function in the modform.so microprogramming system for Linksys routers such as RE6250, RE6300, RE6350, RE6500, RE7000, and RE9000 lies in the fact that the operation’s output escapes the buffer in memory when processing the submitSSID1 parameter. Exploiting...

Linux Distros Unpatched Vulnerability : CVE-2025-38409

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - drm/msm: Fix another leak in the submit error path putunusedfd doesn't free the installed file, if we've already done fdinstall. So we need to also free the...

Linux Distros Unpatched Vulnerability : CVE-2023-3355

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A NULL pointer dereference flaw was found in the Linux kernel's drivers/gpu/drm/msm/msmgemsubmit.c code in the submitlookupcmds function, which fails because it...

CVE-2025-8820 Linksys RE6250/RE6300/RE6350/RE6500/RE7000/RE9000 wirelessBasic stack-based overflow

A vulnerability was determined in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 up to 20250801. This vulnerability affects the function wirelessBasic of the file /goform/wirelessBasic. The manipulation of the argument submitSSID1 leads to stack-based buffer overflow. The attack can be...

WordPress BaiduXZH Submit(百度熊掌号) plugin <= 1.4.6 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Nguyen Xuan Chien Patchstack Alliance in WordPress Plugin BaiduXZH Submit百度熊掌号 versions = 1.4.6...

org.apache.zeppelin:zeppelin-flink-cmd (>=0.10.0 <=0.11.2), org.apache.zeppelin:zeppelin-spark-submit (>=0.10.0 <=0.11.2) +1 more potentially affected by CVE-2024-51775 via org.apache.zeppelin:zeppelin-shell (>=0.10.0 <=0.11.2)

org.apache.zeppelin:zeppelin-shell MAVEN version =0.10.0, =0.10.0, =0.10.0, =0.10.0, =0.11.2 Source cves: CVE-2024-51775 Source advisory: SNYK:JAVA-ORGAPACHEZEPPELIN-11444035...

SUSE CVE-2025-38409

In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix another leak in the submit error path putunusedfd doesn't free the installed file, if we've already done fdinstall. So we need to also free the syncfile. Patchwork: https://patchwork.freedesktop.org/patch/653583/...

SUSE CVE-2025-38410

In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix a fence leak in submit error path In error paths, we could unref the submit without calling drmschedentitypushjob, so msmjobfree will never get called. Since drmschedjobcleanup will NULL out the sfence, we can use th...

The vulnerability of the built-in web server boa (/boafrm/formWlanMultipleAP) of TOTOLINK A702R router software allows a intruder to cause a service failure.

The vulnerability of the built-in web server boa /boafrm/formWlanMultipleAP of TOTOLINK A702R router software is related to the issue of the operation exceeding the buffer in memory when processing the submit-url parameter. Exploiting this vulnerability allows a malicious actor to cause service...

TOTOLINK A702R Buffer Overflow Vulnerability

The TOTOLINK A702R is a wireless router model from China's Gion Electronics, with key features including dual-band 2.4GHz/5.8GHz network connectivity, up to 1200Mbps transfer rate, four 5dBi antennas, and a built-in firewall. A buffer overflow vulnerability exists in the TOTOLINK A702R, which...

The vulnerability of the built-in BOA server (/boafrm/formMultiAPVLAN) of the TOTOLINK X15 router’s microprogramming software allows a hacker to cause a service failure.

The vulnerability of the built-in server boa /boafrm/formMultiAPVLAN of the TOTOLINK X15 microprogrammed router software is related to the issue where the operation’s output goes beyond the buffer in memory when processing the submit-url parameter. Exploiting this vulnerability allows a remote...

The vulnerability of the built-in boa server (/boafrm/formRoute) of the TOTOLINK X15 router microprogramming software allows a hacker to cause a service failure.

The vulnerability of the built-in boa server /boafrm/formRoute of the TOTOLINK X15 router software lies in the fact that the operation exceeds the buffer boundaries in memory when processing the submit-url parameter. Exploiting this vulnerability allows a malicious actor to cause service failures...

CVE-2025-8246

A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105. It has been rated as critical. Affected by this issue is some unknown functionality of the file /boafrm/formRoute of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. The...

CVE-2025-8245

A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /boafrm/formMultiAPVLAN of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer...

DEBIAN-CVE-2025-38409

In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix another leak in the submit error path putunusedfd doesn't free the installed file, if we've already done fdinstall. So we need to also free the syncfile. Patchwork: https://patchwork.freedesktop.org/patch/653583/...

AZL-73034 CVE-2025-38410 affecting package kernel for versions less than 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix a fence leak in submit error path In error paths, we could unref the submit without calling drmschedentitypushjob, so msmjobfree will never get called. Since drmschedjobcleanup will NULL out the sfence, we can use th...

CVE-2025-38410

In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix a fence leak in submit error path In error paths, we could unref the submit without calling drmschedentitypushjob, so msmjobfree will never get called. Since drmschedjobcleanup will NULL out the sfence, we can use th...

DEBIAN-CVE-2025-38410

In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix a fence leak in submit error path In error paths, we could unref the submit without calling drmschedentitypushjob, so msmjobfree will never get called. Since drmschedjobcleanup will NULL out the sfence, we can use th...

AZL-65810 CVE-2025-38410 affecting package kernel for versions less than 6.6.104.2-1

In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix a fence leak in submit error path In error paths, we could unref the submit without calling drmschedentitypushjob, so msmjobfree will never get called. Since drmschedjobcleanup will NULL out the sfence, we can use th...

AZL-65723 CVE-2025-38409 affecting package kernel for versions less than 6.6.104.2-1

In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix another leak in the submit error path putunusedfd doesn't free the installed file, if we've already done fdinstall. So we need to also free the syncfile. Patchwork: https://patchwork.freedesktop.org/patch/653583/...