20 matches found
Malicious code in 0x2ai-zoe (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 724bd98c39a8e4ff21b039fddeadfda7f0ef7e3c6be47e771d72efed77d02b1b On npm install, scripts/postinstall.cjs copies the entire payload/ tree into process.env.INITCWD the directory the developer ran npm from, depositing...
EUVD-2025-198252
A vulnerability has been found in Tenda AC21 16.03.08.16. This vulnerability affects unknown code of the file /goform/SetSysTimeCfg. The manipulation of the argument timeZone/time leads to stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been disclos...
Tenda AX-1803 SetSysTimeCfg function stack buffer overflow vulnerability
Tenda AX-1803 is a dual-band Gigabit WiFi6 wireless router from Tenda that supports dual bands of 2.4GHz and 5GHz with a maximum transmission rate of 1774Mbps for home or small office scenarios. The Tenda AX-1803 suffers from a stack buffer overflow vulnerability that originates from the time...
EUVD-1999-1209
Malware in sbrugna...
EUVD-2020-29851
Malware in sbrugna...
EUVD-2025-19511
Malicious code in bioql PyPI...
EUVD-2023-46055
Malicious code in bioql PyPI...
📄 Shenzhen Aitemi M300 Wi-Fi Repeater Unauthenticated Remote Code Execution
This Metasploit module exploits an unauthenticated remote command injection vulnerability in the Shenzhen Aitemi M300 Wi-Fi Repeater hardware model MT02. The vulnerability lies in the time parameter of the time configuration endpoint, which is passed unsanitized to a shell command executed via th...
Tenda AC20 安全漏洞
Tenda AC20 is a dual-band wireless router with IPv6 protocol support, featuring a triple-core 1GHz main controller with six 6dBi external antennas and a maximum wireless transmission rate of 2033Mbps. The Tenda AC20 suffers from a buffer overflow vulnerability that originates from improper handli...
CVE-2025-51085
Tenda AC8V4 V16.03.34.06 was discovered to contain stack overflow at /goform/SetSysTimeCfg. The manipulation of the argument timeZone and timeType leads to stack-based buffer overflow...
CVE-2025-6887
A vulnerability was found in Tenda AC5 15.03.06.47 and classified as critical. Affected by this issue is some unknown functionality of the file /goform/SetSysTimeCfg. The manipulation of the argument time/timeZone leads to stack-based buffer overflow. The attack may be launched remotely. The...
CVE-2025-5798
A vulnerability was found in Tenda AC8 16.03.34.09. It has been classified as critical. Affected is the function fromSetSysTime of the file /goform/SetSysTimeCfg. The manipulation of the argument timeType leads to stack-based buffer overflow. It is possible to launch the attack remotely. The...
Change in Android Enterprise configuration for XenMobile On-premises environment.
Awareness for XenMobile On-premises server admins about the Android Enterprise configuration first time setup...
CVE-2023-40359
xterm before 380 supports ReGIS reporting for character-set names even if they have unexpected characters i.e., neither alphanumeric nor underscore, aka a pointer/overflow issue. This can only occur for xterm installations that are configured at compile time to use a certain experimental feature...
Buffer overflow
xterm before 380 supports ReGIS reporting for character-set names even if they have unexpected characters i.e., neither alphanumeric nor underscore, aka a pointer/overflow issue. This can only occur for xterm installations that are configured at compile time to use a certain experimental feature...
CVE-2022-43029
Tenda TX3 USTX3V1.0brV16.03.13.11multiTDE01 was discovered to contain a stack overflow via the time parameter at /goform/SetSysTimeCfg...
CVE-2022-43029
Tenda TX3 USTX3V1.0brV16.03.13.11multiTDE01 was discovered to contain a stack overflow via the time parameter at /goform/SetSysTimeCfg...
CVE-2022-25459
Tenda AC6 v15.03.05.09multi was discovered to contain a stack overflow via the S1 parameter in the SetSysTimeCfg function...
Exploit for Cross-site Scripting in Beetel 777Vr1_Firmware
CVE-2020-25498: Stored XSS via CSRF in Beetel 777VR1 Router...
Symantec Web Gateway 5.0.2.8 Remote Code Execution Exploit
Exploit for windows platform in category web applications Title: Postauth RCE in Symantec Web Gateway 5.0.2.8 Vendor: www.symantec.com Vulnerable software: www.symantec.com Repo: https://github.com/c610/free/ POST /spywall/timeConfig.php HTTP/1.1 Host: 192.168.216.133 User-Agent: Mozilla/5.0...