Lucene search
K

20 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/11 7:16 a.m.10 views

Malicious code in 0x2ai-zoe (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 724bd98c39a8e4ff21b039fddeadfda7f0ef7e3c6be47e771d72efed77d02b1b On npm install, scripts/postinstall.cjs copies the entire payload/ tree into process.env.INITCWD the directory the developer ran npm from, depositing...

5.5AI score
Exploits0References2
EUVD
EUVD
added 2025/11/20 3:30 p.m.6 views

EUVD-2025-198252

A vulnerability has been found in Tenda AC21 16.03.08.16. This vulnerability affects unknown code of the file /goform/SetSysTimeCfg. The manipulation of the argument timeZone/time leads to stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been disclos...

9CVSS6.8AI score0.03398EPSS
Exploits1References8
CNVD
CNVD
added 2025/11/14 12:0 a.m.4 views

Tenda AX-1803 SetSysTimeCfg function stack buffer overflow vulnerability

Tenda AX-1803 is a dual-band Gigabit WiFi6 wireless router from Tenda that supports dual bands of 2.4GHz and 5GHz with a maximum transmission rate of 1774Mbps for home or small office scenarios. The Tenda AX-1803 suffers from a stack buffer overflow vulnerability that originates from the time...

7.5CVSS7.4AI score0.00324EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-1999-1209

Malware in sbrugna...

7.5CVSS6.4AI score0.01925EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-29851

Malware in sbrugna...

10CVSS9.2AI score0.0209EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-19511

Malicious code in bioql PyPI...

9CVSS8.8AI score0.00788EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-46055

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.00701EPSS
Exploits1References1
Packet Storm
Packet Storm
added 2025/09/10 12:0 a.m.168 views

📄 Shenzhen Aitemi M300 Wi-Fi Repeater Unauthenticated Remote Code Execution

This Metasploit module exploits an unauthenticated remote command injection vulnerability in the Shenzhen Aitemi M300 Wi-Fi Repeater hardware model MT02. The vulnerability lies in the time parameter of the time configuration endpoint, which is passed unsanitized to a shell command executed via th...

9.4CVSS7.9AI score0.61676EPSS
Exploits5
CNNVD
CNNVD
added 2025/07/25 12:0 a.m.4 views

Tenda AC20 安全漏洞

Tenda AC20 is a dual-band wireless router with IPv6 protocol support, featuring a triple-core 1GHz main controller with six 6dBi external antennas and a maximum wireless transmission rate of 2033Mbps. The Tenda AC20 suffers from a buffer overflow vulnerability that originates from improper handli...

9CVSS7.9AI score0.01245EPSS
Exploits1References6
OSV
OSV
added 2025/07/24 3:15 p.m.4 views

CVE-2025-51085

Tenda AC8V4 V16.03.34.06 was discovered to contain stack overflow at /goform/SetSysTimeCfg. The manipulation of the argument timeZone and timeType leads to stack-based buffer overflow...

5.3CVSS6.2AI score0.06769EPSS
Exploits1References2
OSV
OSV
added 2025/06/30 5:15 a.m.8 views

CVE-2025-6887

A vulnerability was found in Tenda AC5 15.03.06.47 and classified as critical. Affected by this issue is some unknown functionality of the file /goform/SetSysTimeCfg. The manipulation of the argument time/timeZone leads to stack-based buffer overflow. The attack may be launched remotely. The...

8.7CVSS6.5AI score0.00788EPSS
Exploits1References7
OSV
OSV
added 2025/06/06 8:15 p.m.8 views

CVE-2025-5798

A vulnerability was found in Tenda AC8 16.03.34.09. It has been classified as critical. Affected is the function fromSetSysTime of the file /goform/SetSysTimeCfg. The manipulation of the argument timeType leads to stack-based buffer overflow. It is possible to launch the attack remotely. The...

8.7CVSS6.4AI score0.00998EPSS
Exploits1References6
Citrix
Citrix
added 2024/06/25 12:0 a.m.9 views

Change in Android Enterprise configuration for XenMobile On-premises environment.

Awareness for XenMobile On-premises server admins about the Android Enterprise configuration first time setup...

7.1AI score
Exploits0
NVD
NVD
added 2023/08/14 5:15 p.m.29 views

CVE-2023-40359

xterm before 380 supports ReGIS reporting for character-set names even if they have unexpected characters i.e., neither alphanumeric nor underscore, aka a pointer/overflow issue. This can only occur for xterm installations that are configured at compile time to use a certain experimental feature...

9.8CVSS9.4AI score0.00734EPSS
Exploits0References1
Prion
Prion
added 2023/08/14 5:15 p.m.19 views

Buffer overflow

xterm before 380 supports ReGIS reporting for character-set names even if they have unexpected characters i.e., neither alphanumeric nor underscore, aka a pointer/overflow issue. This can only occur for xterm installations that are configured at compile time to use a certain experimental feature...

7.5CVSS9.3AI score0.00734EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2022/10/19 7:15 p.m.6 views

CVE-2022-43029

Tenda TX3 USTX3V1.0brV16.03.13.11multiTDE01 was discovered to contain a stack overflow via the time parameter at /goform/SetSysTimeCfg...

9.8CVSS5.9AI score0.00755EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/10/19 12:0 a.m.8 views

CVE-2022-43029

Tenda TX3 USTX3V1.0brV16.03.13.11multiTDE01 was discovered to contain a stack overflow via the time parameter at /goform/SetSysTimeCfg...

9.9AI score0.00755EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2022/03/18 9:15 p.m.2 views

CVE-2022-25459

Tenda AC6 v15.03.05.09multi was discovered to contain a stack overflow via the S1 parameter in the SetSysTimeCfg function...

10CVSS7.2AI score0.01665EPSS
Exploits1References2
GithubExploit
GithubExploit
added 2021/01/05 5:38 p.m.141 views

Exploit for Cross-site Scripting in Beetel 777Vr1_Firmware

CVE-2020-25498: Stored XSS via CSRF in Beetel 777VR1 Router...

4.8CVSS5.1AI score0.01085EPSS
Exploits2
0day.today
0day.today
added 2020/04/10 12:0 a.m.177 views

Symantec Web Gateway 5.0.2.8 Remote Code Execution Exploit

Exploit for windows platform in category web applications Title: Postauth RCE in Symantec Web Gateway 5.0.2.8 Vendor: www.symantec.com Vulnerable software: www.symantec.com Repo: https://github.com/c610/free/ POST /spywall/timeConfig.php HTTP/1.1 Host: 192.168.216.133 User-Agent: Mozilla/5.0...

7.4AI score
Exploits0
Rows per page
Query Builder