CVE-2026-2192 Tenda AC9 formGetRebootTimer stack-based overflow

A security vulnerability has been detected in Tenda AC9 15.03.06.42multi. Affected by this vulnerability is the function formGetRebootTimer. Such manipulation of the argument sys.schedulereboot.starttime/sys.schedulereboot.endtime leads to stack-based buffer overflow. The attack may be launched...

EUVD-2025-6270

Malicious code in bioql PyPI...

Teledyne FLIR AX8 命令注入漏洞

Teledyne FLIR AX8 is a U.S. etc are products of the U.S. Teledyne FLIR company.Teledyne FLIR AX8 is a series of thermal surveillance cameras.TanStack form etc are products of the TanStack open source. form is a form status manager.FLIR AX8 etc are products of the U.S. FLIR AX8 is a thermal sensor...

CVE-2025-28030

TOTOLINK A810R V4.1.2cu.5182B20201026 was discovered to contain a stack overflow via the startTime and endTime parameters in setParentalRules function...

LB-LINK BL-AC2100 命令注入漏洞

LB-LINK BL-AC2100 is a wireless Wi-Fi 6 router from China Bilink LB-LINK. A command injection vulnerability exists in LB-LINK BL-AC2100 V1.0.4 and earlier versions, which stems from improper handling of the time1 and time2 parameters, and could lead to remote code execution...

CVE-2025-29360

Tenda RX3 USRX3V1.0brV16.03.13.11multiTDE01 is vulnerable to Buffer Overflow via the time and timeZone parameters at /goform/SetSysTimeCfg. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted packet...

CVE-2025-29360

Tenda RX3 USRX3V1.0brV16.03.13.11multiTDE01 is vulnerable to Buffer Overflow via the time and timeZone parameters at /goform/SetSysTimeCfg. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted packet...

The vulnerability of the setParentalRules function (/cgi-bin/cstecgi.cgi) of the Totolink N350RT router software allows a violator to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the setParentalRules function /cgi-bin/cstecgi.cgi of the Totolink N350RT router software arises due to a buffer overflow occurring during the processing of parameters week, sTime, and eTime. Exploiting this vulnerability allows an attacker to compromise the confidentiality,...

Tenda 4G300 安全漏洞

The Tenda 4G300 is a portable wireless router aimed at users who need mobile Internet access scenarios. The Tenda 4G300 suffers from a buffer overflow vulnerability that stems from incorrect manipulation of the parameters year/month/day/hour/minute/second, for which no detailed vulnerability...

The vulnerability of the httpd daemon in the embedded software of the NETGEAR R7000P router allows a hacker to execute arbitrary code.

The vulnerability of the httpd daemon in the NETGEAR R7000P integrated router software is related to buffer overflow vulnerabilities through parameters such as starthour, startminute, endhour, and endminute. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

NETGEAR R7000P 缓冲区错误漏洞

NETGEAR R7000P is a wireless router from NETGEAR, Inc. A security vulnerability exists in NETGEAR R7000P v1.3.1.64, which stems from being affected by the starthour, startminute, endhour, and endminute parameters in /usr/sbin/httpd. No detailed vulnerability details are currently available...

PYSEC-2022-43182

The time and filter parameters in Fava prior to v1.22 are vulnerable to reflected XSS due to the lack of escaping of error messages which contained the parameters in verbatim...

UBUNTU-CVE-2022-2514

The time and filter parameters in Fava prior to v1.22 are vulnerable to reflected XSS due to the lack of escaping of error messages which contained the parameters in verbatim...

CVE-2022-27000

Arris TR3300 v1.0.13 was discovered to contain a command injection vulnerability in the time and time zone function via the hprimaryntpserver, hbackupntpserver, and htimezone parameters. This vulnerability allows attackers to execute arbitrary commands via a crafted request...

CVE-2021-46230

D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a command injection vulnerability in the function upgradefilter. This vulnerability allows attackers to execute arbitrary commands via the path and time parameters...

NEC Aterm HC100RC Buffer Overflow Vulnerability

The NEC Aterm HC100RC is a network camera from Nippon Electric NEC. A buffer overflow vulnerability exists in the NEC Aterm HC100RC using firmware version 1.0.1 and earlier. The vulnerability can be exploited by an attacker to execute arbitrary code with the help of the 'date', 'time' and 'offset...

GENEXIS devices with DRGOS remote code execution vulnerability

GENEXIS devices with DRGOS is an operating system for use in home network gateways from the Dutch company GENEXIS. A security vulnerability exists in the Parental control panel in GENEXIS devices with DRGOS versions prior to 1.14.1. A remote attacker can exploit the vulnerability with the help of...