10 matches found
CVE-2026-24112
An issue was discovered in Tenda W20E V4.0brV15.11.0.6. Attackers may exploit the vulnerability by specifying the value of userInfo. When userInfo is passed into the addWewifiWhiteUser function and processed by sscanf without size validation, it could lead to a buffer overflow vulnerability...
Tenda W20E 安全漏洞
The Tenda W20E is a router produced by the Chinese company Tenda. The Tenda W20E V4.0brV15.11.0.6 version contains a security vulnerability. This vulnerability stems from the lack of size validation when processing the userInfo parameter, which may lead to a buffer overflow...
Tenda W20E 安全漏洞
The Tenda W20E is a router produced by the Chinese company Tenda. The Tenda W20E V4.0brV15.11.0.6 version contains a security vulnerability. This vulnerability stems from the lack of size validation when processing the userInfo parameter, which may lead to a buffer overflow...
PT-2026-22601
Name of the Vulnerable Software and Affected Versions Tenda W20E version 4.0br V15.11.0.6 Description An issue exists in Tenda W20E firmware where improper input validation can lead to a buffer overflow. Attackers can exploit this by manipulating the userInfo variable. Specifically, when the...
CVE-2026-24112
An issue was discovered in Tenda W20E V4.0brV15.11.0.6. Attackers may exploit the vulnerability by specifying the value of userInfo. When userInfo is passed into the addWewifiWhiteUser function and processed by sscanf without size validation, it could lead to a buffer overflow vulnerability...
EUVD-2023-1380
Malicious code in bioql PyPI...
CVE-2023-27495
@fastify/csrf-protection is a plugin which helps protect Fastify servers against CSRF attacks. The CSRF protection enforced by the @fastify/csrf-protection library in combination with @fastify/cookie can be bypassed from network and same-site attackers under certain conditions...
CVE-2023-27495 Bypass of CSRF protection in the presence of predictable userInfo in @fastify/csrf-protection
@fastify/csrf-protection is a plugin which helps protect Fastify servers against CSRF attacks. The CSRF protection enforced by the @fastify/csrf-protection library in combination with @fastify/cookie can be bypassed from network and same-site attackers under certain conditions...
CVE-2023-27495 Bypass of CSRF protection in the presence of predictable userInfo in @fastify/csrf-protection
@fastify/csrf-protection is a plugin which helps protect Fastify servers against CSRF attacks. The CSRF protection enforced by the @fastify/csrf-protection library in combination with @fastify/cookie can be bypassed from network and same-site attackers under certain conditions...
Parameters in userinfo.php in Shield Spirit public number promotion system v1.3 have sql injection vulnerabilities
Shield Spirit public number promotion system is mainly applied to public number promotion alliance, suitable for personal and business subscription number and service number or enterprise number. Shield Spirit public promotion system v1.3 userinfo.php parameters in the existence of sql injection...