CVE-2026-5178

A security vulnerability has been detected in Totolink A3300R 17.0.0cu.557b20221024. Affected by this issue is the function setIptvCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument vlanPriLan3 leads to command injection. Remote exploitation of the attack is possible. The...

XWiki 16.10.0-rc-1 < 16.10.4, 17.0.0-rc-1 < 17.1.0 RCE Vulnerability (GHSA-rhfv-688c-p6hp)

Xwiki is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:xwiki:xwiki";...

IObit Advanced SystemCare Utimate 安全漏洞

IObit Advanced SystemCare Utimate is a powerful antivirus and system optimization tool from IObit. A security vulnerability exists in IObit Advanced SystemCare Utimate version 17.0.0 and earlier, which stems from a function 0x8001E000 in the AscRegistryFilter.sys library of the component IOCTL...

IObit Advanced SystemCare Utimate 安全漏洞

IObit Advanced SystemCare Utimate is a powerful antivirus and system optimization tool from IObit. A security vulnerability exists in IObit Advanced SystemCare Utimate version 17.0.0 and earlier, which stems from a function 0x8001E004 in the AscRegistryFilter.sys library of the component IOCTL...

Kingsoft WPS 安全漏洞

Kingsoft WPS is a kind of office software from Kingsoft, a Chinese company. It provides document processing functions. A security vulnerability exists in Kingsoft WPS versions prior to 17.0.0, which stems from the inability to properly clean up filenames before they are interactively processed...

PT-2024-26379 · Kingsoft · Wps Office

Name of the Vulnerable Software and Affected Versions: WPS Office versions prior to 17.0.0 Description: The issue arises from the application's failure to properly sanitize file names before processing them through external application interactions, leading to a form of path traversal. This...

Evmos 安全漏洞

Evmos is a scalable, high-throughput proof-of-equity blockchain. It is used for full compatibility and interoperability with Ether. A security vulnerability exists in Evmos versions prior to 17.0.0, which stems from the fact that transaction execution does not take into account all state...

F5 Networks BIG-IP : F5 BIG-IP Guided Configuration XSS vulnerability (K21317311)

The version of F5 Networks BIG-IP installed on the remote host is prior to 14.1.5.3 / 15.1.8 / 16.1.3.2 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K21317311 advisory. - On all versions of 16.1.x, 15.1.x, 14.1.x, 13.1.x, 12.1.x, and 11.6.x of F5 BIG-IP APM, and F5...

CVE-2023-39957 Path traversal allows tricking the Talk Android app into writing files into it's root directory

Nextcloud Talk Android allows users to place video and audio calls through Nextcloud on Android. Prior to version 17.0.0, an unprotected intend allowed malicious third party apps to trick the Talk Android app into writing files outside of its intended cache directory. Nextcloud Talk Android versi...

PT-2023-27173 · Nextcloud · Nextcloud Talk Android

Name of the Vulnerable Software and Affected Versions: Nextcloud Talk Android versions prior to 17.0.0 Description: Nextcloud Talk Android allows users to place video and audio calls through Nextcloud on Android. An unprotected intent in versions prior to 17.0.0 allowed malicious third-party apps...

F5 Networks BIG-IP : BIG-IP SIP profile vulnerability (K08182564)

The version of F5 Networks BIG-IP installed on the remote host is prior to 14.1.5.3 / 15.1.8.1 / 16.1.3.3 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K08182564 advisory. - On BIG-IP versions 16.1.x before 16.1.3.3, 15.1.x before 15.1.8.1, 14.1.x before 14.1.5.3, a...

F5 Networks BIG-IP : BIG-IP TMUI CSRF vulnerability (K49905324)

The version of F5 Networks BIG-IP installed on the remote host is prior to 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K49905324 advisory. - On all versions of 16.1.x, 15.1.x, 14.1.x, 13.1.x, 12.1.x, and 11.6.x of F5 BIG-IP fixed in 17.0.0, a cross-site request...

Cross-site Scripting in Keycloak

A POST based reflected Cross Site Scripting vulnerability on has been identified in Keycloak version 15. The issue was fixed in version 17.0.0...

GHSA-XPGC-J48J-JWV9 Cross-site Scripting in Keycloak

A POST based reflected Cross Site Scripting vulnerability on has been identified in Keycloak version 15. The issue was fixed in version 17.0.0...

F5 Networks BIG-IP : BIND vulnerability (K77326807)

The version of F5 Networks BIG-IP installed on the remote host is prior to 13.1.5 / 14.1.5 / 15.1.6 / 16.1.3 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K77326807 advisory. In BIND 9.3.0 - 9.11.35, 9.12.0 - 9.16.21, and versions 9.9.3-S1 - 9.11.35-S1 and 9.16.8-S1...

F5 Networks BIG-IP : glibc vulnerability (K27238230)

The version of F5 Networks BIG-IP installed on the remote host is prior to 14.1.4.5 / 15.1.4.1 / 16.1.2 / 17.0.0. It is, therefore, affected by a vulnerability as referenced in the K27238230 advisory. sysdeps/i386/ldbl2mpn.c in the GNU C Library aka glibc or libc6 before 2.23 on x86 targets has a...