CVE-2025-65427

An issue was discovered in Dbit N300 T1 Pro Easy Setup Wireless Wi-Fi Router on firmware version V1.0.0 does not implement rate limiting to /api/login allowing attackers to brute force password enumerations...

CVE-2025-57213

Incorrect access control in the component orderService.queryObject of platform v1.0.0 allows attackers to access sensitive information via a crafted request...

CVE-2023-46556

TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formFilter...

CVE-2023-46559

TOTOLINK X2000R Gh v1.0.0-B20230221.0948.web was discovered to contain a stack overflow via the function formIPv6Addr...

Command injection in Git package in Wrangler

Impact A command injection vulnerability was discovered in Wrangler's Git package affecting versions up to and including v1.0.0. Wrangler's Git package uses the underlying Git binary present in the host OS or container image to execute Git operations. Specially crafted commands can be passed to...

Halo cross-site scripting vulnerability (CNVD-2022-08379)

Halo is a personal blogging system for individual developers. Halo suffers from a cross-site scripting vulnerability that originates in Halo, versions v1.0.0 through v1.4.17 latest are susceptible to cross-site scripting XSS stored in the title of a post, which can be exploited by an attacker to...

SUSE-SU-2020:0944-1 Security update for runc

This update for runc fixes the following issues: runc was updated to v1.0.0rc10 - CVE-2019-19921: Fixed a mount race condition with shared mounts bsc1160452. - Fixed an issue where podman run hangs when spawned by salt-minion process bsc1149954...