Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: net: hns3 – added validation of the VLAN ID before using it. Currently, the VLAN ID can be used without validation when receiving a VLAN configuration mailbox from VF. The length of vlansdelfailbmap is BITSTOLONGSVLANNVID. This m...

CVE-2026-2925

A vulnerability was detected in D-Link DWR-M960 1.01.07. Affected by this issue is the function sub42B5A0 of the file /boafrm/formBridgeVlan of the component Bridge VLAN Configuration Endpoint. Performing a manipulation of the argument submit-url results in stack-based buffer overflow. The attack...

CVE-2026-2925

A vulnerability was detected in D-Link DWR-M960 1.01.07. Affected by this issue is the function sub42B5A0 of the file /boafrm/formBridgeVlan of the component Bridge VLAN Configuration Endpoint. Performing a manipulation of the argument submit-url results in stack-based buffer overflow. The attack...

CVE-2026-2925 D-Link DWR-M960 Bridge VLAN Configuration Endpoint formBridgeVlan sub_42B5A0 stack-based overflow

A vulnerability was detected in D-Link DWR-M960 1.01.07. Affected by this issue is the function sub42B5A0 of the file /boafrm/formBridgeVlan of the component Bridge VLAN Configuration Endpoint. Performing a manipulation of the argument submit-url results in stack-based buffer overflow. The attack...

D-Link DWR-M960 安全漏洞

The D-Link DWR-M960 is a router produced by D-Link Corporation. The D-Link DWR-M960 version 1.01.07 has a security vulnerability. This vulnerability stems from incorrect handling of parameters submitted in the function sub42B5A0 within the component Bridge VLAN Configuration Endpoint’s...

SUSE CVE-2025-71112

In the Linux kernel, the following vulnerability has been resolved: net: hns3: add VLAN id validation before using Currently, the VLAN id may be used without validation when receive a VLAN configuration mailbox from VF. The length of vlandelfailbmap is BITSTOLONGSVLANNVID. It may cause...

CVE-2025-71112

In the Linux kernel, the following vulnerability has been resolved: net: hns3: add VLAN id validation before using Currently, the VLAN id may be used without validation when receive a VLAN configuration mailbox from VF. The length of vlandelfailbmap is BITSTOLONGSVLANNVID. It may cause...

CVE-2023-25582

Two OS command injection vulnerabilities exist in the zebra vlanname functionality of Milesight UR32L v32.3.0.5. A specially crafted network request can lead to command execution. An attacker can send a network request to trigger these vulnerabilities.This command injection is in the code branch...

CVE-2023-25583

Two OS command injection vulnerabilities exist in the zebra vlanname functionality of Milesight UR32L v32.3.0.5. A specially crafted network request can lead to command execution. An attacker can send a network request to trigger these vulnerabilities.This command injection is in the code branch...

CVE-2025-12213

A security vulnerability has been detected in Tenda O3 1.0.0.102478. This vulnerability affects the function SetValue/GetValue of the file /goform/setVlanConfig. Such manipulation of the argument lan leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been...

PT-2025-43873

Name of the Vulnerable Software and Affected Versions Tenda O3 version 1.0.0.102478 Description A security issue exists in Tenda O3 version 1.0.0.102478. The SetValue/GetValue function within the /goform/setVlanConfig file is susceptible to a stack-based buffer overflow. This occurs through...

Tenda O3 安全漏洞

Tenda O3 is an outdoor wireless bridge from Tenda, China. The Tenda O3 suffers from a buffer overflow vulnerability that stems from the parameter lan in the file /goform/setVlanConfig failing to properly validate the length of the input data, which can be exploited by an attacker to cause a stack...

EUVD-2013-4539

Malware in sbrugna...

EUVD-2023-29525

Malicious code in bioql PyPI...

EUVD-2023-29524

Malicious code in bioql PyPI...

CVE-2024-44573

A stored cross-site scripting XSS vulnerability in the VLAN configuration of RELY-PCIe v22.2.1 to v23.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

PT-2026-2873

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the networking subsystem related to the hns3 driver. Specifically, the system lacks proper validation of VLAN IDs received from a Virtual Function VF...

CVE-2024-44573

A stored cross-site scripting XSS vulnerability in the VLAN configuration of RELY-PCIe v22.2.1 to v23.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

CVE-2024-44573

A stored cross-site scripting XSS vulnerability in the VLAN configuration of RELY-PCIe v22.2.1 to v23.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload...

PT-2024-31188 · Rely-Pcie · Rely-Pcie

Name of the Vulnerable Software and Affected Versions: RELY-PCIe versions 22.2.1 through 23.1.0 Description: A stored cross-site scripting XSS vulnerability in the VLAN configuration allows attackers to execute arbitrary web scripts or HTML via a crafted payload. Recommendations: For RELY-PCIe...