CVE-2024-51347

A buffer overflow vulnerability in the dgiot binary in LSC Smart Indoor IP Camera V7.6.32. The flaw exists in the handling of the Time Zone TZ parameter within the ONVIF configuration interface. The time zone TZ parameter does not have its length properly validated before being copied into a...

CVE-2024-51347

CVE-2024-51347 affects the dgiot binary of the LSC Smart Indoor IP Camera (V7.6.32). The vulnerability is a buffer overflow in the ONVIF Time Settings TZ parameter handling, caused by unsafe strcpy() into a fixed-size buffer. Public sources describe an unauthenticated remote code execution path v...

CVE-2024-51347

A buffer overflow vulnerability in the dgiot binary in LSC Smart Indoor IP Camera V7.6.32. The flaw exists in the handling of the Time Zone TZ parameter within the ONVIF configuration interface. The time zone TZ parameter does not have its length properly validated before being copied into a...

CVE-2026-2565

A weakness has been identified in Wavlink WL-NU516U1 20251208. Affected by this issue is the function sub40785C of the file /cgi-bin/adm.cgi. This manipulation of the argument timezone causes stack-based buffer overflow. The attack can be initiated remotely. The attack is considered to have high...

WAVLINK WL-NU516U1 安全漏洞

WAVLINK WL-NU516U1 is a wireless print server developed by WAVLINK Corporation. The version 20251208 of WAVLINK WL-NU516U1 contains a security vulnerability. This vulnerability stems from incorrect handling of the parameter timezone in the file/cgi-bin/adm.cgi, which may lead to a stack buffer...

CVE-2026-2203

A flaw has been found in Tenda AC8 16.03.33.05. Affected by this vulnerability is an unknown functionality of the file /goform/fastsettingwifiset of the component Embedded Httpd Service. This manipulation of the argument timeZone causes buffer overflow. Remote exploitation of the attack is...

CVE-2026-2203 Tenda AC8 Embedded Httpd Service fast_setting_wifi_set buffer overflow

A flaw has been found in Tenda AC8 16.03.33.05. Affected by this vulnerability is an unknown functionality of the file /goform/fastsettingwifiset of the component Embedded Httpd Service. This manipulation of the argument timeZone causes buffer overflow. Remote exploitation of the attack is...

CVE-2025-70746

Tenda AX-1806 v1.0.0.1 was discovered to contain a stack overflow in the timeZone parameter of the fromSetSysTime function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

UBUNTU-CVE-2023-53997

In the Linux kernel, the following vulnerability has been resolved: thermal: of: fix double-free on unregistration Since commit 3d439b1a2ad3 "thermal/core: Alloc-copy-free the thermal zone parameters structure", thermalzonedeviceregister allocates a copy of the tzp argument and frees it when...

CVE-2025-14585 itsourcecode COVID Tracking System page sql injection

A vulnerability was found in itsourcecode COVID Tracking System 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/?page=zone. The manipulation of the argument ID results in sql injection. The attack may be launched remotely. The exploit has been made public and...

EUVD-2025-198252

A vulnerability has been found in Tenda AC21 16.03.08.16. This vulnerability affects unknown code of the file /goform/SetSysTimeCfg. The manipulation of the argument timeZone/time leads to stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been disclos...

CVE-2025-63458

Tenda AX-1803 v1.0.0.1 was discovered to contain a stack overflow via the timeZone parameter in the formfastsettingwifiset function. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted request...

CVE-2025-63458

Affected software: Tenda AX-1803 v1.0.0.1. Vulnerability: stack overflow via the timeZone parameter in the form_fast_setting_wifi_set function. Impact: Denial of Service (DoS) from a crafted request. Root cause: input length validation issue causing stack overflow. Exploitation: not detailed in t...

CVE-2025-11385

A vulnerability has been found in Tenda AC20 up to 16.03.08.12. The affected element is the function sscanf of the file /goform/fastsettingwifiset. The manipulation of the argument timeZone leads to buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the publi...

Linux Distros Unpatched Vulnerability : CVE-2024-52762

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A cross-site scripting XSS vulnerability in the component /master/header.php of Ganglia-web v3.73 to v3.76 allows attackers to execute arbitrary web scripts or...

Tenda AC20 安全漏洞

Tenda AC20 is a dual-band wireless router with IPv6 protocol support, featuring a triple-core 1GHz main controller with six 6dBi external antennas and a maximum wireless transmission rate of 2033Mbps. The Tenda AC20 suffers from a buffer overflow vulnerability that originates from improper handli...

WOLFBOX Level 2 EV Charger 安全漏洞

The WOLFBOX Level 2 EV Charger is an electric vehicle charger from WOLFBOX. A security vulnerability exists in the WOLFBOX Level 2 EV Charger that stems from improper handling of the secKey, localKey, stdTimeZone, and devId parameters, which could lead to a heap buffer overflow and remote code...

CVE-2021-30230

The api/ZRFirmware/settimezone interface in China Mobile An Lianbao WF-1 router 1.0.1 allows remote attackers to execute arbitrary commands via shell metacharacters in the zonename parameter...

CVE-2025-29360

Tenda RX3 USRX3V1.0brV16.03.13.11multiTDE01 is vulnerable to Buffer Overflow via the time and timeZone parameters at /goform/SetSysTimeCfg. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted packet...

WordPress Broadstreet plugin <= 1.51.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via zone Parameter vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via zone Parameter vulnerability discovered by Peter Thaleikis in WordPress Plugin Broadstreet Ads versions = 1.51.0...