Lucene search
K
Bdu FstecRecent

90336 matches found

BDU FSTEC
BDU FSTEC
added 2026/06/01 12:0 a.m.2 views

The vulnerability of the PIM Core Upload module of the PHP software platform pimcore allows a attacker to perform XSS attacks.

The vulnerability of the PIM Core Upload module of the PHP software platform, pimcore, is related to the lack of measures taken to protect the structure of the web page. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...

8.5CVSS5.7AI score0.01039EPSS
Exploits2References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/01 12:0 a.m.2 views

The vulnerability of the Mattermost instant messaging application, related to uncontrolled resource consumption, allows a hacker to cause a service failure.

The vulnerability of the Mattermost instant messaging application is related to an uncontrolled resource consumption due to the processing of large HTTP requests. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

7.8CVSS5.8AI score0.00254EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/01 12:0 a.m.2 views

The vulnerability of the LXD container management system, which stems from insufficient validation of input data, allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.

The vulnerability of the LXD container management system is related to insufficient validation of input data. Exploiting this vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of protected information...

9.1CVSS5.8AI score0.00424EPSS
Exploits1References7Affected Software4
BDU FSTEC
BDU FSTEC
added 2026/06/01 12:0 a.m.3 views

The vulnerability of the pstrip64.sys driver, a utility for configuring video card and monitor parameters, allows a hacker to modify critical kernel structures or increase their privileges.

The vulnerability of the pstrip64.sys driver, a utility for configuring video card and monitor parameters, is related to deficiencies in access control. Exploiting this vulnerability could allow an attacker to modify critical kernel structures or increase their privileges...

7.8CVSS5.8AI score0.00107EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/01 12:0 a.m.1 views

The vulnerability of the get_dashboard_data() function in the customer support management platform for Frappe Helpdesk allows a hacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the getdashboarddata function in the Frappe Helpdesk customer support platform relates to the lack of protective measures for the SQL query structure. Exploiting this vulnerability allows an attacker to compromise the confidentiality, integrity, and accessibility of the...

9CVSS5.8AI score0.00468EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/01 12:0 a.m.1 views

The vulnerabilities of SAP HANA Cockpit and SAP HANA Database Explorer tools, related to insufficient protection of registration data, allow attackers to compromise the confidentiality of protected information.

The vulnerability of SAP HANA Cockpit and SAP HANA Database Explorer tools is related to insufficient protection of registration data. Exploiting this vulnerability can allow a malicious actor to compromise the confidentiality of the protected information...

5CVSS5.8AI score0.00304EPSS
Exploits2References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/01 12:0 a.m.3 views

The vulnerability of the formPortFw() function in TRENDnet TEW-432BRP router’s microprogramming software allows a hacker to execute arbitrary code.

The vulnerability of the formPortFw function in TRENDnet TEW-432BRP router microprogramming software is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

9CVSS6.4AI score0.00463EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/01 12:0 a.m.2 views

The vulnerability of the ConnectToSynactis method of the ActiveX Synactis PDF In-The-Box control (PDF_IN_1.ocx) allows a attacker to execute arbitrary code.

The vulnerability of the ConnectToSynactis method of the ActiveX Synactis PDF In-The-Box control PDFIN1.ocx is related to the issue of operations going out of the buffer in memory when the code generation is not properly managed. Exploiting this vulnerability could allow a remote attacker to...

7.5CVSS6.3AI score0.01173EPSS
Exploits0References6
BDU FSTEC
BDU FSTEC
added 2026/06/01 12:0 a.m.2 views

The vulnerability of the qfq_reset_qdisc() function in the net/sched/sch_qfq.c module of the network scheduling subsystem of the Linux operating system allows a attacker to cause a service failure.

The vulnerability of the qfqresetqdisc function in the net/sched/schqfq.c module, within the net/sched subsystem of the Linux operating system’s kernel, is related to the dereferencing of a NULL pointer. Exploiting this vulnerability could allow an attacker to cause a service failure...

5.5CVSS5.8AI score0.00118EPSS
Exploits0References10Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/01 12:0 a.m.2 views

The vulnerability of the AMF function in the src/amf/ngap-handler.c script, a tool for creating and managing NR/LTE Open5GS mobile networks, allows a attacker to cause a service failure.

The vulnerability of the AMF function in the src/amf/ngap-handler.c script, a tool for creating and managing NR/LTE Open5GS mobile networks, is related to deficiencies in the authentication process. Exploiting this vulnerability could allow an attacker to cause service interruptions...

7.5CVSS5.8AI score0.00419EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/01 12:0 a.m.2 views

The vulnerability of Delta Electronics’ DIAView SCADA system lies in the incorrect limitation of the path name to the catalog, allowing a intruder to disclose protected information.

The vulnerability of the SCADA system from Delta Electronics’ DIAView relates to incorrect restrictions on the name of the path leading to the catalog. Exploiting this vulnerability could allow a malicious actor to disclose sensitive information about infected Delta Electronics DIAView...

7.8CVSS5.7AI score0.11131EPSS
Exploits0References7Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/01 12:0 a.m.3 views

The vulnerability of the formSetEnableWizard() function in TRENDnet TEW-432BRP router software allows a hacker to execute arbitrary code.

The vulnerability of the formSetEnableWizard function in TRENDnet TEW-432BRP router software is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

9CVSS6.4AI score0.00472EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/01 12:0 a.m.2 views

The vulnerability of the SSH service in the TP-Link Archer C64 router’s microprogramming software allows a attacker to execute a brute-force attack.

The vulnerability of the SSH service in TP-Link Archer C64 software routers involves bypassing authentication by using an alternative path or channel. Exploiting this vulnerability allows a malicious actor to execute a brute-force attack remotely...

8.8CVSS5.8AI score0.0051EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2026/06/01 12:0 a.m.2 views

The vulnerability of the npm library Color-Convert, related to the presence of undeclared functions, allows a hacker to execute arbitrary code.

The vulnerability of the npm library Color-Convert is related to the presence of undeclared capabilities. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

8.5CVSS6.1AI score0.00378EPSS
Exploits0References7Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/01 12:0 a.m.2 views

The vulnerability in the mission_block.cpp component of the PX4 Autopilot system allows a intruder to alter the flight path of the aircraft.

The vulnerability of the missionblock.cpp component in the PX4 Autopilot system management software is related to incorrect handling of values. Exploiting this vulnerability could allow an attacker to alter the flight path of the aircraft...

6.6CVSS5.8AI score0.00242EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/01 12:0 a.m.2 views

The vulnerability of the PX4 Autopilot system, which involves copying buffers without checking the size of the input data, allows a intruder to trigger a service failure.

The vulnerability of the missionblock.cpp component in the PX4 Autopilot system management software lies in the copying of buffers without checking the size of the input data. Exploiting this vulnerability could allow a hacker to cause a service failure...

4.4CVSS5.8AI score0.00256EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/01 12:0 a.m.2 views

The vulnerability of the HTTP GET Request Handler component of the LibreChat artificial intelligence-based platform allows a attacker to perform XSS attacks.

The vulnerability of the HTTP GET Request Handler component of the LibreChat artificial intelligence-based platform is related to the lack of measures taken to protect the website structure. Exploiting this vulnerability allows a malicious actor to carry out XSS attacks remotely...

5.5CVSS5.7AI score0.00423EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/01 12:0 a.m.3 views

The vulnerability of the moodle-mod_customcert plugin in the virtual learning environment Moodle, which allows a intruder to gain unauthorized access to protected information

The vulnerability of the moodle-modcustomcert plugin in the virtual learning environment Moodle relates to bypassing authentication using a key controlled by the user. Exploiting this vulnerability could allow an intruder, operating remotely, to gain unauthorized access to protected information...

9.6CVSS5.8AI score0.00168EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/01 12:0 a.m.2 views

The vulnerability of the software for automating browser processes in Skyvern lies in the lack of measures to neutralize special elements in the template creation mechanism. This allows a perpetrator to execute arbitrary code.

The vulnerability of the software for automating browser processes in Skyvern is related to the lack of measures taken to neutralize special elements in the template creation mechanism. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

8.5CVSS6.1AI score0.13746EPSS
Exploits6References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/01 12:0 a.m.2 views

The vulnerability of the nossrf software lies in its insufficiently checked incoming requests, which allows a perpetrator to execute an SSRF attack.

The vulnerability of the nossrf software is related to insufficient testing of incoming requests. Exploiting this vulnerability allows a remote attacker to execute an SSRF attack...

8.5CVSS5.9AI score0.00365EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/01 12:0 a.m.2 views

The vulnerability of the PowerChute Serial Shutdown software for managing uninterruptible power supplies arises from improper encoding or shielding of output data. This allows a intruder to compromise the integrity of the protected information.

The vulnerability of the PowerChute Serial Shutdown software for managing uninterruptible power sources is related to improper encoding or shielding of output data. Exploiting this vulnerability could allow an attacker operating remotely to compromise the integrity of the protected information...

5.3CVSS5.8AI score0.00186EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/01 12:0 a.m.2 views

The vulnerability of the setPortalConfWeChat() function in the cgi-bin/cstecgi.cgi script of the TOTOLINK A7100RU router’s microprogramming software allows a hacker to execute arbitrary commands.

The vulnerability of the setPortalConfWeChat function in the cgi-bin/cstecgi.cgi script of the TOTOLINK A7100RU router’s microprogramming system is related to the lack of measures taken at the management level to protect data. Exploiting this vulnerability could allow an attacker to execute...

10CVSS7.5AI score0.02981EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/01 12:0 a.m.2 views

The vulnerability of the Platinum Host Service antivirus software, Trend Micro Internet Security, allows a hacker to execute arbitrary code within the SYSTEM context.

The vulnerability of the Platinum Host Service antivirus software, Trend Micro Internet Security, is related to improper termination or release of resources. Exploiting this vulnerability can allow an attacker to execute arbitrary code within the context of the SYSTEM process...

7.8CVSS6.1AI score0.00144EPSS
Exploits0References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/06/01 12:0 a.m.8 views

The vulnerability of the npm library Color-Name relates to the presence of undeclared functions, allowing a hacker to execute arbitrary code.

The vulnerability of the npm library Color-Name is related to the presence of undeclared functions. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

8.5CVSS6.4AI score0.00473EPSS
Exploits0References7Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/29 12:0 a.m.2 views

The vulnerability of the setTelnetCfg() function (/cgi-bin/cstecgi.cgi) in the TOTOLINK A7100RU router’s microprogramming software allows a hacker to execute arbitrary commands.

The vulnerability of the setTelnetCfg function /cgi-bin/cstecgi.cgi of the TOTOLINK A7100RU router’s microprogramming software is related to the failure to take measures to neutralize special elements used in the operating system’s command for handling the telnetenabled parameter. Exploiting this...

10CVSS7.6AI score0.01803EPSS
Exploits0References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/29 12:0 a.m.3 views

The vulnerability of the fromSafeEmailFilter() function (/goform/SafeEmailFilter) in the Tenda F451 router software allows a hacker to execute arbitrary code or cause service failures.

The vulnerability of the fromSafeEmailFilter function /goform/SafeEmailFilter in the Tenda F451 router software lies in the issue of the operation being executed outside the buffer in memory when processing the page parameter. Exploiting this vulnerability allows a malicious actor to execute...

9CVSS7.8AI score0.00511EPSS
Exploits0References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/29 12:0 a.m.2 views

The vulnerability of the bit_read_RC() function in the Dwgbmp Utility component, a library for processing DWG format files in LibreDWG, allows a hacker to cause a service failure.

The vulnerability of the bitreadRC function in the Dwgbmp Utility component, a library for processing DWG format files in the LibreDWG library, is related to the execution of operations outside the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to cause service...

7.5CVSS6.1AI score0.00339EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/29 12:0 a.m.2 views

The vulnerability of the IBM HTTP Server web server, related to improper code generation management, allows attackers to execute arbitrary code or cause service failures.

The vulnerability of the IBM HTTP Server is related to incorrect code generation management. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause service interruptions...

10CVSS6.2AI score0.00488EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/29 12:0 a.m.2 views

The vulnerability of the authorization mechanism for performers of artificial intelligence workflow runners on a Git-based software platform for collaborative code development on GitLab allows a perpetrator to compromise the confidentiality and integrity of the protected information.

The vulnerability of the authorization mechanism for performers of artificial intelligence AI workflow runners on a Git-based software platform for collaborative code development on GitLab relates to bypassing authorization by using a user-controlled key. Exploiting this vulnerability could allow...

8.2CVSS5.8AI score0.00341EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/29 12:0 a.m.3 views

The vulnerability of the shortcuts.xml configuration file of the text editor Notepad++ allows a hacker to execute arbitrary code.

The vulnerability of the shortcuts.xml configuration file of the text editor Notepad++ is related to the failure to remove special elements. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

7.8CVSS6AI score0.0036EPSS
Exploits3References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/29 12:0 a.m.2 views

The vulnerability of the Boa HTTP-server microprogramming software-based routers from Tenda HG9 allows attackers to execute arbitrary code or cause service failures.

The vulnerability of the Boa HTTP-server microprogrammed routing software from Tenda HG9 involves the execution of operations outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause a service failure...

9CVSS8AI score0.00556EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/29 12:0 a.m.2 views

The vulnerability of the sub_4151FC() function in the embedded web server of the D-Link DIR-825M router’s software allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the sub4151FC function in the embedded web server of the D-Link DIR-825M router’s software is related to the copying of buffer data without checking the size of the input data during the processing of the submit-url parameter. Exploiting this vulnerability allows an attacker ...

9CVSS7.8AI score0.0069EPSS
Exploits1References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/29 12:0 a.m.3 views

The vulnerability of the sub_453140() function in D-Link DWR-M960 router microprogramming software allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the sub453140 function in D-Link DWR-M960 router microprogramming software is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause malfunctions in the device...

9CVSS8AI score0.00728EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/29 12:0 a.m.2 views

The vulnerability of the setLoginPasswordCfg() function (/cgi-bin/cstecgi.cgi) in the TOTOLINK A7100RU router’s software allows a hacker to execute arbitrary commands.

The vulnerability of the setLoginPasswordCfg function /cgi-bin/cstecgi.cgi of the TOTOLINK A7100RU router software is related to the failure to take measures to neutralize special elements used in the operating system’s processing of the admpass parameter. Exploiting this vulnerability allows a...

10CVSS7.6AI score0.01803EPSS
Exploits0References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/29 12:0 a.m.2 views

The vulnerability of the formWlanSetup() function in Tenda HG9 router software allows a hacker to execute arbitrary code or cause a service failure.

The vulnerability of the formWlanSetup function in the Tenda HG9 router’s microprogramming software is related to the execution of operations outside the buffer in memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code or cause a service failure...

9CVSS8AI score0.00556EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/29 12:0 a.m.3 views

The vulnerability of AMD’s microprogramming software lies in the improper isolation of common resources between trusted and untrusted agents, allowing attackers to elevate their privileges.

The vulnerability of AMD’s microprogrammed software lies in the improper isolation of common resources between trusted and untrusted agents. Exploiting this vulnerability can allow attackers to increase their privileges...

7CVSS5.8AI score0.00258EPSS
Exploits0References3Affected Software17
BDU FSTEC
BDU FSTEC
added 2026/05/29 12:0 a.m.2 views

The vulnerability of the `DcmByteString::makeDicomByteString` function in the `dcmdata/libsrc/dcbytstr.cc` library, which is used for working with DICOM format files. This vulnerability allows an attacker to cause a service failure.

The vulnerability of the DcmByteString::makeDicomByteString function in the dcmdata/libsrc/dcbytstr.cc library, which is used for working with DICOM format data, relates to the issue of the operation being executed outside of the buffer’s memory boundaries. Exploiting this vulnerability could all...

6.5CVSS5.8AI score0.00233EPSS
Exploits0References6Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/05/29 12:0 a.m.2 views

The vulnerability of the Linux operating system’s kernel SVM component, which allows a hacker to cause a service failure

The vulnerability of the Linux operating system’s kernel SVM component is related to insufficient checks on the state of shared resources. Exploiting this vulnerability can allow attackers to cause service failures...

5.5CVSS6AI score0.00161EPSS
Exploits0References12Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/05/29 12:0 a.m.3 views

The vulnerability of the netfilter component in the Linux operating system’s kernel, which leads to uncontrolled resource consumption, allows a hacker to cause a service failure.

The vulnerability of the netfilter component in the Linux operating system’s kernel is related to uncontrolled resource consumption. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

7.8CVSS5.8AI score0.00327EPSS
Exploits0References14Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/05/29 12:0 a.m.2 views

The vulnerability of the Git-based software platform for collaborative code development on GitLab, related to the distribution of resources without any restrictions or regulations, allows a violator to trigger a service failure.

The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to the distribution of resources without any restrictions or regulations. Exploiting this vulnerability allows a malicious actor to cause service interruptions remotely...

6.8CVSS5.8AI score0.00471EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/29 12:0 a.m.2 views

The vulnerability of the Git-based software platform for collaborative code development on GitLab stems from deficiencies in the authentication process, which allows unauthorized users to gain unauthorized access to protected information.

The vulnerability of the Git-based software platform for collaborative code development on GitLab is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor, operating remotely, to gain unauthorized access to protected information...

4.3CVSS5.8AI score0.00243EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/29 12:0 a.m.2 views

The vulnerability of the IBM HTTP Server, related to the swapping of an untrusted pointer, allows a attacker to disclose sensitive information or cause service failures.

The vulnerability of the IBM HTTP Server is related to the misuse of a trusted pointer. Exploiting this vulnerability can allow an attacker to disclose sensitive information or cause service failures...

7.3CVSS5.7AI score0.00252EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/29 12:0 a.m.2 views

The vulnerability of the mod_mem_cache module in the IBM HTTP Server allows a hacker to cause a service failure.

The vulnerability of the modmemcache module in the IBM HTTP Server relates to the pointer being set to expired. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...

7.8CVSS5.8AI score0.00359EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/29 12:0 a.m.2 views

The vulnerability of the Duo Workflows API interface of the software platform based on git for collaborative code development on GitLab EE allows a perpetrator to circumvent existing security restrictions.

The vulnerability of the Duo Workflows API interface of the software platform based on git for collaborative code development in GitLab EE is related to deficiencies in the authentication process. Exploiting this vulnerability could allow a malicious actor to circumvent existing security...

4.3CVSS5.8AI score0.00196EPSS
Exploits0References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/29 12:0 a.m.2 views

The vulnerability of the config.xml configuration file of the Notepad++ text editor allows a hacker to execute arbitrary code.

The vulnerability of the config.xml configuration file of the text editor Notepad++ is related to the lack of measures taken to eliminate special elements during the processing of the commandLineInterpreter parameter. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

7.8CVSS6AI score0.01314EPSS
Exploits5References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/29 12:0 a.m.2 views

The vulnerability of the sub_425A28() function (/goform/DelFil) of the Tenda 4G300 router’s microprogramming software allows a attacker to execute arbitrary commands.

The vulnerability of the sub425A28 function /goform/DelFil of the Tenda 4G300 router’s microprogramming system is related to the lack of measures taken to neutralize special elements during the processing of the delflag parameter. Exploiting this vulnerability allows a remote attacker to execute...

6.5CVSS6.9AI score0.01314EPSS
Exploits0References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/29 12:0 a.m.2 views

The vulnerability of the fromGstDhcpSetSer() function in the httpd daemon’s microprogramming software for Tenda F456 allows a attacker to execute arbitrary code or cause a service failure.

The vulnerability of the fromGstDhcpSetSer function in the httpd daemon’s microprogramming-based router software Tenda F456 is related to the issue where operations are performed outside of the buffer in memory when processing the dips parameter. Exploiting this vulnerability allows a remote...

9CVSS7.9AI score0.00619EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/29 12:0 a.m.2 views

The vulnerability of the formWrlExtraSet() function (/goform/WrlExtraSet) in the Tenda F451 router software allows a attacker to execute arbitrary code or cause service interruptions.

The vulnerability of the formWrlExtraSet function /goform/WrlExtraSet of the Tenda F451 router software lies in the fact that the operation’s output goes beyond the buffer in memory when processing the GO parameter. Exploiting this vulnerability allows a remote attacker to execute arbitrary code ...

9CVSS7.8AI score0.00511EPSS
Exploits0References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2026/05/29 12:0 a.m.2 views

The vulnerability of the iommu/mediatek component in the Linux operating system’s kernel allows a hacker to cause a service failure.

The vulnerability of the iommu/mediatek component in the Linux operating system’s kernel is related to the use of memory after it is freed. Exploiting this vulnerability can allow an attacker to cause a service failure...

7.8CVSS5.8AI score0.00125EPSS
Exploits0References11Affected Software2
BDU FSTEC
BDU FSTEC
added 2026/05/29 12:0 a.m.2 views

The vulnerability in the net/mptcp/subflow.c component of the Linux operating system allows a attacker to cause a service failure.

The vulnerability of the net/mptcp/subflow.c component in the Linux operating system is related to synchronization errors when using shared resources. Exploiting this vulnerability can allow an attacker to cause a service failure...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References12Affected Software2
Total number of security vulnerabilities90336