130931 matches found
WAVLINK AC3000 internet.cgi set_qos function cli_name parameter buffer overflow vulnerability
WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. A buffer overflow vulnerability exists in the WAVLINK AC3000 M33A8.V5030.210505 version, which originates from the cliname parameter of the internet.cgi setqos function that fails to correctly validate the length of the input data, an...
WAVLINK AC3000 login.cgi Goto_chidx function buffer overflow vulnerability
WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. A buffer overflow vulnerability exists in the WAVLINK AC3000 M33A8.V5030.210505 version, which originates from the login.cgi Gotochidx function failing to correctly validate the length of the input data, and can be exploited by a remo...
WAVLINK AC3000 login.cgi restart_hour_value parameter command injection vulnerability in set_sys_init function
WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. A command injection vulnerability exists in the WAVLINK AC3000 M33A8.V5030.210505 version, which stems from the restarthourvalue parameter of the login.cgi setsysinit function failing to correctly filter the constructor command specia...
TOTOLINK X5000R recHour Parameter Command Injection Vulnerability in the setScheduleCfg Function
The TOTOLINK X5000R is a router from China's Gion Electronics TOTOLINK. A command injection vulnerability exists in the TOTOLINK X5000R version V9.1.0cu.2350B20230313, which stems from the "recHour" parameter in setScheduleCfg failing to correctly filter for constructor special characters,...
Adobe Photoshop Digital Error Vulnerability
Adobe Photoshop is a set of image processing software from the American company Audobee Adobe. The software is mainly used for processing pictures. A security vulnerability exists in Adobe Photoshop, which can be exploited by an attacker to potentially cause arbitrary code to be executed in the...
Unspecified Vulnerability in Microsoft Windows Telephony Server (CNVD-2025-02538)
Microsoft Windows Telephony Server is a component of Microsoft Corporation USA that supports the Telephony Application Programming Interface TAPI, which allows computer programs to communicate with shared telephony services. A security vulnerability exists in Microsoft Windows Telephony Server. A...
Unspecified Vulnerability in Microsoft Windows Secure Boot (CNVD-2025-02537)
Microsoft Windows Secure Boot is a secure boot from Microsoft USA. A security vulnerability exists in Microsoft Windows Secure Boot. An attacker could exploit the vulnerability to bypass certain features...
Microsoft Message Queuing Denial of Service Vulnerability (CNVD-2025-02137)
Microsoft Message Queuing is the solution for implementing asynchronous and synchronous scenarios that require high performance. A security vulnerability exists in Microsoft Message Queuing. An attacker could exploit this vulnerability to cause a denial of service on the system...
Microsoft Message Queuing Denial of Service Vulnerability (CNVD-2025-02134)
Microsoft Message Queuing is the solution for implementing asynchronous and synchronous scenarios that require high performance. A security vulnerability exists in Microsoft Message Queuing. An attacker could exploit this vulnerability to cause a denial of service on the system...
Microsoft MapUrlToZone Denial of Service Vulnerability
Microsoft MapUrlToZone is a lightweight console application written in C++ by Microsoft. A security vulnerability exists in Microsoft MapUrlToZone. An attacker could exploit this vulnerability to cause a denial of service...
Microsoft IP Helper Resource Management Error Vulnerability
Microsoft IP Helper is a Microsoft API Application Programming Interface for managing local computer network configurations. A security vulnerability exists in Microsoft IP Helper. An attacker could exploit the vulnerability to cause a denial of service on the system...
Microsoft Graphics Component elevation of privilege vulnerability (CNVD-2025-02131)
Microsoft Graphics Component is a graphics driver component of Microsoft Corporation USA. A security vulnerability exists in Microsoft Graphics Component. An attacker could exploit the vulnerability to elevate privileges...
Microsoft Brokering File System Elevation of Privilege Vulnerability
Microsoft Brokering File System is a file system from the American company Microsoft. A security vulnerability exists in Microsoft Brokering File System. An attacker could exploit the vulnerability to elevate privileges...
Microsoft Active Directory Domain Services Elevation of Privilege Vulnerability (CNVD-2025-02127)
Microsoft Active Directory Domain Services is a key service from Microsoft Corporation USA for managing and organizing resources, users, computers, and other security objects in a network. A security vulnerability exists in Microsoft Active Directory Domain Services. An attacker could exploit the...
Adobe Substance 3D Stager Buffer Overflow Vulnerability (CNVD-2025-02126)
Adobe Substance 3D Stager is a virtual 3D studio from the American company Audobee Adobe. A security vulnerability exists in Adobe Substance 3D Stager that can be exploited by an attacker to cause arbitrary code to be executed in the current user's context...
Adobe Substance 3D Stager Buffer Overflow Vulnerability (CNVD-2025-02125)
Adobe Substance 3D Stager is a virtual 3D studio from the American company Audobee Adobe. A security vulnerability exists in Adobe Substance 3D Stager that can be exploited by an attacker to cause arbitrary code to be executed in the current user's context...
Unspecified Vulnerability in Adobe Substance 3D Stager (CNVD-2025-02124)
Adobe Substance 3D Stager is a virtual 3D studio from the American company Audobee Adobe. A security vulnerability exists in Adobe Substance 3D Stager that can be exploited by an attacker to cause arbitrary code to be executed in the current user's context...
Adobe Animate Numeric Error Vulnerability
Adobe Animate is a set of Flash animation software from the American company Audobee Adobe. A security vulnerability exists in Adobe Animate that can be exploited by an attacker to cause arbitrary code to be executed in the current user's context...
dingfanzu SQL injection vulnerability (CNVD-2025-02106)
dingfanzu is a php based takeaway ordering website. A SQL injection vulnerability exists in dingfanzu v1.0, which stems from the application's lack of validation of externally entered SQL statements. A local attacker can exploit this vulnerability to execute arbitrary code via the contents of the...
Fortinet FortiDeceptor Cross-Site Scripting Vulnerability
Fortinet FortiDeceptor is a cyber threat detection platform from the American company Fiat Fortinet. The platform focuses on exposing cyber threats through deception techniques, among other things. Fortinet FortiDeceptor cross-site scripting vulnerability, the vulnerability stems from the...
WAVLINK AC3000 nas.cgi set_nas function command injection vulnerability
WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. A command injection vulnerability exists in the WAVLINK AC3000 M33A8.V5030.210505 version, which stems from the nas.cgi setnas function failing to correctly filter constructed command special characters, commands, and so on. An attack...
Microsoft Windows Kernel Log Message Disclosure Vulnerability (CNVD-2025-02837)
The Microsoft Windows Kernel is the kernel of the Windows operating system from the American company Microsoft. A security vulnerability exists in Microsoft Windows Kernel Memory. An attacker could exploit the vulnerability to obtain sensitive information...
Unspecified Vulnerability in D-Link DIR-823X (CNVD-2025-02107)
The D-Link DIR-823X is a wireless router from China's AUO D-Link. A security vulnerability exists in the D-Link DIR-823X version 240126/240802 that stems from the presence of a null pointer dereference. No details of the vulnerability are provided at this time...
TOTOLINK X5000R week parameter command injection vulnerability in setWiFiScheduleCfg function
The TOTOLINK X5000R is a router from China's Gion Electronics TOTOLINK. A command injection vulnerability exists in the TOTOLINK X5000R version V9.1.0cu.2350B20230313, which stems from the "week" parameter in setWiFiScheduleCfg failing to correctly filter constructed command special characters,...
WAVLINK AC3000 internet.cgi en_enable parameter buffer overflow vulnerability in set_qos function
WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. A buffer overflow vulnerability exists in the WAVLINK AC3000 M33A8.V5030.210505, which is caused by the enenable parameter of the internet.cgi setqos function failing to correctly validate the length of the input data, and can be...
WAVLINK AC3000 firewall.cgi iptablesWebsFilterRun Function Command Injection Vulnerability
WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. A command injection vulnerability exists in the WAVLINK AC3000 M33A8.V5030.210505 version, which stems from the firewall.cgi iptablesWebsFilterRun function failing to correctly filter constructor command special characters, commands,...
WAVLINK AC3000 adm.cgi set_wzap function buffer overflow vulnerability
WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. A buffer overflow vulnerability exists in the WAVLINK AC3000 M33A8.V5030.210505, which is caused by the adm.cgi setwzap function failing to correctly validate the length of the input data, and can be exploited by a remote attacker to...
WAVLINK AC3000 Information Disclosure Vulnerability
WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. The WAVLINK AC3000 suffers from an information disclosure vulnerability that can be exploited by an attacker to cause the disclosure of sensitive information via a specially crafted HTTP request...
Microsoft Windows Resource Management Error Vulnerability (CNVD-2025-02539)
Microsoft Windows is a set of operating systems for use on personal devices from the American company Microsoft. A security vulnerability exists in Microsoft Windows upnphost.dll. An attacker could exploit this vulnerability to cause a denial of service on the system...
Microsoft Windows Kernel Log Message Disclosure Vulnerability (CNVD-2025-02535)
The Microsoft Windows Kernel is the kernel of the Windows operating system from the American company Microsoft. A security vulnerability exists in Microsoft Windows Kernel Memory. An attacker exploiting this vulnerability could gain access to sensitive information...
WAVLINK AC3000 Static Login Vulnerability
WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. The WAVLINK AC3000 suffers from a static login vulnerability that can be exploited by attackers to cause root access via specially crafted network packets...
TOTOLINK X5000R setScheduleCfg function week parameter command injection vulnerability
The TOTOLINK X5000R is a router from China's Gion Electronics TOTOLINK. A command injection vulnerability exists in the TOTOLINK X5000R version V9.1.0cu.2350B20230313, which stems from the failure of the "week" parameter in setScheduleCfg to correctly filter for constructed command special...
WAVLINK AC3000 External Configuration Control Vulnerability
WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. An external configuration control vulnerability exists in the WAVLINK AC3000, which can be exploited by attackers to cause a privilege bypass...
WAVLINK AC3000 Command Injection Vulnerability (CNVD-2025-08327)
WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. The WAVLINK AC3000 suffers from a command injection vulnerability that stems from the nas.cgi removedir function failing to properly filter constructor command special characters, commands, etc. The vulnerability can be exploited to...
WAVLINK AC3000 Command Injection Vulnerability (CNVD-2025-08325)
WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. The WAVLINK AC3000 suffers from a command injection vulnerability that originates from the failure of the restartweekvalue parameter of the login.cgi setsysinit function to correctly filter constructed command special characters,...
Adobe Photoshop Uncontrolled Search Path Element Vulnerability
Adobe Photoshop is a set of image processing software from the American company Audobee Adobe. The software is mainly used for processing pictures. Adobe Photoshop suffers from an uncontrolled search path element vulnerability that can be exploited by an attacker to cause arbitrary code to be...
WAVLINK AC3000 Cross-Site Scripting Vulnerability
WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. A cross-site scripting vulnerability exists in the WAVLINK AC3000, which stems from the lack of effective filtering and escaping of user-supplied data in the login.cgi setlangCountryCode function, for which no detailed vulnerability...
Google Chrome Security Bypass Vulnerability (CNVD-2025-05089)
Google Chrome is a web browser from Google, an American company. A security bypass vulnerability exists in versions of Google Chrome prior to 132.0.6834.83, which can be exploited by attackers to bypass security restrictions...
Microsoft AutoUpdate for Mac Elevation of Privilege Vulnerability (CNVD-2026-00045)
Microsoft AutoUpdate for Mac is a Microsoft product auto-update application for the Mac platform from Microsoft Corporation USA. Microsoft AutoUpdate for Mac suffers from an elevation of privilege vulnerability that is exploited by attackers to gain elevated privileges on the system...
Microsoft Windows Hyper-V NT Kernel Integration VSP Elevation of Privilege Vulnerability
Microsoft Windows Hyper-V is a tool from Microsoft USA that provides hardware virtualization. An elevation of privilege vulnerability exists in Microsoft Windows Hyper-V NT Kernel Integration VSP, which can be exploited by an attacker to gain elevated privileges on a system...
Microsoft Visual Studio Elevation of Privilege Vulnerability
Microsoft Visual Studio is a family of development tool suites from Microsoft, and a largely complete set of development tools that includes most of the tools needed throughout the software lifecycle. A security vulnerability exists in Microsoft Visual Studio. An attacker can exploit the...
Google Chrome Security Bypass Vulnerability (CNVD-2025-06037)
Google Chrome is a web browser from Google, an American company. A security bypass vulnerability exists in Google Chrome, which can be exploited by attackers to bypass security restrictions...
WAVLINK AC3000 adm.cgi rep_as_bridge function buffer overflow vulnerability
WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. A buffer overflow vulnerability exists in the WAVLINK AC3000 M33A8.V5030.210505, which is caused by the adm.cgi repasbridge function failing to correctly validate the length of the input data, and can be exploited by a remote attacker...
Microsoft Brokering File System Elevation of Privilege Vulnerability (CNVD-2025-02130)
Microsoft Brokering File System is a file system from the American company Microsoft. A security vulnerability exists in Microsoft Brokering File System. An attacker could exploit the vulnerability to elevate privileges...
TOTOLINK X5000R eMinute Parameter Command Injection Vulnerability in setWiFiScheduleCfg Function
The TOTOLINK X5000R is a router from China's Gion Electronics TOTOLINK. The TOTOLINK X5000R suffers from a command injection vulnerability that stems from the "eMinute" parameter in setWiFiScheduleCfg failing to properly filter constructor special characters, commands, etc. The vulnerability can ...
WAVLINK AC3000 internet.cgi set_qos function buffer overflow vulnerability in cli_mac parameter
WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. A buffer overflow vulnerability exists in the WAVLINK AC3000 M33A8.V5030.210505 version, which originates from the climac parameter of the internet.cgi setqos function that fails to correctly validate the length and size of the input...
WAVLINK AC3000 Command Injection Vulnerability (CNVD-2025-09263)
WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. The WAVLINK AC3000 suffers from a command injection vulnerability that arises from the wireless.cgi AddMac function failing to properly filter special characters, commands, etc. used to construct commands. An attacker can exploit this...
WAVLINK AC3000 Buffer Overflow Vulnerability (CNVD-2025-08333)
WAVLINK AC3000 is a wireless router from China RuiYin WAVLINK. The WAVLINK AC3000 suffers from a buffer overflow vulnerability, which originates from the touchlistsync.cgi touchlistsync function that fails to properly validate the length of the input data, which can be exploited by an attacker to...
WAVLINK AC3000 internet.cgi set_add_routing function buffer overflow vulnerability
WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. A buffer overflow vulnerability exists in the WAVLINK AC3000 M33A8.V5030.210505 version, which originates from the internet.cgi setaddrouting function failing to correctly validate the length of the input data, and can be exploited by...
Microsoft Windows Kernel Log Message Disclosure Vulnerability
The Microsoft Windows Kernel is the kernel of the Windows operating system from the American company Microsoft. A security vulnerability exists in Microsoft Windows Kernel Memory. An attacker could exploit the vulnerability to obtain sensitive information...