130931 matches found
WAVLINK AC3000 nas.cgi disk_part parameter command injection vulnerability in the nas.cgi add_dir function
WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. A command injection vulnerability exists in the WAVLINK AC3000 M33A8.V5030.210505 version, which stems from the diskpart parameter of the nas.cgi adddir function failing to correctly filter the constructor command special characters,...
Microsoft Directx Resource Management Error Vulnerability
Microsoft Directx is a tool from Microsoft that is designed to fix Windows anomalies. This software repair tool automatically updates C++ components and fixes the 0xc000007b problem exception. A security vulnerability exists in Microsoft Directx. The vulnerability can be exploited by an attacker ...
WAVLINK AC3000 adm.cgi set_MeshAp function command injection vulnerability
WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. A command injection vulnerability exists in the WAVLINK AC3000 M33A8.V5030.210505 version, which stems from the failure of the adm.cgi setMeshAp function to properly filter constructed command special characters, commands, etc. The...
WAVLINK AC3000 Buffer Overflow Vulnerability (CNVD-2025-08331)
WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. The WAVLINK AC3000 suffers from a buffer overflow vulnerability that originates in the qos.cgi qosstasettings function that fails to properly validate the length and size of input data, which can be exploited by an attacker to execute...
Google Chrome Buffer Overflow Vulnerability (CNVD-2025-05090)
Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a buffer overflow vulnerability that can be exploited by an attacker to execute arbitrary code on the system or cause an application to crash...
WAVLINK AC3000 internet.cgi set_add_routing function netmask parameter command injection vulnerability
WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. A command injection vulnerability exists in the WAVLINK AC3000 M33A8.V5030.210505 version, which stems from the netmask parameter of the internet.cgi setaddrouting function failing to correctly filter constructed command special...
WAVLINK AC3000 External Configuration Control Vulnerability (CNVD-2025-09259)
WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. The WAVLINK AC3000 suffers from an external configuration control vulnerability that originates from the openvpn.cgi openvpnserversetup function's selopenprotocol parameter failing to correctly filter constructed command special...
WAVLINK AC3000 Buffer Overflow Vulnerability (CNVD-2025-09262)
WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. The WAVLINK AC3000 suffers from a buffer overflow vulnerability that originates from the wireless.cgi AddMac function failing to properly validate the length of input data, which can be exploited by an attacker to execute arbitrary co...
WAVLINK AC3000 Access Control Error Vulnerability
WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. The WAVLINK AC3000 suffers from an Access Control Error vulnerability that can be exploited by an attacker to cause an arbitrary firmware update via a specially crafted HTTP request...
Google Chrome Code Execution Vulnerability (CNVD-2025-05091)
Google Chrome is a web browser from Google, an American company. A code execution vulnerability exists in versions of Google Chrome prior to 132.0.6834.83, which can be exploited by an attacker to execute arbitrary code on a system...
WAVLINK AC3000 Buffer Overflow Vulnerability (CNVD-2025-08328)
WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. The WAVLINK AC3000 suffers from a buffer overflow vulnerability, which originates from the qosbandwidth parameter of the qos.cgi qossettings function that fails to properly validate the length of the input data, which can be exploited...
Google Chrome Code Execution Vulnerability (CNVD-2025-06038)
Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a code execution vulnerability that is caused by an out-of-bounds read in Metrics. An attacker can exploit the vulnerability to execute arbitrary code on the system...
Adobe Illustrator Numeric Error Vulnerability
Adobe Illustrator is a set of vector-based image creation software from the American company Audobee Adobe. A security vulnerability exists in Adobe Illustrator that can be exploited by an attacker to cause arbitrary code to be executed in the current user's context...
WAVLINK AC3000 Path Traversal Vulnerability
WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. The WAVLINK AC3000 suffers from a path traversal vulnerability, which stems from the failure of the adddirname parameter of the nas.cgi adddir function to correctly filter special elements in the path of a resource or file. An attacke...
WAVLINK AC3000 internet.cgi custom_interface parameter command injection vulnerability in set_add_routing function
WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. A command injection vulnerability exists in the WAVLINK AC3000 M33A8.V5030.210505 version, which stems from the failure of the custominterface parameter of the internet.cgi setaddrouting function to correctly filter constructed comman...
Microsoft Message Queuing Resource Management Error Vulnerability (CNVD-2025-02834)
Microsoft Message Queuing is the solution for implementing asynchronous and synchronous scenarios that require high performance. A security vulnerability exists in Microsoft Message Queuing. An attacker could exploit this vulnerability to cause a denial of service on the system...
Microsoft Windows BitLocker Information Disclosure Vulnerability (CNVD-2025-02534)
Microsoft Windows BitLocker is a Microsoft USA BitLocker ensures secure backup of recovery keys before activating the protection. A security vulnerability exists in Microsoft Windows BitLocker. An attacker could exploit the vulnerability to obtain sensitive information...
Adobe Illustrator Numeric Error Vulnerability
Adobe Illustrator is a set of vector-based image creation software from the American company Audobee Adobe. A security vulnerability exists in Adobe Illustrator that can be exploited by an attacker to cause arbitrary code to be executed in the current user's context...
WAVLINK AC3000 External Configuration Control Vulnerability (CNVD-2025-11442)
WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. An external configuration control vulnerability exists in the WAVLINK AC3000, which can be exploited by attackers to cause a privilege bypass...
WAVLINK AC3000 External Configuration Control Vulnerability (CNVD-2025-114444)
WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. An external configuration control vulnerability exists in the WAVLINK AC3000, which can be exploited by attackers to cause a privilege bypass...
Adobe Substance 3D Designer Out-of-Bounds Write Vulnerability (CNVD-2025-02092)
Adobe Substance 3D Designer is a 3D design software from the American company Audobee Adobe. Adobe Substance 3D Designer suffers from an out-of-bounds write vulnerability that can be exploited by an attacker to execute arbitrary code in the context of the current user...
Unspecified vulnerability in Linux kernel (CNVD-2025-02111)
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from an inaccessible ibsge list. No details of the vulnerability are provided at this time...
Unspecified Vulnerability in Microsoft BranchCache
Microsoft BranchCache is a Wide Area Network WAN bandwidth optimization technology from Microsoft that replicates content from headquarters or cloud content servers and caches the content at the branch office location so that client computers in the branch office can access the content locally. A...
Microsoft Message Queuing Denial of Service Vulnerability (CNVD-2025-02135)
Microsoft Message Queuing is the solution for implementing asynchronous and synchronous scenarios that require high performance. A security vulnerability exists in Microsoft Message Queuing. An attacker could exploit this vulnerability to cause a denial of service...
Microsoft Message Queuing Code Issue Vulnerability
Microsoft Message Queuing is the solution for implementing asynchronous and synchronous scenarios that require high performance. A security vulnerability exists in Microsoft Message Queuing. An attacker could exploit this vulnerability to cause a denial of service...
WAVLINK AC3000 nas.cgi add_dir function's adddir_name parameter command injection vulnerability
WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. A command injection vulnerability exists in the WAVLINK AC3000 M33A8.V5030.210505 version, which stems from the failure of the adddirname parameter of the nas.cgi adddir function to correctly filter construct command special character...
WAVLINK AC3000 External Configuration Control Vulnerability (CNVD-2025-09257)
WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. The WAVLINK AC3000 suffers from an external configuration control vulnerability that originates from the openvpn.cgi openvpnserversetup function's selopeninterface parameter failing to correctly filter constructed command special...
WAVLINK AC3000 Buffer Overflow Vulnerability
WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. The WAVLINK AC3000 suffers from a buffer overflow vulnerability that originates from the wireless.cgi setwifibasicmesh function failing to properly validate the length of the input data, which can be exploited by an attacker to execut...
Google Chrome Code Execution Vulnerability (CNVD-2025-06039)
Google Chrome is a web browser from Google, an American company. Google Chrome suffers from a code execution vulnerability that is caused by out-of-bounds memory access in V8. An attacker can exploit the vulnerability to execute arbitrary code on the system...
WAVLINK AC3000 Command Injection Vulnerability (CNVD-2025-08334)
WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. The WAVLINK AC3000 suffers from a command injection vulnerability that originates from the touchlistsync.cgi touchlistsync function failing to correctly filter constructed command special characters, commands, etc. An attacker could u...
WAVLINK AC3000 adm.cgi set_TR069 function buffer overflow vulnerability
WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. A buffer overflow vulnerability exists in the WAVLINK AC3000 M33A8.V5030.210505, which is caused by the adm.cgi setTR069 function failing to correctly validate the length of the input data, and can be exploited by a remote attacker to...
WAVLINK AC3000 adm.cgi set_ledonoff function command injection vulnerability
WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. A command injection vulnerability exists in the WAVLINK AC3000 M33A8.V5030.210505 version, which stems from the failure of the adm.cgi setledonoff function to correctly filter constructed command special characters, commands, etc. The...
WAVLINK AC3000 External Configuration Control Vulnerability
WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. The WAVLINK AC3000 suffers from an external configuration control vulnerability that stems from the openvpn.cgi openvpnclientsetup function failing to properly filter construct command special characters, commands, etc. The...
WAVLINK AC3000 nas.cgi set_smb_cfg function command injection vulnerability
WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. A command injection vulnerability exists in the WAVLINK AC3000 M33A8.V5030.210505 version, which stems from the nas.cgi setsmbcfg function failing to correctly filter constructed command special characters, commands, etc. The...
WAVLINK AC3000 adm.cgi set_TR069 Function Command Injection Vulnerability
WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. A command injection vulnerability exists in the WAVLINK AC3000 M33A8.V5030.210505 version, which stems from the failure of the adm.cgi setTR069 function to correctly filter constructed command special characters, commands, etc. The...
Adobe Substance 3D Stager Stack Buffer Overflow Vulnerability
Adobe Substance 3D Stager is a virtual 3D studio from the American company Audobee Adobe. Adobe Substance 3D Stager suffers from a stack buffer overflow vulnerability that can be exploited by an attacker to execute arbitrary code in the context of the current user...
WAVLINK AC3000 Command Execution Vulnerability (CNVD-2025-09260)
WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. The WAVLINK AC3000 suffers from a command execution vulnerability that originates from the updatefilterurl.sh function failing to properly filter construct command special characters, commands, etc. The vulnerability can be exploited ...
Adobe Substance 3D Designer Heap Buffer Overflow Vulnerability (CNVD-2025-02090)
Adobe Substance 3D Designer is a 3D design software from the American company Audobee Adobe. Adobe Substance 3D Designer suffers from a heap buffer overflow vulnerability that can be exploited by an attacker to execute arbitrary code in the context of the current user...
TOTOLINK X5000R setVpnAccountCfg function user parameter command injection vulnerability
The TOTOLINK X5000R is a router from China's Gion Electronics TOTOLINK. The TOTOLINK X5000R suffers from a command injection vulnerability that stems from the "user" parameter in setVpnAccountCfg failing to properly filter constructed command special characters, commands, etc. This vulnerability...
WAVLINK AC3000 Access Control Error Vulnerability
WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. The WAVLINK AC3000 is vulnerable to an access control error vulnerability that stems from a firmware update. No details of the vulnerability are available at this time...
Google Chrome Security Bypass Vulnerability (CNVD-2025-05088)
Google Chrome is a web browser from Google, an American company. A security bypass vulnerability exists in versions of Google Chrome prior to 132.0.6834.83, which can be exploited by attackers to bypass security restrictions...
Adobe Substance 3D Designer Heap Buffer Overflow Vulnerability (CNVD-2025-02091)
Adobe Substance 3D Designer is a 3D design software from the American company Audobee Adobe. Adobe Substance 3D Designer suffers from a heap buffer overflow vulnerability that can be exploited by an attacker to execute arbitrary code in the context of the current user...
WAVLINK AC3000 adm.cgi set_wzdgw4G function buffer overflow vulnerability
WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. A buffer overflow vulnerability exists in the WAVLINK AC3000 M33A8.V5030.210505 version, which originates from the adm.cgi setwzdgw4G function failing to correctly validate the length of the input data, and can be exploited by a remot...
WAVLINK AC3000 login.cgi restart_min_value parameter command injection vulnerability in set_sys_init function
WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. A command injection vulnerability exists in the WAVLINK AC3000 M33A8.V5030.210505 version, which stems from the restartminvalue parameter of the login.cgi setsysinit function failing to correctly filter the constructor command special...
Google Chrome Security Bypass Vulnerability (CNVD-2025-06040)
Google Chrome is a web browser from Google, an American company. A security bypass vulnerability exists in Google Chrome, which can be exploited by attackers to bypass security restrictions...
Unspecified vulnerability in Linux kernel (CNVD-2025-02110)
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a memory leak in the tcpconnrequest function. No details of the vulnerability are provided at this time...
D-Link DIR-878 Information Disclosure Vulnerability
The D-Link DIR-878 is a wireless router from China's AUO D-Link. An information disclosure vulnerability exists in the D-Link DIR-878 version 1.03, which stems from insufficient protection of sensitive information in the component HTTP POST request handler, and can be exploited by an attacker to...
Adobe Substance 3D Designer Out-of-Bounds Write Vulnerability (CNVD-2025-02093)
Adobe Substance 3D Designer is a 3D design software from the American company Audobee Adobe. Adobe Substance 3D Designer suffers from an out-of-bounds write vulnerability that can be exploited by an attacker to execute arbitrary code in the context of the current user...
TOTOLINK X5000R setScheduleCfg function's hour parameter command injection vulnerability
The TOTOLINK X5000R is a router from China's Gion Electronics TOTOLINK. A command injection vulnerability exists in the TOTOLINK X5000R version V9.1.0cu.2350B20230313, which stems from the "hour" parameter in setScheduleCfg failing to correctly filter constructed command special characters,...
WAVLINK AC3000 Command Injection Vulnerability (CNVD-2025-08332)
WAVLINK AC3000 is a wireless router from China Ruiyin WAVLINK. The WAVLINK AC3000 suffers from a command injection vulnerability that stems from the qos.cgi qossta function failing to properly filter construct command special characters, commands, etc. The vulnerability can be exploited to execut...