Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 Information Disclosure Vulnerabilities (CNVD-2025-29150)

The Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 are both networked access controllers from Azure Access Technology, USA. Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 have an information disclosure vulnerability that is caused by an error message...

TOTOLINK A3300R setDdnsCfg function buffer overflow vulnerability

TOTOLINK A3300R is a dual-band wireless router manufactured by China's Gion Electronics TOTOLINK, mainly used for home and small network environments. The TOTOLINK A3300R suffers from a buffer overflow vulnerability that originates from the failure of the function setDdnsCfg in the file...

TOTOLINK A3300R lang parameter buffer overflow vulnerability

The TOTOLINK A3300R is a wireless router from China's Gion Electronics TOTOLINK. A buffer overflow vulnerability exists in TOTOLINK A3300R version 17.0.0cu.557B20221024, which originates from the parameter lang in the file /cgi-bin/cstecgi.cgi that fails to correctly validate the length of the...

Client Details System manage-users.php File Cross-Site Scripting Vulnerability

Client Details System is a client information system. Client Details System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the file /admin/manage-users.php, which can be exploited by an attacker to execute...

Online Event Judging System edit_contestant.php File SQL Injection Vulnerability

Online Event Judging System is an online event judging system. Online Event Judging System suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter contestantid in the file /editcontestant.php. An attacker can...

Online Event Judging System add_contestant.php File SQL Injection Vulnerability

Online Event Judging System is an online event judging system. Online Event Judging System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally-entered SQL statement in the parameter fullname in the file /addcontestant.php. An attacker can exploi...

Tenda CH22 fromNatStaticSetting function buffer overflow vulnerability

Tenda CH22 is a network device from Tenda, China. Tenda CH22 version 1.0.0.1 suffers from a buffer overflow vulnerability, which originates from the parameter page of the function fromNatStaticSetting in the file /goform/NatStaticSetting that fails to correctly validate the length of the input...

Simple Food Ordering System editproduct.php File Upload Vulnerability

Simple Food Ordering System is a simple food ordering system. Simple Food Ordering System has a file upload vulnerability that stems from the lack of valid validation of uploaded files by the parameter photo in the file /editproduct.php. No details of the vulnerability are available at this time...

Simple Food Ordering System editproduct.php file cross-site scripting vulnerability

Simple Food Ordering System is a simple food ordering system. Simple Food Ordering System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameters pname, category, and price in the file /editproduct.php,...

Tenda CH22 fromVirtualSer function buffer overflow vulnerability

Tenda CH22 is a network device from Tenda, China. Tenda CH22 version 1.0.0.1 suffers from a buffer overflow vulnerability, which originates from the parameter page of the function fromVirtualSer in the file /goform/VirtualSer that fails to correctly validate the length of the input data, and can ...

Tenda CH22 formaddressNat function buffer overflow vulnerability

Tenda CH22 is a network device from Tenda, China. The Tenda CH22 suffers from a buffer overflow vulnerability that originates from the parameter page in the file /goform/addressNat that fails to properly validate the length of the input data, which can be exploited by an attacker to execute...

Tenda CH22 formRouteStatic function buffer overflow vulnerability

Tenda CH22 is a network device from Tenda, China. A buffer overflow vulnerability exists in Tenda CH22 version 1.0.0.1, which originates from the parameter page in the file /goform/RouteStatic that fails to correctly validate the length and size of the input data, and can be exploited by an...

Client Details System welcome.php File Cross-Site Scripting Vulnerability

Client Details System is a client information system. Client Details System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the file /welcome.php, which can be exploited by an attacker to execute arbitrary Web...

Simple Food Ordering System editcategory.php file cross-site scripting vulnerability

Simple Food Ordering System is a simple food ordering system. Simple Food Ordering System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameter pname in the file /editcategory.php, which can be exploit...

Simple Food Ordering System addcategory.php file cross-site scripting vulnerability

Simple Food Ordering System is a simple food ordering system. Simple Food Ordering System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameter cname in the file /addcategory.php, which can be exploite...

TOTOLINK A3300R setOpModeCfg function stack buffer overflow vulnerability

TOTOLINK A3300R is a dual-band wireless router manufactured by China's Gion Electronics TOTOLINK, mainly used for home and small network environments. The TOTOLINK A3300R suffers from a stack buffer overflow vulnerability that originates from the parameter opmode in the setOpModeCfg function in t...

Online Event Judging System edit_criteria.php File SQL Injection Vulnerability

Online Event Judging System is an online event judging system. Online Event Judging System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally-entered SQL statement in the parameter critid in the file /editcriteria.php. The vulnerability can be...

Client Details System Authorization Bypass Vulnerability

Client Details System is a client information system. An authorization bypass vulnerability exists in Client Details System that stems from an authorization bypass of an unknown function and can be exploited by an attacker to compromise confidentiality...

Client Details System update-clients.php file cross-site scripting vulnerability

Client Details System is a client information system. Client Details System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the file /update-clients.php, which can be exploited by an attacker to execute...

Tenda CH22 fromP2pListFilter function buffer overflow vulnerability

Tenda CH22 is a network device from Tenda, China. Tenda CH22 version 1.0.0.1 suffers from a buffer overflow vulnerability, which originates from the parameter page of the function fromP2pListFilter in the file /goform/P2pListFilter fails to correctly validate the length of the input data, and can...

Tenda CH22 formwebExcptypemanFilter function buffer overflow vulnerability

Tenda CH22 is a network device from Tenda, China. Tenda CH22 version 1.0.0.1 suffers from a buffer overflow vulnerability, which originates from the parameter page in the file /goform/webExcptypemanFilter that fails to correctly validate the length of the input data, and can be exploited by an...

Tenda CH22 fromDhcpListClient function buffer overflow vulnerability

Tenda CH22 is a network device from Tenda, China. Tenda CH22 version 1.0.0.1 suffers from a buffer overflow vulnerability, which originates from the function fromDhcpListClient parameter page in the file /goform/DhcpListClient fails to correctly validate the length of the input data, which can be...

Tenda CH22 fromSafeClientFilter function buffer overflow vulnerability

Tenda CH22 is a network device from Tenda, China. Tenda CH22 version 1.0.0.1 suffers from a buffer overflow vulnerability, which originates from the parameter page of the function fromSafeClientFilter in the file /goform/SafeClientFilter fails to correctly validate the length of the input data, a...

Devolutions Server Improper Input Validation Vulnerability

Devolutions Server is a security solution for managing privileged accounts and sessions, designed to help organizations centrally store and manage sensitive information such as passwords and credentials. Devolutions Server suffers from an improper input validation vulnerability that stems from...

IPFire Cross-Site Scripting Vulnerability (CNVD-2025-27707)

IPFire is an open source Linux distribution from the IPFire organization, used primarily as a router and firewall. IPFire suffers from a cross-site scripting vulnerability that can be exploited by attackers to inject arbitrary JavaScript code...

FRRouting Denial of Service Vulnerability

FRRouting is FRRouting open source a network routing software suite running on a Unix-like platform . FRRouting has a denial of service vulnerability caused by a NULL pointer dereference via the showvtyextprefprefsid function on ospfext.c, which can be exploited by an attacker to cause a denial o...

FRRouting Denial of Service Vulnerability (CNVD-2026-10885)

FRRouting is FRRouting open source a network routing software suite running on a Unix-like platform . FRRouting has a denial of service vulnerability caused by NULL pointer dereference via the showvtyextlinklanadjsid function on ospfext.c, which can be exploited by an attacker to cause a denial o...

FRRouting Denial of Service Vulnerability (CNVD-2026-10883)

FRRouting is FRRouting open source a network routing software suite running on a Unix-like platform . FRRouting suffers from a denial of service vulnerability caused by NULL pointer dereference via the showvtyextprefprefsid function on ospfext.c. An attacker could exploit this vulnerability to...

FRRouting Denial of Service Vulnerability (CNVD-2026-10884)

FRRouting is FRRouting open source a network routing software suite running on a Unix-like platform . FRRouting suffers from a denial of service vulnerability caused by NULL pointer dereferencing via the showvtyunknowntlv function on ospfext.c. An attacker could exploit this vulnerability to caus...

IBM Concert Software Information Disclosure Vulnerability (CNVD-2025-29673)

IBM Concert Software is a generative AI-driven automated application management and monitoring tool based on the watsonx platform from IBM. An information disclosure vulnerability exists in IBM Concert Software that stems from not properly clearing sensitive information before freeing heap memory...

Dell Storage Manager Critical Function Missing Authentication Vulnerability

Dell Storage Manager is a centralized management tool for Dell storage products, used for daily management and monitoring of storage devices such as SC Series, PS Series, and others. Dell Storage Manager suffers from a Critical Function Missing Authentication vulnerability, no details of the...

Apache Tomcat Resource Management Error Vulnerability (CNVD-2025-31393)

Apache Tomcat is the United States Apache Apache Foundation of a lightweight Web application server . Used to implement the Servlet and JavaServer Page JSP support. A resource management error vulnerability exists in Apache Tomcat that originates from improperly closing or freeing resources and c...

D-Link DIR600L formAdvFirewall Function Buffer Overflow Vulnerability

D-Link DIR600L is a wireless router for home users, belonging to D-Link's "Cloud Router" series, with an external antenna design, supporting 802.11n standard, with a maximum wireless transmission rate of 150Mbps. The D-Link DIR600L suffers from a buffer overflow vulnerability, which is caused by...

D-Link DIR600L formDeviceReboot function buffer overflow vulnerability

D-Link DIR600L is a wireless router for home users, belonging to D-Link's "Cloud Router" series, with an external antenna design, supporting 802.11n standard, with a maximum wireless transmission rate of 150Mbps. The D-Link DIR600L suffers from a buffer overflow vulnerability, which is caused by...

D-Link DIR600L formLanSetupRouterSettings Function Buffer Overflow Vulnerability

D-Link DIR600L is a wireless router for home users, belonging to D-Link's "Cloud Router" series, with an external antenna design, supporting 802.11n standard, with a maximum wireless transmission rate of 150Mbps. The D-Link DIR600L suffers from a buffer overflow vulnerability, which originates fr...

Mozilla Firefox Code Execution Vulnerability (CNVD-2025-26889)

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A code execution hole exists in Mozilla Firefox, which can be exploited by an attacker to execute arbitrary code on a system...

Google Chrome on Windows Media Module Improperly Implemented Vulnerability

Google Chrome on Windows is a web browser developed by Google Inc. that supports Windows 10 and later systems and provides a fast and secure web browsing experience. Google Chrome on Windows suffers from a Media module misimplementation vulnerability, which can be exploited by attackers to...

Google Chrome Out-of-Bounds Read Vulnerability

Google Chrome is a web browser developed by Google Inc. Google Chrome suffers from an out-of-bounds read vulnerability that stems from an out-of-bounds read issue in the Media component. An attacker can exploit this vulnerability to perform out-of-bounds memory access via a carefully constructed...

D-Link DIR600L formSetMACFilter function buffer overflow vulnerability

D-Link DIR600L is a wireless router for home users, belonging to D-Link's "Cloud Router" series, with an external antenna design, supporting 802.11n standard, with a maximum wireless transmission rate of 150Mbps. The D-Link DIR600L suffers from a buffer overflow vulnerability, which originates fr...

D-Link DIR600L formSchedule function buffer overflow vulnerability

D-Link DIR600L is a wireless router for home users, belonging to D-Link's "Cloud Router" series, with an external antenna design, supporting 802.11n standard, with a maximum wireless transmission rate of 150Mbps. A buffer overflow vulnerability exists in the D-Link DIR600L, which is caused by the...

D-Link DIR600L formSetEnableWizard Function Buffer Overflow Vulnerability

D-Link DIR600L is a wireless router for home users, belonging to D-Link's "Cloud Router" series, with an external antenna design, supporting 802.11n standard, with a maximum wireless transmission rate of 150Mbps. The D-Link DIR600L suffers from a buffer overflow vulnerability that originates from...

D-Link DIR600L formSetDomainFilter Function Buffer Overflow Vulnerability

D-Link DIR600L is a wireless router for home users, belonging to D-Link's "Cloud Router" series, with an external antenna design, supporting 802.11n standard, with a maximum wireless transmission rate of 150Mbps. The D-Link DIR600L suffers from a buffer overflow vulnerability, which originates fr...

D-Link DIR600L formSetWAN_Wizard52 Function Buffer Overflow Vulnerability

D-Link DIR600L is a wireless router for home users, belonging to D-Link's "Cloud Router" series, with an external antenna design, supporting 802.11n standard, with a maximum wireless transmission rate of 150Mbps. The D-Link DIR600L suffers from a buffer overflow vulnerability, which originates fr...

D-Link DIR600L formLogDnsquery Function Buffer Overflow Vulnerability

D-Link DIR600L is a wireless router for home users, belonging to D-Link's "Cloud Router" series, with an external antenna design, supporting 802.11n standard, with a maximum wireless transmission rate of 150Mbps. The D-Link DIR600L suffers from a buffer overflow vulnerability, which originates fr...

D-Link DIR600L formAdvNetwork Function Buffer Overflow Vulnerability

D-Link DIR600L is a wireless router for home users, belonging to D-Link's "Cloud Router" series, with an external antenna design, supporting 802.11n standard, with a maximum wireless transmission rate of 150Mbps. The D-Link DIR600L suffers from a buffer overflow vulnerability, which originates fr...

D-Link DIR600L formSetRoute function buffer overflow vulnerability

D-Link DIR600L is a wireless router for home users, belonging to D-Link's "Cloud Router" series, with an external antenna design, supporting 802.11n standard, with a maximum wireless transmission rate of 150Mbps. The D-Link DIR600L suffers from a buffer overflow vulnerability, which originates fr...

D-Link DIR600L formSetLog Function Buffer Overflow Vulnerability

D-Link DIR600L is a wireless router for home users, belonging to D-Link's "Cloud Router" series, with an external antenna design, supporting 802.11n standard, with a maximum wireless transmission rate of 150Mbps. A buffer overflow vulnerability exists in the D-Link DIR600L, which is caused by the...

D-Link DIR600L formSetQoS function buffer overflow vulnerability

D-Link DIR600L is a wireless router for home users, belonging to D-Link's "Cloud Router" series, with an external antenna design, supporting 802.11n standard, with a maximum wireless transmission rate of 150Mbps. The D-Link DIR600L suffers from a buffer overflow vulnerability, which originates fr...

D-Link DIR600L formEasySetTimezone function buffer overflow vulnerability

D-Link DIR600L is a wireless router for home users, belonging to D-Link's "Cloud Router" series, with an external antenna design, supporting 802.11n standard, with a maximum wireless transmission rate of 150Mbps. A buffer overflow vulnerability exists in the D-Link DIR600L, which is caused by the...

D-Link DIR600L formSetWAN_Wizard7 Function Buffer Overflow Vulnerability

D-Link DIR600L is a wireless router for home users, belonging to D-Link's "Cloud Router" series, with an external antenna design, supporting 802.11n standard, with a maximum wireless transmission rate of 150Mbps. The D-Link DIR600L suffers from a buffer overflow vulnerability, which originates fr...