131179 matches found
Tenda O3 form/setDhcpConfig function function buffer overflow vulnerability
Tenda O3 is an outdoor wireless bridge from Tenda, China. Tenda O3 1.0.0.10 version of the buffer overflow vulnerability exists, the vulnerability stems from the file /goform/setDhcpConfig function SetValue/GetValue parameter dhcpEn fails to correctly validate the length of the input data size, t...
IBM Concert Software Information Disclosure Vulnerability (CNVD-2025-29673)
IBM Concert Software is a generative AI-driven automated application management and monitoring tool based on the watsonx platform from IBM. An information disclosure vulnerability exists in IBM Concert Software that stems from not properly clearing sensitive information before freeing heap memory...
Tenda CH22 formwebExcptypemanFilter function buffer overflow vulnerability
Tenda CH22 is a network device from Tenda, China. Tenda CH22 version 1.0.0.1 suffers from a buffer overflow vulnerability, which originates from the parameter page in the file /goform/webExcptypemanFilter that fails to correctly validate the length of the input data, and can be exploited by an...
IBM Concert Software Log Entry Neutralization and Malpractice Vulnerability
IBM Concert Software is IBM's generative AI-driven automated application management and monitoring tool based on the WatsonX platform, focused on optimizing the operational efficiency and reliability of applications. IBM Concert Software has a log input neutralization improper vulnerability that...
Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 Cross-Site Request Forgery Vulnerabilities (CNVD-2025-29095)
The Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 are both networked access controllers from Azure Access Technology, USA. The Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 suffer from a cross-site request forgery vulnerability that is caused by imprope...
Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 Denial of Service Vulnerabilities (CNVD-2025-29082)
The Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 are both networked access controllers from Azure Access Technology, USA. A denial of service vulnerability exists in Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4, which is caused by an uncaught exceptio...
Devolutions Server Unauthorized Access Vulnerability
Devolutions Server is a security solution for managing privileged accounts and sessions, designed to help organizations centrally store and manage sensitive information such as passwords and credentials. An unauthorized access vulnerability exists in Devolutions Server that stems from improper...
IBM OpenPages Cross-Site Scripting Vulnerability
IBM OpenPages is an AI-powered, highly scalable governance, risk and compliance GRC solution from International Business Machines IBM. A cross-site scripting vulnerability exists in IBM OpenPages version 9.1 and 9.0, which stems from the application's lack of effective filtering and escaping of...
Tenda O3 Buffer Overflow Vulnerability (CNVD-2025-26876)
Tenda O3 is an outdoor wireless bridge from Tenda, China. The Tenda O3 suffers from a buffer overflow vulnerability that stems from the failure of the parameter enable of the SetValue/GetValue function in the file /goform/sysAutoReboot to correctly validate the length of the input data, which can...
Curfew e-Pass Management System edit-category-detail.php file cross-site scripting vulnerability
Curfew e-Pass Management System is an electronic pass management system. Curfew e-Pass Management System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameter catname in the file...
IPFire BE_NAME Parameter Command Injection Vulnerability
IPFire is an open source Linux distribution from the IPFire organization that is primarily used as a router and firewall. A command injection vulnerability exists in the IPFire BENAME parameter, which stems from improper handling of the BENAME parameter when installing a blacklist, and can be...
Client Details System welcome.php File Cross-Site Scripting Vulnerability
Client Details System is a client information system. Client Details System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the file /welcome.php, which can be exploited by an attacker to execute arbitrary Web...
Unspecified Vulnerability in Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 (CNVD-2025-29093)
The Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 are both networked access controllers from Azure Access Technology, USA. A security vulnerability exists in the Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 that stems from a missing initial password...
Online Event Judging System add_contestant.php File SQL Injection Vulnerability
Online Event Judging System is an online event judging system. Online Event Judging System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally-entered SQL statement in the parameter fullname in the file /addcontestant.php. An attacker can exploi...
Nero Social Networking Site acceptoffres.php File SQL Injection Vulnerability
Nero Social Networking Site is a social networking site. Nero Social Networking Site suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in the parameter ID in the file /acceptoffres.php. An attacker can exploit this vulnerability t...
IPFire Cross-Site Scripting Vulnerability (CNVD-2025-27646)
IPFire is an open source Linux distribution from the IPFire organization, used primarily as a router and firewall. IPFire suffers from a cross-site scripting vulnerability that stems from insufficient cleaning and escaping of the pienumber parameter, which can be exploited by an attacker to injec...
Client Details System manage-users.php File Cross-Site Scripting Vulnerability
Client Details System is a client information system. Client Details System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the file /admin/manage-users.php, which can be exploited by an attacker to execute...
FRRouting Denial of Service Vulnerability (CNVD-2026-10884)
FRRouting is FRRouting open source a network routing software suite running on a Unix-like platform . FRRouting suffers from a denial of service vulnerability caused by NULL pointer dereferencing via the showvtyunknowntlv function on ospfext.c. An attacker could exploit this vulnerability to caus...
FRRouting Denial of Service Vulnerability
FRRouting is FRRouting open source a network routing software suite running on a Unix-like platform . FRRouting has a denial of service vulnerability caused by a NULL pointer dereference via the showvtyextprefprefsid function on ospfext.c, which can be exploited by an attacker to cause a denial o...
FRRouting Denial of Service Vulnerability (CNVD-2026-10883)
FRRouting is FRRouting open source a network routing software suite running on a Unix-like platform . FRRouting suffers from a denial of service vulnerability caused by NULL pointer dereference via the showvtyextprefprefsid function on ospfext.c. An attacker could exploit this vulnerability to...
Apache Tomcat Resource Management Error Vulnerability (CNVD-2025-31393)
Apache Tomcat is the United States Apache Apache Foundation of a lightweight Web application server . Used to implement the Servlet and JavaServer Page JSP support. A resource management error vulnerability exists in Apache Tomcat that originates from improperly closing or freeing resources and c...
IBM QRadar SIEM Elevation of Privilege Vulnerability
IBM QRadar SIEM is a solution from International Business Machines IBM that utilizes security intelligence to protect assets and information from advanced threats. The solution provides oversight of the entire scope of the IT architecture, generates detailed reports on data access and user...
Nero Social Networking Site deletemessage.php File SQL Injection Vulnerability
Nero Social Networking Site is a social networking site. Nero Social Networking Site suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter messageid in the file /deletemessage.php. An attacker can exploit this...
Tenda CH22 fromSafeClientFilter function buffer overflow vulnerability
Tenda CH22 is a network device from Tenda, China. Tenda CH22 version 1.0.0.1 suffers from a buffer overflow vulnerability, which originates from the parameter page of the function fromSafeClientFilter in the file /goform/SafeClientFilter fails to correctly validate the length of the input data, a...
Mozilla Firefox Code Execution Vulnerability (CNVD-2025-26889)
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A code execution hole exists in Mozilla Firefox, which can be exploited by an attacker to execute arbitrary code on a system...
Mozilla Firefox Security Bypass Vulnerability (CNVD-2025-26888)
Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. Mozilla Firefox suffers from a security bypass vulnerability caused by an integer overflow in the Graphics:Canvas2D component. An attacker could exploit this vulnerability to cause a sandbox escape...
D-Link DIR600L formSetWizardSelectMode function buffer overflow vulnerability
D-Link DIR600L is a wireless router for home users, belonging to D-Link's "Cloud Router" series, with an external antenna design, supporting 802.11n standard, with a maximum wireless transmission rate of 150Mbps. The D-Link DIR600L suffers from a buffer overflow vulnerability, which originates fr...
D-Link DIR600L formSetRoute function buffer overflow vulnerability
D-Link DIR600L is a wireless router for home users, belonging to D-Link's "Cloud Router" series, with an external antenna design, supporting 802.11n standard, with a maximum wireless transmission rate of 150Mbps. The D-Link DIR600L suffers from a buffer overflow vulnerability, which originates fr...
D-Link DIR600L formSetPortTr Function Buffer Overflow Vulnerability
D-Link DIR600L is a wireless router for home users, belonging to D-Link's "Cloud Router" series, with an external antenna design, supporting 802.11n standard, with a maximum wireless transmission rate of 150Mbps. D-Link DIR600L suffers from a buffer overflow vulnerability, which originates from t...
D-Link DIR600L formLogDnsquery Function Buffer Overflow Vulnerability
D-Link DIR600L is a wireless router for home users, belonging to D-Link's "Cloud Router" series, with an external antenna design, supporting 802.11n standard, with a maximum wireless transmission rate of 150Mbps. The D-Link DIR600L suffers from a buffer overflow vulnerability, which originates fr...
D-Link DIR600L formAutoDetecWAN_wizard4 function buffer overflow vulnerability
D-Link DIR600L is a wireless router for home users, belonging to D-Link's "Cloud Router" series, with an external antenna design, supporting 802.11n standard, with a maximum wireless transmission rate of 150Mbps. The D-Link DIR600L suffers from a buffer overflow vulnerability, which originates fr...
D-Link DIR600L formSetWizard1 Function Buffer Overflow Vulnerability
D-Link DIR600L is a wireless router for home users, belonging to D-Link's "Cloud Router" series, with an external antenna design, supporting 802.11n standard, with a maximum wireless transmission rate of 150Mbps. The D-Link DIR600L suffers from a buffer overflow vulnerability, which originates fr...
D-Link DIR600L formSetQoS function buffer overflow vulnerability
D-Link DIR600L is a wireless router for home users, belonging to D-Link's "Cloud Router" series, with an external antenna design, supporting 802.11n standard, with a maximum wireless transmission rate of 150Mbps. The D-Link DIR600L suffers from a buffer overflow vulnerability, which originates fr...
D-Link DIR600L formSetLog Function Buffer Overflow Vulnerability
D-Link DIR600L is a wireless router for home users, belonging to D-Link's "Cloud Router" series, with an external antenna design, supporting 802.11n standard, with a maximum wireless transmission rate of 150Mbps. A buffer overflow vulnerability exists in the D-Link DIR600L, which is caused by the...
D-Link DIR600L formEasySetTimezone function buffer overflow vulnerability
D-Link DIR600L is a wireless router for home users, belonging to D-Link's "Cloud Router" series, with an external antenna design, supporting 802.11n standard, with a maximum wireless transmission rate of 150Mbps. A buffer overflow vulnerability exists in the D-Link DIR600L, which is caused by the...
Mozilla Firefox for iOS Information Disclosure Vulnerability
Mozilla Firefox for iOS is a web browser designed for iOS devices by the US-based Mozilla Foundation. An information disclosure vulnerability exists in Mozilla Firefox for iOS, which is caused due to incorrect sharing of cookie storage for non-HTML temporary documents with normal browsing content...
D-Link DIR600L formSetEmail Function Buffer Overflow Vulnerability
D-Link DIR600L is a wireless router for home users, belonging to D-Link's "Cloud Router" series, with an external antenna design, supporting 802.11n standard, with a maximum wireless transmission rate of 150Mbps. A buffer overflow vulnerability exists in the D-Link DIR600L, which is caused by the...
D-Link DIR600L formSetWAN_Wizard52 Function Buffer Overflow Vulnerability
D-Link DIR600L is a wireless router for home users, belonging to D-Link's "Cloud Router" series, with an external antenna design, supporting 802.11n standard, with a maximum wireless transmission rate of 150Mbps. The D-Link DIR600L suffers from a buffer overflow vulnerability, which originates fr...
D-Link DIR600L formSetWAN_Wizard7 Function Buffer Overflow Vulnerability
D-Link DIR600L is a wireless router for home users, belonging to D-Link's "Cloud Router" series, with an external antenna design, supporting 802.11n standard, with a maximum wireless transmission rate of 150Mbps. The D-Link DIR600L suffers from a buffer overflow vulnerability, which originates fr...
D-Link DIR600L formSetDomainFilter Function Buffer Overflow Vulnerability
D-Link DIR600L is a wireless router for home users, belonging to D-Link's "Cloud Router" series, with an external antenna design, supporting 802.11n standard, with a maximum wireless transmission rate of 150Mbps. The D-Link DIR600L suffers from a buffer overflow vulnerability, which originates fr...
D-Link DIR600L formVirtualServ Function Buffer Overflow Vulnerability
D-Link DIR600L is a wireless router for home users, belonging to D-Link's "Cloud Router" series, with an external antenna design, supporting 802.11n standard, with a maximum wireless transmission rate of 150Mbps. The D-Link DIR600L suffers from a buffer overflow vulnerability, which originates fr...
D-Link DIR600L formDeviceReboot function buffer overflow vulnerability
D-Link DIR600L is a wireless router for home users, belonging to D-Link's "Cloud Router" series, with an external antenna design, supporting 802.11n standard, with a maximum wireless transmission rate of 150Mbps. The D-Link DIR600L suffers from a buffer overflow vulnerability, which is caused by...
Google Chrome Heap Buffer Overflow Vulnerability
Google Chrome is a web browser developed by Google Inc. Google Chrome suffers from a heap buffer overflow vulnerability that stems from a heap buffer overflow issue in the WebGPU component. An attacker can exploit this vulnerability to execute arbitrary code on the system or cause denial of heap...
D-Link DIR600L formSchedule function buffer overflow vulnerability
D-Link DIR600L is a wireless router for home users, belonging to D-Link's "Cloud Router" series, with an external antenna design, supporting 802.11n standard, with a maximum wireless transmission rate of 150Mbps. A buffer overflow vulnerability exists in the D-Link DIR600L, which is caused by the...
Google Chrome on Windows Media Module Improperly Implemented Vulnerability
Google Chrome on Windows is a web browser developed by Google Inc. that supports Windows 10 and later systems and provides a fast and secure web browsing experience. Google Chrome on Windows suffers from a Media module misimplementation vulnerability, which can be exploited by attackers to...
MediaWiki CookieConsent Extension Cross-Site Scripting Vulnerability
The MediaWiki CookieConsent Extension is an extension for the MediaWiki platform whose main function is to manage the site's cookie policy and user consent mechanisms. MediaWiki CookieConsent Extension suffers from a cross-site scripting vulnerability that stems from the application's lack of...
D-Link DIR600L formAdvFirewall Function Buffer Overflow Vulnerability
D-Link DIR600L is a wireless router for home users, belonging to D-Link's "Cloud Router" series, with an external antenna design, supporting 802.11n standard, with a maximum wireless transmission rate of 150Mbps. The D-Link DIR600L suffers from a buffer overflow vulnerability, which is caused by...
D-Link DIR600L formWlSiteSurvey Function Buffer Overflow Vulnerability
D-Link DIR600L is a wireless router for home users, belonging to D-Link's "Cloud Router" series, with an external antenna design, supporting 802.11n standard, with a maximum wireless transmission rate of 150Mbps. The D-Link DIR600L suffers from a buffer overflow vulnerability, which originates fr...
D-Link DIR600L formSetMACFilter function buffer overflow vulnerability
D-Link DIR600L is a wireless router for home users, belonging to D-Link's "Cloud Router" series, with an external antenna design, supporting 802.11n standard, with a maximum wireless transmission rate of 150Mbps. The D-Link DIR600L suffers from a buffer overflow vulnerability, which originates fr...
D-Link DIR600L formSetEnableWizard Function Buffer Overflow Vulnerability
D-Link DIR600L is a wireless router for home users, belonging to D-Link's "Cloud Router" series, with an external antenna design, supporting 802.11n standard, with a maximum wireless transmission rate of 150Mbps. The D-Link DIR600L suffers from a buffer overflow vulnerability that originates from...