Lucene search
+L

131179 matches found

CNVD
CNVD
•added 2025/10/31 12:0 a.m.•4 views

Tenda O3 form/setDhcpConfig function function buffer overflow vulnerability

Tenda O3 is an outdoor wireless bridge from Tenda, China. Tenda O3 1.0.0.10 version of the buffer overflow vulnerability exists, the vulnerability stems from the file /goform/setDhcpConfig function SetValue/GetValue parameter dhcpEn fails to correctly validate the length of the input data size, t...

9CVSS8.3AI score0.00935EPSS
Exploits1References1
CNVD
CNVD
•added 2025/10/31 12:0 a.m.•5 views

IBM Concert Software Information Disclosure Vulnerability (CNVD-2025-29673)

IBM Concert Software is a generative AI-driven automated application management and monitoring tool based on the watsonx platform from IBM. An information disclosure vulnerability exists in IBM Concert Software that stems from not properly clearing sensitive information before freeing heap memory...

6.2CVSS6.4AI score0.00114EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/31 12:0 a.m.•4 views

Tenda CH22 formwebExcptypemanFilter function buffer overflow vulnerability

Tenda CH22 is a network device from Tenda, China. Tenda CH22 version 1.0.0.1 suffers from a buffer overflow vulnerability, which originates from the parameter page in the file /goform/webExcptypemanFilter that fails to correctly validate the length of the input data, and can be exploited by an...

9.8CVSS8.4AI score0.00935EPSS
Exploits1References1
CNVD
CNVD
•added 2025/10/31 12:0 a.m.•1 views

IBM Concert Software Log Entry Neutralization and Malpractice Vulnerability

IBM Concert Software is IBM's generative AI-driven automated application management and monitoring tool based on the WatsonX platform, focused on optimizing the operational efficiency and reliability of applications. IBM Concert Software has a log input neutralization improper vulnerability that...

5.3CVSS6.8AI score0.00216EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/31 12:0 a.m.•5 views

Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 Cross-Site Request Forgery Vulnerabilities (CNVD-2025-29095)

The Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 are both networked access controllers from Azure Access Technology, USA. The Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 suffer from a cross-site request forgery vulnerability that is caused by imprope...

8.8CVSS6.7AI score0.00151EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/31 12:0 a.m.•8 views

Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 Denial of Service Vulnerabilities (CNVD-2025-29082)

The Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 are both networked access controllers from Azure Access Technology, USA. A denial of service vulnerability exists in Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4, which is caused by an uncaught exceptio...

10CVSS6.5AI score0.00305EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/31 12:0 a.m.•4 views

Devolutions Server Unauthorized Access Vulnerability

Devolutions Server is a security solution for managing privileged accounts and sessions, designed to help organizations centrally store and manage sensitive information such as passwords and credentials. An unauthorized access vulnerability exists in Devolutions Server that stems from improper...

9CVSS6.3AI score0.00298EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/31 12:0 a.m.•6 views

IBM OpenPages Cross-Site Scripting Vulnerability

IBM OpenPages is an AI-powered, highly scalable governance, risk and compliance GRC solution from International Business Machines IBM. A cross-site scripting vulnerability exists in IBM OpenPages version 9.1 and 9.0, which stems from the application's lack of effective filtering and escaping of...

5.4CVSS6.1AI score0.00162EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/31 12:0 a.m.•4 views

Tenda O3 Buffer Overflow Vulnerability (CNVD-2025-26876)

Tenda O3 is an outdoor wireless bridge from Tenda, China. The Tenda O3 suffers from a buffer overflow vulnerability that stems from the failure of the parameter enable of the SetValue/GetValue function in the file /goform/sysAutoReboot to correctly validate the length of the input data, which can...

9CVSS7.5AI score0.00725EPSS
Exploits1References1
CNVD
CNVD
•added 2025/10/31 12:0 a.m.•4 views

Curfew e-Pass Management System edit-category-detail.php file cross-site scripting vulnerability

Curfew e-Pass Management System is an electronic pass management system. Curfew e-Pass Management System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the parameter catname in the file...

4.8CVSS6.2AI score0.00237EPSS
Exploits1References1
CNVD
CNVD
•added 2025/10/31 12:0 a.m.•4 views

IPFire BE_NAME Parameter Command Injection Vulnerability

IPFire is an open source Linux distribution from the IPFire organization that is primarily used as a router and firewall. A command injection vulnerability exists in the IPFire BENAME parameter, which stems from improper handling of the BENAME parameter when installing a blacklist, and can be...

8.8CVSS7.8AI score0.02296EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/31 12:0 a.m.•4 views

Client Details System welcome.php File Cross-Site Scripting Vulnerability

Client Details System is a client information system. Client Details System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the file /welcome.php, which can be exploited by an attacker to execute arbitrary Web...

4.8CVSS6.1AI score0.00235EPSS
Exploits1References1
CNVD
CNVD
•added 2025/10/31 12:0 a.m.•8 views

Unspecified Vulnerability in Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 (CNVD-2025-29093)

The Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 are both networked access controllers from Azure Access Technology, USA. A security vulnerability exists in the Azure Access Technology BLU-IC2 and Azure Access Technology BLU-IC4 that stems from a missing initial password...

10CVSS7AI score0.00312EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/31 12:0 a.m.•6 views

Online Event Judging System add_contestant.php File SQL Injection Vulnerability

Online Event Judging System is an online event judging system. Online Event Judging System suffers from a SQL injection vulnerability that originates from the lack of validation of an externally-entered SQL statement in the parameter fullname in the file /addcontestant.php. An attacker can exploi...

8.8CVSS7.1AI score0.00299EPSS
Exploits1References1
CNVD
CNVD
•added 2025/10/31 12:0 a.m.•6 views

Nero Social Networking Site acceptoffres.php File SQL Injection Vulnerability

Nero Social Networking Site is a social networking site. Nero Social Networking Site suffers from a SQL injection vulnerability that stems from a lack of validation of externally entered SQL statements in the parameter ID in the file /acceptoffres.php. An attacker can exploit this vulnerability t...

9.8CVSS7.9AI score0.00431EPSS
Exploits1References1
CNVD
CNVD
•added 2025/10/31 12:0 a.m.•14 views

IPFire Cross-Site Scripting Vulnerability (CNVD-2025-27646)

IPFire is an open source Linux distribution from the IPFire organization, used primarily as a router and firewall. IPFire suffers from a cross-site scripting vulnerability that stems from insufficient cleaning and escaping of the pienumber parameter, which can be exploited by an attacker to injec...

5.4CVSS6.2AI score0.00453EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/31 12:0 a.m.•5 views

Client Details System manage-users.php File Cross-Site Scripting Vulnerability

Client Details System is a client information system. Client Details System suffers from a cross-site scripting vulnerability that stems from the lack of effective filtering and escaping of user-supplied data in the file /admin/manage-users.php, which can be exploited by an attacker to execute...

4.8CVSS6.1AI score0.0026EPSS
Exploits1References1
CNVD
CNVD
•added 2025/10/31 12:0 a.m.•5 views

FRRouting Denial of Service Vulnerability (CNVD-2026-10884)

FRRouting is FRRouting open source a network routing software suite running on a Unix-like platform . FRRouting suffers from a denial of service vulnerability caused by NULL pointer dereferencing via the showvtyunknowntlv function on ospfext.c. An attacker could exploit this vulnerability to caus...

7.5CVSS5.8AI score0.00582EPSS
Exploits1References1
CNVD
CNVD
•added 2025/10/31 12:0 a.m.•7 views

FRRouting Denial of Service Vulnerability

FRRouting is FRRouting open source a network routing software suite running on a Unix-like platform . FRRouting has a denial of service vulnerability caused by a NULL pointer dereference via the showvtyextprefprefsid function on ospfext.c, which can be exploited by an attacker to cause a denial o...

7.5CVSS5.6AI score0.00582EPSS
Exploits1References1
CNVD
CNVD
•added 2025/10/31 12:0 a.m.•8 views

FRRouting Denial of Service Vulnerability (CNVD-2026-10883)

FRRouting is FRRouting open source a network routing software suite running on a Unix-like platform . FRRouting suffers from a denial of service vulnerability caused by NULL pointer dereference via the showvtyextprefprefsid function on ospfext.c. An attacker could exploit this vulnerability to...

7.5CVSS5.8AI score0.00582EPSS
Exploits1References1
CNVD
CNVD
•added 2025/10/31 12:0 a.m.•3 views

Apache Tomcat Resource Management Error Vulnerability (CNVD-2025-31393)

Apache Tomcat is the United States Apache Apache Foundation of a lightweight Web application server . Used to implement the Servlet and JavaServer Page JSP support. A resource management error vulnerability exists in Apache Tomcat that originates from improperly closing or freeing resources and c...

5.3CVSS7.5AI score0.01139EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/31 12:0 a.m.•5 views

IBM QRadar SIEM Elevation of Privilege Vulnerability

IBM QRadar SIEM is a solution from International Business Machines IBM that utilizes security intelligence to protect assets and information from advanced threats. The solution provides oversight of the entire scope of the IT architecture, generates detailed reports on data access and user...

7.8CVSS6.7AI score0.00114EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/31 12:0 a.m.•4 views

Nero Social Networking Site deletemessage.php File SQL Injection Vulnerability

Nero Social Networking Site is a social networking site. Nero Social Networking Site suffers from a SQL injection vulnerability that originates from the lack of validation of externally entered SQL statements in the parameter messageid in the file /deletemessage.php. An attacker can exploit this...

9.8CVSS7.8AI score0.00431EPSS
Exploits1References1
CNVD
CNVD
•added 2025/10/31 12:0 a.m.•4 views

Tenda CH22 fromSafeClientFilter function buffer overflow vulnerability

Tenda CH22 is a network device from Tenda, China. Tenda CH22 version 1.0.0.1 suffers from a buffer overflow vulnerability, which originates from the parameter page of the function fromSafeClientFilter in the file /goform/SafeClientFilter fails to correctly validate the length of the input data, a...

9.8CVSS9.2AI score0.04578EPSS
Exploits1References1
CNVD
CNVD
•added 2025/10/30 12:0 a.m.•5 views

Mozilla Firefox Code Execution Vulnerability (CNVD-2025-26889)

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A code execution hole exists in Mozilla Firefox, which can be exploited by an attacker to execute arbitrary code on a system...

7.5CVSS8AI score0.00217EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/30 12:0 a.m.•4 views

Mozilla Firefox Security Bypass Vulnerability (CNVD-2025-26888)

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. Mozilla Firefox suffers from a security bypass vulnerability caused by an integer overflow in the Graphics:Canvas2D component. An attacker could exploit this vulnerability to cause a sandbox escape...

8.6CVSS7AI score0.00252EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/30 12:0 a.m.•3 views

D-Link DIR600L formSetWizardSelectMode function buffer overflow vulnerability

D-Link DIR600L is a wireless router for home users, belonging to D-Link's "Cloud Router" series, with an external antenna design, supporting 802.11n standard, with a maximum wireless transmission rate of 150Mbps. The D-Link DIR600L suffers from a buffer overflow vulnerability, which originates fr...

7.5CVSS7.3AI score0.0034EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/30 12:0 a.m.•3 views

D-Link DIR600L formSetRoute function buffer overflow vulnerability

D-Link DIR600L is a wireless router for home users, belonging to D-Link's "Cloud Router" series, with an external antenna design, supporting 802.11n standard, with a maximum wireless transmission rate of 150Mbps. The D-Link DIR600L suffers from a buffer overflow vulnerability, which originates fr...

7.5CVSS7.3AI score0.00486EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/30 12:0 a.m.•1 views

D-Link DIR600L formSetPortTr Function Buffer Overflow Vulnerability

D-Link DIR600L is a wireless router for home users, belonging to D-Link's "Cloud Router" series, with an external antenna design, supporting 802.11n standard, with a maximum wireless transmission rate of 150Mbps. D-Link DIR600L suffers from a buffer overflow vulnerability, which originates from t...

7.5CVSS7.3AI score0.0034EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/30 12:0 a.m.•3 views

D-Link DIR600L formLogDnsquery Function Buffer Overflow Vulnerability

D-Link DIR600L is a wireless router for home users, belonging to D-Link's "Cloud Router" series, with an external antenna design, supporting 802.11n standard, with a maximum wireless transmission rate of 150Mbps. The D-Link DIR600L suffers from a buffer overflow vulnerability, which originates fr...

7.5CVSS7.3AI score0.00439EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/30 12:0 a.m.•3 views

D-Link DIR600L formAutoDetecWAN_wizard4 function buffer overflow vulnerability

D-Link DIR600L is a wireless router for home users, belonging to D-Link's "Cloud Router" series, with an external antenna design, supporting 802.11n standard, with a maximum wireless transmission rate of 150Mbps. The D-Link DIR600L suffers from a buffer overflow vulnerability, which originates fr...

7.5CVSS7.3AI score0.0034EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/30 12:0 a.m.•4 views

D-Link DIR600L formSetWizard1 Function Buffer Overflow Vulnerability

D-Link DIR600L is a wireless router for home users, belonging to D-Link's "Cloud Router" series, with an external antenna design, supporting 802.11n standard, with a maximum wireless transmission rate of 150Mbps. The D-Link DIR600L suffers from a buffer overflow vulnerability, which originates fr...

7.5CVSS7.3AI score0.0034EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/30 12:0 a.m.•3 views

D-Link DIR600L formSetQoS function buffer overflow vulnerability

D-Link DIR600L is a wireless router for home users, belonging to D-Link's "Cloud Router" series, with an external antenna design, supporting 802.11n standard, with a maximum wireless transmission rate of 150Mbps. The D-Link DIR600L suffers from a buffer overflow vulnerability, which originates fr...

7.5CVSS7.3AI score0.00439EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/30 12:0 a.m.•4 views

D-Link DIR600L formSetLog Function Buffer Overflow Vulnerability

D-Link DIR600L is a wireless router for home users, belonging to D-Link's "Cloud Router" series, with an external antenna design, supporting 802.11n standard, with a maximum wireless transmission rate of 150Mbps. A buffer overflow vulnerability exists in the D-Link DIR600L, which is caused by the...

7.5CVSS7.3AI score0.0034EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/30 12:0 a.m.•5 views

D-Link DIR600L formEasySetTimezone function buffer overflow vulnerability

D-Link DIR600L is a wireless router for home users, belonging to D-Link's "Cloud Router" series, with an external antenna design, supporting 802.11n standard, with a maximum wireless transmission rate of 150Mbps. A buffer overflow vulnerability exists in the D-Link DIR600L, which is caused by the...

7.5CVSS7.3AI score0.0034EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/30 12:0 a.m.•5 views

Mozilla Firefox for iOS Information Disclosure Vulnerability

Mozilla Firefox for iOS is a web browser designed for iOS devices by the US-based Mozilla Foundation. An information disclosure vulnerability exists in Mozilla Firefox for iOS, which is caused due to incorrect sharing of cookie storage for non-HTML temporary documents with normal browsing content...

4CVSS5.9AI score0.00112EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/30 12:0 a.m.•8 views

D-Link DIR600L formSetEmail Function Buffer Overflow Vulnerability

D-Link DIR600L is a wireless router for home users, belonging to D-Link's "Cloud Router" series, with an external antenna design, supporting 802.11n standard, with a maximum wireless transmission rate of 150Mbps. A buffer overflow vulnerability exists in the D-Link DIR600L, which is caused by the...

7.5CVSS7.3AI score0.0034EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/30 12:0 a.m.•4 views

D-Link DIR600L formSetWAN_Wizard52 Function Buffer Overflow Vulnerability

D-Link DIR600L is a wireless router for home users, belonging to D-Link's "Cloud Router" series, with an external antenna design, supporting 802.11n standard, with a maximum wireless transmission rate of 150Mbps. The D-Link DIR600L suffers from a buffer overflow vulnerability, which originates fr...

9.8CVSS8.1AI score0.00376EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/30 12:0 a.m.•4 views

D-Link DIR600L formSetWAN_Wizard7 Function Buffer Overflow Vulnerability

D-Link DIR600L is a wireless router for home users, belonging to D-Link's "Cloud Router" series, with an external antenna design, supporting 802.11n standard, with a maximum wireless transmission rate of 150Mbps. The D-Link DIR600L suffers from a buffer overflow vulnerability, which originates fr...

7.5CVSS7.3AI score0.0034EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/30 12:0 a.m.•3 views

D-Link DIR600L formSetDomainFilter Function Buffer Overflow Vulnerability

D-Link DIR600L is a wireless router for home users, belonging to D-Link's "Cloud Router" series, with an external antenna design, supporting 802.11n standard, with a maximum wireless transmission rate of 150Mbps. The D-Link DIR600L suffers from a buffer overflow vulnerability, which originates fr...

7.5CVSS7.3AI score0.0034EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/30 12:0 a.m.•3 views

D-Link DIR600L formVirtualServ Function Buffer Overflow Vulnerability

D-Link DIR600L is a wireless router for home users, belonging to D-Link's "Cloud Router" series, with an external antenna design, supporting 802.11n standard, with a maximum wireless transmission rate of 150Mbps. The D-Link DIR600L suffers from a buffer overflow vulnerability, which originates fr...

7.5CVSS7.3AI score0.0034EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/30 12:0 a.m.•4 views

D-Link DIR600L formDeviceReboot function buffer overflow vulnerability

D-Link DIR600L is a wireless router for home users, belonging to D-Link's "Cloud Router" series, with an external antenna design, supporting 802.11n standard, with a maximum wireless transmission rate of 150Mbps. The D-Link DIR600L suffers from a buffer overflow vulnerability, which is caused by...

7.5CVSS7.3AI score0.0034EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/30 12:0 a.m.•5 views

Google Chrome Heap Buffer Overflow Vulnerability

Google Chrome is a web browser developed by Google Inc. Google Chrome suffers from a heap buffer overflow vulnerability that stems from a heap buffer overflow issue in the WebGPU component. An attacker can exploit this vulnerability to execute arbitrary code on the system or cause denial of heap...

8.8CVSS6.5AI score0.00311EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/30 12:0 a.m.•4 views

D-Link DIR600L formSchedule function buffer overflow vulnerability

D-Link DIR600L is a wireless router for home users, belonging to D-Link's "Cloud Router" series, with an external antenna design, supporting 802.11n standard, with a maximum wireless transmission rate of 150Mbps. A buffer overflow vulnerability exists in the D-Link DIR600L, which is caused by the...

7.5CVSS7.3AI score0.0034EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/30 12:0 a.m.•4 views

Google Chrome on Windows Media Module Improperly Implemented Vulnerability

Google Chrome on Windows is a web browser developed by Google Inc. that supports Windows 10 and later systems and provides a fast and secure web browsing experience. Google Chrome on Windows suffers from a Media module misimplementation vulnerability, which can be exploited by attackers to...

6.3CVSS6.8AI score0.00198EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/30 12:0 a.m.•2 views

MediaWiki CookieConsent Extension Cross-Site Scripting Vulnerability

The MediaWiki CookieConsent Extension is an extension for the MediaWiki platform whose main function is to manage the site's cookie policy and user consent mechanisms. MediaWiki CookieConsent Extension suffers from a cross-site scripting vulnerability that stems from the application's lack of...

2.1CVSS6.1AI score0.00267EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/30 12:0 a.m.•3 views

D-Link DIR600L formAdvFirewall Function Buffer Overflow Vulnerability

D-Link DIR600L is a wireless router for home users, belonging to D-Link's "Cloud Router" series, with an external antenna design, supporting 802.11n standard, with a maximum wireless transmission rate of 150Mbps. The D-Link DIR600L suffers from a buffer overflow vulnerability, which is caused by...

7.5CVSS7.3AI score0.0034EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/30 12:0 a.m.•2 views

D-Link DIR600L formWlSiteSurvey Function Buffer Overflow Vulnerability

D-Link DIR600L is a wireless router for home users, belonging to D-Link's "Cloud Router" series, with an external antenna design, supporting 802.11n standard, with a maximum wireless transmission rate of 150Mbps. The D-Link DIR600L suffers from a buffer overflow vulnerability, which originates fr...

7.5CVSS7.3AI score0.0034EPSS
Exploits0References1
CNVD
CNVD
•added 2025/10/30 12:0 a.m.•3 views

D-Link DIR600L formSetMACFilter function buffer overflow vulnerability

D-Link DIR600L is a wireless router for home users, belonging to D-Link's "Cloud Router" series, with an external antenna design, supporting 802.11n standard, with a maximum wireless transmission rate of 150Mbps. The D-Link DIR600L suffers from a buffer overflow vulnerability, which originates fr...

7.5CVSS7.3AI score0.00382EPSS
Exploits1References1
CNVD
CNVD
•added 2025/10/30 12:0 a.m.•6 views

D-Link DIR600L formSetEnableWizard Function Buffer Overflow Vulnerability

D-Link DIR600L is a wireless router for home users, belonging to D-Link's "Cloud Router" series, with an external antenna design, supporting 802.11n standard, with a maximum wireless transmission rate of 150Mbps. The D-Link DIR600L suffers from a buffer overflow vulnerability that originates from...

9.8CVSS8.2AI score0.00376EPSS
Exploits0References1
Total number of security vulnerabilities131179