CVE Vulnerabilities

A cleverly devised username might bypass LDAP authentication checks. In LDAP-authenticated Derby installations, this could let an attacker fill up the disk by creating junk Derby databases. In LDAP-...

Buffer Overflow vulnerability in Tenda Ac19 v.1.0, AC18, AC9 v.1.0, AC6 v.2.0 and v.1.0 allows a remote attacker to execute arbitrary code via the formSetCfm function in bin/httpd.

In the module "Chronopost Official" (chronopost) for PrestaShop, a guest can perform SQL injection. The script PHP `cancelSkybill.php` own a sensitive SQL calls that can be executed with a trivial htt...

scheme/webauthn.c in Glewlwyd SSO server before 2.7.6 has a possible buffer overflow during FIDO2 credentials validation in webauthn registration.

Tenda AC10 version US_AC10V4.0si_V16.03.10.13_cn was discovered to contain a stack overflow via the firewallEn parameter in the function SetFirewallCfg.

Remote code execution

In TOTOLINK X6000R V9.4.0cu.852_B20230719, the shttpd file, sub_4119A0 function obtains fields from the front-end through Uci_ Set_ The Str function when passed to the CsteSystem function creates a co...

A buffer overflow in the the Sangoma IMG2020 HTTP server through 2.3.9.6 allows an unauthenticated user to achieve remote code execution.

D-Link Go-RT-AC750 revA_v101b03 was discovered to contain a command injection vulnerability via the service parameter at hedwig.cgi.

FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the theauthName parameter in the web_aaa_loginAuthlistEdit function.

The Motors theme for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 5.6.67. This is due to the theme not properly validating a user's identi...

In PMRChangeSparseMemOSMem of physmem_osmem_linux.c, there is a possible arbitrary code execution due to a use after free. This could lead to local escalation of privilege in the kernel with no additi...

An issue was discovered on Connectize AC21000 G6 641.139.1.1256 allows attackers to gain escalated privileges on the device via poor credential management.

Tenda AX12 V22.03.01.46 has been discovered to contain a command injection vulnerability in the 'list' parameter at /goform/SetNetControlList.

NETSCOUT nGeniusPULSE 3.8 has a Command Injection Vulnerability.

Deserialization of Untrusted Data vulnerability in themegusta Smart Sections Theme Builder - WPBakery Page Builder Addon.This issue affects Smart Sections Theme Builder - WPBakery Page Builder Addon: ...

Tenda W30E V16.01.0.12(4843) was discovered to contain a stack overflow via the function formAdvancedSetListSet.

Deserialization of Untrusted Data vulnerability in QuantumCloud WPBot Pro Wordpress Chatbot allows Object Injection.This issue affects WPBot Pro Wordpress Chatbot: from n/a through 12.7.0.

Heap Buffer Overflow vulnerability in GPAC version 2.3-DEV-rev617-g671976fcc-master, allows attackers to execute arbitrary code and cause a denial of service (DoS) via str2ulong class in src/media_too...

U-Boot vulnerability resulting in persistent Code Execution 

The SMS Alert Order Notifications – WooCommerce plugin for WordPress is vulnerable to privilege escalation via account takeover in all versions up to, and including, 3.7.9. This is due to the plugin u...

TOTOLink A7000R V9.1.0u.6115_B20201022 has a stack overflow vulnerability via setOpModeCfg.

Versions of OpenPubkey library prior to 0.10.0 contained a vulnerability that would allow a specially crafted JWS to bypass signature verification. As OPKSSH depends on the OpenPubkey library for aut...

Versions of OpenPubkey library prior to 0.10.0 contained a vulnerability that would allow a specially crafted JWS to bypass signature verification.

In modem, there is a possible out of bounds write due to improper input invalidation. This could lead to remote denial of service with no additional execution privileges needed. User interaction is no...

An issue in FoxCMS v.1.2.5 allows a remote attacker to execute arbitrary code via the case display page in the index.html component.

The affiliate-toolkit WordPress plugin before 3.4.3 lacks authorization and authentication for requests to it's affiliate-toolkit-starter/tools/atkp_imagereceiver.php endpoint, allowing unauthenticate...

An arbitrary file upload vulnerability in the component /views/plugin.php of emlog pro v2.5.7 allows attackers to execute arbitrary code via uploading a crafted PHP file.

Improper limitation of a pathname to a restricted directory ('path traversal') in Azure allows an unauthorized attacker to elevate privileges over a network.

VisiCut 2.1 allows code execution via Insecure XML Deserialization in the loadPlfFile method of VisicutModel.java.

A Heap Overflow vulnerability in WLInfoRailService component of Ivanti Avalanche before 6.4.3 allows a remote unauthenticated attacker to execute arbitrary commands

D-Link DIR-822+ V1.0.2 was found to contain a command injection in SetStaticRouteSettings function. allows remote attackers to execute arbitrary commands via shell.

An issue in Docmosis Tornado v.2.9.7 and before allows a remote attacker to execute arbitrary code via a crafted script to the UNC path input

D-Link DIR-822+ V1.0.2 contains a login bypass in the HNAP1 interface, which allows attackers to log in to administrator accounts with empty passwords.

TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the hostName parameter in the setWanCfg function.

TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the username parameter in the setDdnsCfg function.

TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection vulnerability via the ip parameter in the setDmzCfg function.

Unauthenticated SQL injection vulnerability in Uniguest Tripleplay version 23.1+ allows remote attackers to execute arbitrary SQL queries on the backend database.

Buffer Overflow vulnerability in Vigor2620/LTE200 3.9.8.9 and earlier and Vigor2860/2925 3.9.8 and earlier and Vigor2862/2926 3.9.9.5 and earlier and Vigor2133/2762/2832 3.9.9 and earlier and Vigor165...

The ARForms - Premium WordPress Form Builder Plugin WordPress plugin before 6.6 allows unauthenticated users to modify uploaded files in such a way that PHP code can be uploaded when an upload file in...

Vigor165/166 4.2.7 and earlier; Vigor2620/LTE200 3.9.8.9 and earlier; Vigor2860/2925 3.9.8 and earlier; Vigor2862/2926 3.9.9.5 and earlier; Vigor2133/2762/2832 3.9.9 and earlier; Vigor2135/2765/2766 4...

TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the macstr parameter in the formMapDelDevice interface.

A spoofing attack in ujcms v.8.0.2 allows a remote attacker to obtain sensitive information and execute arbitrary code via a crafted script to the X-Forwarded-For function in the header.

In Gentoo Portage before 3.0.47, there is missing PGP validation of executed code: the standalone emerge-webrsync downloads a .gpgsig file but does not perform signature verification. Unless emerge-we...

naga v0.14.0 was discovered to contain a stack overflow via the component /wgsl/parse/mod.rs.

DataEase is an open source business intelligence and data visualization tool. Versions prior to version 2.10.10 have a flaw in the patch for CVE-2025-32966 that allow the patch to be bypassed through ...

An issue was discovered on GL.iNet devices before version 4.5.0. There is an NGINX authentication bypass via Lua string pattern matching. This affects A1300 4.4.6, AX1800 4.4.6, AXT1800 4.4.6, MT3000 ...

SQL Injection vulnerability in oretnom23 Judging Management System v1.0, allows remote attackers to execute arbitrary code and obtain sensitive information via sub_event_id parameter in sub_event_stat...

An issue in MaysWind ezBookkeeping 0.7.0 allows a remote attacker to escalate privileges via the token component.

SQL Injection vulnerability in oretnom23 Judging Management System v1.0, allows remote attackers to execute arbitrary code and obtain sensitive information via txtsearch parameter in review_search.php...