| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection vulnerability via the "minute" parameters in setScheduleCfg. |
| A flaw was found in pgAdmin. This issue occurs when the pgAdmin server HTTP API validates the path a user selects to external PostgreSQL utilities such as pg_dump and pg_restore. Versions of pgAdmin prior to 7.6 failed to properly control the server code executed on this API, allowing an authenticated user to run arbitrary commands on the server. |
| Netgear EX6120 v1.0.0.68, Netgear EX6100 v1.0.2.28, and Netgear EX3700 v1.0.0.96 are vulnerable to command injection in operating_mode.cgi via the ap_mode parameter. |
| An issue was discovered in Samsung Mobile Processor Exynos 980, Exynos 850, Exynos 1280, Exynos 1380, and Exynos 1330. In the function slsi_rx_range_done_ind(), there is no input validation check on rtt_id coming from userspace, which can lead to a heap overwrite. |
| Tenda AC8V4 V16.03.34.06 was discovered to contain a stack overflow via the shareSpeed parameter in the sub_49E098 function. |
| cute_png v1.05 was discovered to contain a heap buffer overflow via the cp_make32() function at cute_png.h. |
| A vulnerability was found in Tenda AC8V4 V16.03.34.06. Affected is the function SUB_0046AC38 of the file /goform/WifiExtraSet. The manipulation of the argument wpapsk_crypto leads to stack-based buffer overflow. |
| Tenda AC8v4 V16.03.34.06 has a stack overflow vulnerability. Affected by this vulnerability is the function setSchedWifi of the file /goform/openSchedWifi. The manipulation of the argument schedStartTime leads to stack-based buffer overflow. |
| Tenda AC8v4 V16.03.34.06 has a stack overflow vulnerability in the fromAdvSetMacMtuWan function. |
| Tenda AC8v4 V16.03.34.06 has a stack overflow vulnerability. Affected by this vulnerability is the function setSchedWifi of the file /goform/openSchedWifi. The manipulation of the argument schedEndTime leads to stack-based buffer overflow. |
| Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the funcpara1 parameter in the formSetCfm function. |
| Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the speed_dir parameter in the formSetSpeedWan function. |
| Tenda AC7 v.15.03.06.44 ate_iwpriv_set has pre-authentication command injection allowing remote attackers to execute arbitrary code. |
| Tenda AC7 v.15.03.06.44 ate_ifconfig_set has pre-authentication command injection allowing remote attackers to execute arbitrary code. |
| D-Link DI-8100 v16.07.26A1 has a stack overflow vulnerability in the dbsrv_asp function. |
| Out-of-bounds write vulnerability in the emcom module
Impact: Successful exploitation of this vulnerability may cause features to perform abnormally. |
| In setMimeGroup of PackageManagerService.java, there is a possible way to hide the service from Settings due to a logic error in the code. This could lead to local escalation of privilege with User execution privileges needed. User interaction is needed for exploitation. |
| A vulnerability was found in the libtiff library. This flaw causes a heap buffer overflow issue via the TIFFTAG_INKNAMES and TIFFTAG_NUMBEROFINKS values. |
| An issue was discovered in GPAC 0.7.1. There is a heap-based buffer overflow in the function ReadGF_IPMPX_RemoveToolNotificationListener in odf/ipmpx_code.c in libgpac.a, as demonstrated by MP4Box. |
| A buffer overflow vulnerability in image_render_color_thresh() in base/gxicolor.c of Artifex Software GhostScript v9.18 to v9.50 allows a remote attacker to escalate privileges via a crafted eps file. This is fixed in v9.51. |