🚨 CVE-2025-12198
A vulnerability has been found in dnsmasq up to 2.73rc6. Affected is the function parse_hex of the file src/util.c of the component Config File Handler. The manipulation of the argument i leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
🎖@cveNotify
A vulnerability has been found in dnsmasq up to 2.73rc6. Affected is the function parse_hex of the file src/util.c of the component Config File Handler. The manipulation of the argument i leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
🎖@cveNotify
shimo.im
Heap Buffer Overflow in dnsmasq v2.73rc6 — parse_hex() overflow when parsing DHCP option hex
石墨文档是一款轻便、简洁的在线协作文档工具,PC端和移动端全覆盖,支持多人同时对文档编辑和评论,让你与他人轻松完成协作撰稿、方案讨论、会议记录和资料共享等工作。
🚨 CVE-2025-12199
A vulnerability was found in dnsmasq up to 2.73rc6. Affected by this vulnerability is the function check_servers of the file src/network.c of the component Config File Handler. The manipulation results in null pointer dereference. The attack needs to be approached locally. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
🎖@cveNotify
A vulnerability was found in dnsmasq up to 2.73rc6. Affected by this vulnerability is the function check_servers of the file src/network.c of the component Config File Handler. The manipulation results in null pointer dereference. The attack needs to be approached locally. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
🎖@cveNotify
shimo.im
Null Pointer Dereference in dnsmasq v2.73rc6 — crash in check_servers() when formatting domain log m
石墨文档是一款轻便、简洁的在线协作文档工具,PC端和移动端全覆盖,支持多人同时对文档编辑和评论,让你与他人轻松完成协作撰稿、方案讨论、会议记录和资料共享等工作。
🚨 CVE-2025-12200
A vulnerability was determined in dnsmasq up to 2.73rc6. Affected by this issue is the function parse_dhcp_opt of the file src/option.c of the component Config File Handler. This manipulation of the argument m causes null pointer dereference. The attack can only be executed locally. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.
🎖@cveNotify
A vulnerability was determined in dnsmasq up to 2.73rc6. Affected by this issue is the function parse_dhcp_opt of the file src/option.c of the component Config File Handler. This manipulation of the argument m causes null pointer dereference. The attack can only be executed locally. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.
🎖@cveNotify
shimo.im
Null Pointer Write (SEGV) in dnsmasq v2.73rc6 — parse_dhcp_opt() sets m[0] on a NULL buffer
石墨文档是一款轻便、简洁的在线协作文档工具,PC端和移动端全覆盖,支持多人同时对文档编辑和评论,让你与他人轻松完成协作撰稿、方案讨论、会议记录和资料共享等工作。
🚨 CVE-2025-12204
A security vulnerability has been detected in Kamailio 5.5. Impacted is the function rve_destroy of the file src/core/rvalue.c of the component Configuration File Handler. The manipulation leads to heap-based buffer overflow. The attack must be carried out locally. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
🎖@cveNotify
A security vulnerability has been detected in Kamailio 5.5. Impacted is the function rve_destroy of the file src/core/rvalue.c of the component Configuration File Handler. The manipulation leads to heap-based buffer overflow. The attack must be carried out locally. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
🎖@cveNotify
shimo.im
Heap-buffer-overflow in Kamailio v5.5 — crash in rve_destroy() when freeing module function paramete
石墨文档是一款轻便、简洁的在线协作文档工具,PC端和移动端全覆盖,支持多人同时对文档编辑和评论,让你与他人轻松完成协作撰稿、方案讨论、会议记录和资料共享等工作。
🚨 CVE-2025-12205
A vulnerability was detected in Kamailio 5.5. The affected element is the function sr_push_yy_state of the file src/core/cfg.lex of the component Configuration File Handler. The manipulation results in use after free. The attack must be initiated from a local position. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
🎖@cveNotify
A vulnerability was detected in Kamailio 5.5. The affected element is the function sr_push_yy_state of the file src/core/cfg.lex of the component Configuration File Handler. The manipulation results in use after free. The attack must be initiated from a local position. The exploit is now public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
🎖@cveNotify
shimo.im
Heap Use-After-Free in Kamailio v5.5 — use-after-free in config include handling sr_push_yy_state
石墨文档是一款轻便、简洁的在线协作文档工具,PC端和移动端全覆盖,支持多人同时对文档编辑和评论,让你与他人轻松完成协作撰稿、方案讨论、会议记录和资料共享等工作。
🚨 CVE-2025-12206
A flaw has been found in Kamailio 5.5. The impacted element is the function rve_is_constant of the file src/core/rvalue.c. This manipulation causes null pointer dereference. The attack needs to be launched locally. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
🎖@cveNotify
A flaw has been found in Kamailio 5.5. The impacted element is the function rve_is_constant of the file src/core/rvalue.c. This manipulation causes null pointer dereference. The attack needs to be launched locally. The exploit has been published and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
🎖@cveNotify
shimo.im
NULL pointer dereference in Kamailio v5.5—crash in rve_is_constant() during config parsing exp_elem
石墨文档是一款轻便、简洁的在线协作文档工具,PC端和移动端全覆盖,支持多人同时对文档编辑和评论,让你与他人轻松完成协作撰稿、方案讨论、会议记录和资料共享等工作。
🚨 CVE-2025-11647
A flaw has been found in Tomofun Furbo 360 and Furbo Mini. This issue affects some unknown processing of the component GATT Service. This manipulation of the argument DeviceToken causes information disclosure. The attack is only possible within the local network. A high degree of complexity is needed for the attack. The exploitability is assessed as difficult. The firmware versions determined to be affected are Furbo 360 up to FB0035_FW_036 and Furbo Mini up to MC0020_FW_074. The vendor was contacted early about this disclosure but did not respond in any way.
🎖@cveNotify
A flaw has been found in Tomofun Furbo 360 and Furbo Mini. This issue affects some unknown processing of the component GATT Service. This manipulation of the argument DeviceToken causes information disclosure. The attack is only possible within the local network. A high degree of complexity is needed for the attack. The exploitability is assessed as difficult. The firmware versions determined to be affected are Furbo 360 up to FB0035_FW_036 and Furbo Mini up to MC0020_FW_074. The vendor was contacted early about this disclosure but did not respond in any way.
🎖@cveNotify
GitHub
Furbo-Advisories/Information-Disclosure-DeviceToken.md at main · dead1nfluence/Furbo-Advisories
Contribute to dead1nfluence/Furbo-Advisories development by creating an account on GitHub.
🚨 CVE-2025-11648
A vulnerability has been found in Tomofun Furbo 360 and Furbo Mini. Impacted is an unknown function of the file TF_FQDN.json of the component GATT Interface URL Handler. Such manipulation leads to server-side request forgery. The attack may be performed from remote. Attacks of this nature are highly complex. The exploitability is considered difficult. The firmware versions determined to be affected are Furbo 360 up to FB0035_FW_036 and Furbo Mini up to MC0020_FW_074. The vendor was contacted early about this disclosure but did not respond in any way.
🎖@cveNotify
A vulnerability has been found in Tomofun Furbo 360 and Furbo Mini. Impacted is an unknown function of the file TF_FQDN.json of the component GATT Interface URL Handler. Such manipulation leads to server-side request forgery. The attack may be performed from remote. Attacks of this nature are highly complex. The exploitability is considered difficult. The firmware versions determined to be affected are Furbo 360 up to FB0035_FW_036 and Furbo Mini up to MC0020_FW_074. The vendor was contacted early about this disclosure but did not respond in any way.
🎖@cveNotify
GitHub
Furbo-Advisories/SSRF-via-BLE.md at main · dead1nfluence/Furbo-Advisories
Contribute to dead1nfluence/Furbo-Advisories development by creating an account on GitHub.
🚨 CVE-2025-11649
A vulnerability was found in Tomofun Furbo 360 and Furbo Mini. The affected element is an unknown function of the component Root Account Handler. Performing manipulation results in use of hard-coded password. The attack must be initiated from a local position. The attack is considered to have high complexity. The exploitability is described as difficult. The exploit has been made public and could be used. The firmware versions determined to be affected are Furbo 360 up to FB0035_FW_036 and Furbo Mini up to MC0020_FW_074. The vendor was contacted early about this disclosure but did not respond in any way.
🎖@cveNotify
A vulnerability was found in Tomofun Furbo 360 and Furbo Mini. The affected element is an unknown function of the component Root Account Handler. Performing manipulation results in use of hard-coded password. The attack must be initiated from a local position. The attack is considered to have high complexity. The exploitability is described as difficult. The exploit has been made public and could be used. The firmware versions determined to be affected are Furbo 360 up to FB0035_FW_036 and Furbo Mini up to MC0020_FW_074. The vendor was contacted early about this disclosure but did not respond in any way.
🎖@cveNotify
GitHub
Furbo-Advisories/Hardcoded-Password.md at main · dead1nfluence/Furbo-Advisories
Contribute to dead1nfluence/Furbo-Advisories development by creating an account on GitHub.
🚨 CVE-2025-11650
A vulnerability was determined in Tomofun Furbo 360 and Furbo Mini. The impacted element is an unknown function of the file /etc/shadow of the component Password Handler. Executing manipulation can lead to use of weak hash. The physical device can be targeted for the attack. The attack requires a high level of complexity. The exploitability is regarded as difficult. The exploit has been publicly disclosed and may be utilized. The firmware versions determined to be affected are Furbo 360 up to FB0035_FW_036 and Furbo Mini up to MC0020_FW_074. The vendor was contacted early about this disclosure but did not respond in any way.
🎖@cveNotify
A vulnerability was determined in Tomofun Furbo 360 and Furbo Mini. The impacted element is an unknown function of the file /etc/shadow of the component Password Handler. Executing manipulation can lead to use of weak hash. The physical device can be targeted for the attack. The attack requires a high level of complexity. The exploitability is regarded as difficult. The exploit has been publicly disclosed and may be utilized. The firmware versions determined to be affected are Furbo 360 up to FB0035_FW_036 and Furbo Mini up to MC0020_FW_074. The vendor was contacted early about this disclosure but did not respond in any way.
🎖@cveNotify
GitHub
Furbo-Advisories/Insecure-Encryption-Algorithm.md at main · dead1nfluence/Furbo-Advisories
Contribute to dead1nfluence/Furbo-Advisories development by creating an account on GitHub.
🚨 CVE-2025-12198
A vulnerability has been found in dnsmasq up to 2.73rc6. Affected is the function parse_hex of the file src/util.c of the component Config File Handler. The manipulation of the argument i leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
🎖@cveNotify
A vulnerability has been found in dnsmasq up to 2.73rc6. Affected is the function parse_hex of the file src/util.c of the component Config File Handler. The manipulation of the argument i leads to heap-based buffer overflow. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
🎖@cveNotify
shimo.im
Heap Buffer Overflow in dnsmasq v2.73rc6 — parse_hex() overflow when parsing DHCP option hex
石墨文档是一款轻便、简洁的在线协作文档工具,PC端和移动端全覆盖,支持多人同时对文档编辑和评论,让你与他人轻松完成协作撰稿、方案讨论、会议记录和资料共享等工作。
🚨 CVE-2025-12199
A vulnerability was found in dnsmasq up to 2.73rc6. Affected by this vulnerability is the function check_servers of the file src/network.c of the component Config File Handler. The manipulation results in null pointer dereference. The attack needs to be approached locally. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
🎖@cveNotify
A vulnerability was found in dnsmasq up to 2.73rc6. Affected by this vulnerability is the function check_servers of the file src/network.c of the component Config File Handler. The manipulation results in null pointer dereference. The attack needs to be approached locally. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.
🎖@cveNotify
shimo.im
Null Pointer Dereference in dnsmasq v2.73rc6 — crash in check_servers() when formatting domain log m
石墨文档是一款轻便、简洁的在线协作文档工具,PC端和移动端全覆盖,支持多人同时对文档编辑和评论,让你与他人轻松完成协作撰稿、方案讨论、会议记录和资料共享等工作。
🚨 CVE-2025-12200
A vulnerability was determined in dnsmasq up to 2.73rc6. Affected by this issue is the function parse_dhcp_opt of the file src/option.c of the component Config File Handler. This manipulation of the argument m causes null pointer dereference. The attack can only be executed locally. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.
🎖@cveNotify
A vulnerability was determined in dnsmasq up to 2.73rc6. Affected by this issue is the function parse_dhcp_opt of the file src/option.c of the component Config File Handler. This manipulation of the argument m causes null pointer dereference. The attack can only be executed locally. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way.
🎖@cveNotify
shimo.im
Null Pointer Write (SEGV) in dnsmasq v2.73rc6 — parse_dhcp_opt() sets m[0] on a NULL buffer
石墨文档是一款轻便、简洁的在线协作文档工具,PC端和移动端全覆盖,支持多人同时对文档编辑和评论,让你与他人轻松完成协作撰稿、方案讨论、会议记录和资料共享等工作。
🚨 CVE-2025-12212
A weakness has been identified in Tenda O3 1.0.0.10(2478). This affects the function SetValue/GetValue of the file /goform/setNetworkService. This manipulation of the argument upnpEn causes stack-based buffer overflow. The attack can be initiated remotely. The exploit has been made available to the public and could be exploited.
🎖@cveNotify
A weakness has been identified in Tenda O3 1.0.0.10(2478). This affects the function SetValue/GetValue of the file /goform/setNetworkService. This manipulation of the argument upnpEn causes stack-based buffer overflow. The attack can be initiated remotely. The exploit has been made available to the public and could be exploited.
🎖@cveNotify
GitHub
IoT-vulnerable/Tenda/O3v2.0/setNetworkService.md at main · noahze01/IoT-vulnerable
Contribute to noahze01/IoT-vulnerable development by creating an account on GitHub.
🚨 CVE-2025-12213
A security vulnerability has been detected in Tenda O3 1.0.0.10(2478). This vulnerability affects the function SetValue/GetValue of the file /goform/setVlanConfig. Such manipulation of the argument lan leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed publicly and may be used.
🎖@cveNotify
A security vulnerability has been detected in Tenda O3 1.0.0.10(2478). This vulnerability affects the function SetValue/GetValue of the file /goform/setVlanConfig. Such manipulation of the argument lan leads to stack-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed publicly and may be used.
🎖@cveNotify
GitHub
IoT-vulnerable/Tenda/O3v2.0/setVlanConfig.md at main · noahze01/IoT-vulnerable
Contribute to noahze01/IoT-vulnerable development by creating an account on GitHub.
🚨 CVE-2025-12214
A vulnerability was detected in Tenda O3 1.0.0.10(2478). This issue affects the function SetValue/GetValue of the file /goform/sysAutoReboot. Performing manipulation of the argument enable results in stack-based buffer overflow. The attack may be initiated remotely. The exploit is now public and may be used.
🎖@cveNotify
A vulnerability was detected in Tenda O3 1.0.0.10(2478). This issue affects the function SetValue/GetValue of the file /goform/sysAutoReboot. Performing manipulation of the argument enable results in stack-based buffer overflow. The attack may be initiated remotely. The exploit is now public and may be used.
🎖@cveNotify
GitHub
IoT-vulnerable/Tenda/O3v2.0/sysAutoReboot.md at main · noahze01/IoT-vulnerable
Contribute to noahze01/IoT-vulnerable development by creating an account on GitHub.
🚨 CVE-2025-12215
A flaw has been found in projectworlds Online Shopping System 1.0. Impacted is an unknown function of the file /login_submit.php. Executing manipulation of the argument keywords can lead to sql injection. The attack may be launched remotely. The exploit has been published and may be used.
🎖@cveNotify
A flaw has been found in projectworlds Online Shopping System 1.0. Impacted is an unknown function of the file /login_submit.php. Executing manipulation of the argument keywords can lead to sql injection. The attack may be launched remotely. The exploit has been published and may be used.
🎖@cveNotify
GitHub
Projectworlds Online Shopping System Project V1.0 /login_submit.php SQL injection · Issue #1 · juzidddd/SQL-Injection-Vulnerability…
NAME OF AFFECTED PRODUCT(S) • Online Shopping System Vendor Homepage • https://projectworlds.com/free-projects/php-projects/free-download-online-shopping-system/ AFFECTED AND/OR FIXED VERSION(S) su...
🚨 CVE-2025-12225
A vulnerability has been found in Tenda AC6 15.03.06.50. This issue affects some unknown processing of the file /goform/WifiGuestSet of the component HTTP Request Handler. Such manipulation of the argument shareSpeed leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
🎖@cveNotify
A vulnerability has been found in Tenda AC6 15.03.06.50. This issue affects some unknown processing of the file /goform/WifiGuestSet of the component HTTP Request Handler. Such manipulation of the argument shareSpeed leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
🎖@cveNotify
GitHub
BinaryAudit/PoC/BOF/Tenda/WifiGuestSet/WifiGuestSet.md at main · z472421519/BinaryAudit
Contribute to z472421519/BinaryAudit development by creating an account on GitHub.
🚨 CVE-2025-12226
A vulnerability was found in SourceCodester Best House Rental Management System 1.0. Impacted is the function save_house of the file /admin_class.php. Performing manipulation of the argument house_no results in sql injection. Remote exploitation of the attack is possible. The exploit has been made public and could be used.
🎖@cveNotify
A vulnerability was found in SourceCodester Best House Rental Management System 1.0. Impacted is the function save_house of the file /admin_class.php. Performing manipulation of the argument house_no results in sql injection. Remote exploitation of the attack is possible. The exploit has been made public and could be used.
🎖@cveNotify
GitHub
vul/report.md at main · zhang947/vul
Contribute to zhang947/vul development by creating an account on GitHub.
🚨 CVE-2025-12227
A vulnerability was determined in projectworlds Gate Pass Management System 1.0. The affected element is an unknown function of the file /add-pass.php. Executing manipulation can lead to cross site scripting. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized.
🎖@cveNotify
A vulnerability was determined in projectworlds Gate Pass Management System 1.0. The affected element is an unknown function of the file /add-pass.php. Executing manipulation can lead to cross site scripting. The attack can be executed remotely. The exploit has been publicly disclosed and may be utilized.
🎖@cveNotify
GitHub
[Open Source Project]"Gate Pass Management System PHP MySQL" Project V1.0 Critical Persistent Cross-Site Scripting (XSS) in add…
NAME OF AFFECTED PRODUCT(S) Gate Pass Management System PHP MySQL Vendor Homepage https://projectworlds.com/gate-pass-management-system-in-php-mysql-with-source-code/ AFFECTED AND/OR FIXED VERSION(...
🚨 CVE-2025-12228
A vulnerability was identified in projectworlds Expense Management System 1.0. The impacted element is an unknown function of the file /public/admin/users/create of the component Users Page. The manipulation leads to cross site scripting. The attack is possible to be carried out remotely. The exploit is publicly available and might be used.
🎖@cveNotify
A vulnerability was identified in projectworlds Expense Management System 1.0. The impacted element is an unknown function of the file /public/admin/users/create of the component Users Page. The manipulation leads to cross site scripting. The attack is possible to be carried out remotely. The exploit is publicly available and might be used.
🎖@cveNotify
GitHub
[Open Source Project]"Expense Management System in php free download" Project V1.0 Critical Persistent Cross-Site Scripting (XSS)…
NAME OF AFFECTED PRODUCT(S) Expense Management System in php free download Vendor Homepage https://projectworlds.com/free-projects/php-projects/expense-management-system-in-php-free-download/ AFFEC...