๐จ CVE-2025-14654
A vulnerability was identified in Tenda AC20 16.03.08.12. The affected element is the function formSetPPTPUserList of the file /goform/setPptpUserList of the component httpd. Such manipulation of the argument list leads to stack-based buffer overflow. The attack can be executed remotely. The exploit is publicly available and might be used.
๐@cveNotify
A vulnerability was identified in Tenda AC20 16.03.08.12. The affected element is the function formSetPPTPUserList of the file /goform/setPptpUserList of the component httpd. Such manipulation of the argument list leads to stack-based buffer overflow. The attack can be executed remotely. The exploit is publicly available and might be used.
๐@cveNotify
GitHub
MY_VULN_2/Tenda/VULN12/AC20_SetPptpUserList.md at main ยท Madgeaaaaa/MY_VULN_2
Contribute to Madgeaaaaa/MY_VULN_2 development by creating an account on GitHub.
๐จ CVE-2025-14655
A security flaw has been discovered in Tenda AC20 16.03.08.12. The impacted element is the function formSetRebootTimer of the file /goform/SetSysAutoRebbotCfg of the component httpd. Performing manipulation of the argument rebootTime results in stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been released to the public and may be exploited.
๐@cveNotify
A security flaw has been discovered in Tenda AC20 16.03.08.12. The impacted element is the function formSetRebootTimer of the file /goform/SetSysAutoRebbotCfg of the component httpd. Performing manipulation of the argument rebootTime results in stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit has been released to the public and may be exploited.
๐@cveNotify
GitHub
MY_VULN_2/Tenda/VULN13/AC20_SetSysAutoRebbotCfg.md at main ยท Madgeaaaaa/MY_VULN_2
Contribute to Madgeaaaaa/MY_VULN_2 development by creating an account on GitHub.
๐จ CVE-2025-14656
A weakness has been identified in Tenda AC20 16.03.08.12. This affects the function httpd of the file /goform/openSchedWifi. Executing manipulation of the argument schedStartTime/schedEndTime can lead to buffer overflow. The attack may be performed from remote. The exploit has been made available to the public and could be exploited.
๐@cveNotify
A weakness has been identified in Tenda AC20 16.03.08.12. This affects the function httpd of the file /goform/openSchedWifi. Executing manipulation of the argument schedStartTime/schedEndTime can lead to buffer overflow. The attack may be performed from remote. The exploit has been made available to the public and could be exploited.
๐@cveNotify
GitHub
MY_VULN_2/Tenda/VULN14/AC20_openSchedWifi.md at main ยท Madgeaaaaa/MY_VULN_2
Contribute to Madgeaaaaa/MY_VULN_2 development by creating an account on GitHub.
๐จ CVE-2025-14659
A vulnerability was detected in D-Link DIR-860LB1 and DIR-868LB1 203b01/203b03. Affected is an unknown function of the component DHCP Daemon. The manipulation of the argument Hostname results in command injection. It is possible to launch the attack remotely. The exploit is now public and may be used.
๐@cveNotify
A vulnerability was detected in D-Link DIR-860LB1 and DIR-868LB1 203b01/203b03. Affected is an unknown function of the component DHCP Daemon. The manipulation of the argument Hostname results in command injection. It is possible to launch the attack remotely. The exploit is now public and may be used.
๐@cveNotify
tzh00203 on Notion
D-Link DIR-860LB1 v203b03 Command Injection in DHCPd | Notion
Vulnerability Title: Command Injection Vulnerability in DHCP Service of D-Link DIR-860LB1_v203b03
๐จ CVE-2025-14660
A flaw has been found in DecoCMS Mesh up to 1.0.0-alpha.31. Affected by this vulnerability is the function createTool of the file packages/sdk/src/mcp/teams/api.ts of the component Workspace Domain Handler. This manipulation of the argument domain causes improper access controls. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been published and may be used. Upgrading to version 1.0.0-alpha.32 addresses this issue. Patch name: 5f7315e05852faf3a9c177c0a34f9ea9b0371d3d. It is recommended to upgrade the affected component.
๐@cveNotify
A flaw has been found in DecoCMS Mesh up to 1.0.0-alpha.31. Affected by this vulnerability is the function createTool of the file packages/sdk/src/mcp/teams/api.ts of the component Workspace Domain Handler. This manipulation of the argument domain causes improper access controls. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been published and may be used. Upgrading to version 1.0.0-alpha.32 addresses this issue. Patch name: 5f7315e05852faf3a9c177c0a34f9ea9b0371d3d. It is recommended to upgrade the affected component.
๐@cveNotify
GitHub
fix prev esc vulnerability on team auto join (#1967) ยท decocms/mesh@5f7315e
Define and compose secure MCPs in TypeScript. Generate AI workflows and agents with React + Tailwind UI. Deploy anywhere. - fix prev esc vulnerability on team auto join (#1967) ยท decocms/mesh@5f7315e
๐จ CVE-2025-67896
Exim before 4.99.1 allows remote heap corruption that will be further described on 2025-12-18.
๐@cveNotify
Exim before 4.99.1 allows remote heap corruption that will be further described on 2025-12-18.
๐@cveNotify
๐จ CVE-2025-14661
A vulnerability has been found in itsourcecode Student Managemen System 1.0. Affected by this issue is some unknown functionality of the file /advisers.php. Such manipulation of the argument sy leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
๐@cveNotify
A vulnerability has been found in itsourcecode Student Managemen System 1.0. Affected by this issue is some unknown functionality of the file /advisers.php. Such manipulation of the argument sy leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
๐@cveNotify
GitHub
itsourcecode Student Management System V1.0 SQL Injection Vulnerability ยท Issue #27 ยท ltranquility/CVE
itsourcecode Student Management System V1.0 SQL Injection Vulnerability NAME OF AFFECTED PRODUCT(S) Student Managemen System Vendor Homepage https://itsourcecode.com/free-projects/php-project/stude...
๐จ CVE-2025-14662
A vulnerability was found in code-projects Student File Management System 1.0. This affects an unknown part of the file /admin/update_user.php of the component Update User Page. Performing manipulation results in cross site scripting. The attack may be initiated remotely. The exploit has been made public and could be used.
๐@cveNotify
A vulnerability was found in code-projects Student File Management System 1.0. This affects an unknown part of the file /admin/update_user.php of the component Update User Page. Performing manipulation results in cross site scripting. The attack may be initiated remotely. The exploit has been made public and could be used.
๐@cveNotify
๐จ CVE-2025-14663
A vulnerability was determined in code-projects Student File Management System 1.0. This vulnerability affects unknown code of the file /admin/update_student.php. Executing manipulation can lead to cross site scripting. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized.
๐@cveNotify
A vulnerability was determined in code-projects Student File Management System 1.0. This vulnerability affects unknown code of the file /admin/update_student.php. Executing manipulation can lead to cross site scripting. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized.
๐@cveNotify
๐จ CVE-2025-14664
A vulnerability was identified in Campcodes Supplier Management System 1.0. This issue affects some unknown processing of the file /admin/view_unit.php. The manipulation of the argument chkId[] leads to sql injection. Remote exploitation of the attack is possible. The exploit is publicly available and might be used.
๐@cveNotify
A vulnerability was identified in Campcodes Supplier Management System 1.0. This issue affects some unknown processing of the file /admin/view_unit.php. The manipulation of the argument chkId[] leads to sql injection. Remote exploitation of the attack is possible. The exploit is publicly available and might be used.
๐@cveNotify
GitHub
Campcodes Supplier Management System V1.0 /Supply_Management_System/admin/view_unit.php SQL injection ยท Issue #3 ยท louxiadelaolitou/CVE
Campcodes Supplier Management System V1.0 /Supply_Management_System/admin/view_unit.php SQL injection NAME OF AFFECTED PRODUCT(S) Supplier Management System Vendor Homepage https://www.campcodes.co...
๐จ CVE-2025-14665
A security flaw has been discovered in Tenda WH450 1.0.0.18. Impacted is an unknown function of the file /goform/DhcpListClient of the component HTTP Request Handler. The manipulation of the argument page results in stack-based buffer overflow. The attack can be executed remotely. The exploit has been released to the public and may be exploited.
๐@cveNotify
A security flaw has been discovered in Tenda WH450 1.0.0.18. Impacted is an unknown function of the file /goform/DhcpListClient of the component HTTP Request Handler. The manipulation of the argument page results in stack-based buffer overflow. The attack can be executed remotely. The exploit has been released to the public and may be exploited.
๐@cveNotify
GitHub
BinaryAudit/PoC/BOF/Tenda_WH450/DhcpListClient/DhcpListClient.md at main ยท z472421519/BinaryAudit
Contribute to z472421519/BinaryAudit development by creating an account on GitHub.
๐จ CVE-2025-14666
A weakness has been identified in itsourcecode COVID Tracking System 1.0. The affected element is an unknown function of the file /admin/?page=user. This manipulation of the argument Username causes sql injection. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be exploited.
๐@cveNotify
A weakness has been identified in itsourcecode COVID Tracking System 1.0. The affected element is an unknown function of the file /admin/?page=user. This manipulation of the argument Username causes sql injection. The attack is possible to be carried out remotely. The exploit has been made available to the public and could be exploited.
๐@cveNotify
GitHub
itsourcecode COVID Tracking System V1.0 "/cts/admin/?page=user" SQL injection ยท Issue #2 ยท bardminx/Lonlydance
itsourcecode COVID Tracking System V1.0 "/cts/admin/?page=user" SQL injection NAME OF AFFECTED PRODUCT(S) COVID Tracking System Vendor Homepage https://itsourcecode.com/free-projects/php-...
๐จ CVE-2025-14667
A security vulnerability has been detected in itsourcecode COVID Tracking System 1.0. The impacted element is an unknown function of the file /admin/?page=system_info. Such manipulation of the argument meta_value leads to sql injection. The attack may be performed from remote. The exploit has been disclosed publicly and may be used.
๐@cveNotify
A security vulnerability has been detected in itsourcecode COVID Tracking System 1.0. The impacted element is an unknown function of the file /admin/?page=system_info. Such manipulation of the argument meta_value leads to sql injection. The attack may be performed from remote. The exploit has been disclosed publicly and may be used.
๐@cveNotify
GitHub
# itsourcecode COVID Tracking System V1.0 "/cts/admin/?page=system_info" SQL injection ยท Issue #3 ยท bardminx/Lonlydance
itsourcecode COVID Tracking System V1.0 "/cts/admin/?page=system_info" SQL injection NAME OF AFFECTED PRODUCT(S) COVID Tracking System Vendor Homepage https://itsourcecode.com/free-projec...
๐จ CVE-2025-14668
A vulnerability was detected in campcodes Advanced Online Examination System 1.0. This affects an unknown function of the file /query/loginExe.php. Performing manipulation of the argument Username results in sql injection. It is possible to initiate the attack remotely. The exploit is now public and may be used.
๐@cveNotify
A vulnerability was detected in campcodes Advanced Online Examination System 1.0. This affects an unknown function of the file /query/loginExe.php. Performing manipulation of the argument Username results in sql injection. It is possible to initiate the attack remotely. The exploit is now public and may be used.
๐@cveNotify
GitHub
Campcodes Advanced Online Examination System V1.0 /Online%20Examination%20System/query/loginExe.php SQL injection ยท Issue #1 ยทโฆ
Campcodes Advanced Online Examination System V1.0 /Online%20Examination%20System/query/loginExe.php SQL injection NAME OF AFFECTED PRODUCT(S) Advanced Online Examination System Vendor Homepage http...
๐จ CVE-2025-14672
A flaw has been found in gmg137 snap7-rs up to 1.142.1. This impacts the function TSnap7MicroClient::opWriteArea of the file s7_micro_client.cpp. Executing manipulation can lead to heap-based buffer overflow. It is possible to launch the attack remotely. The exploit has been published and may be used.
๐@cveNotify
A flaw has been found in gmg137 snap7-rs up to 1.142.1. This impacts the function TSnap7MicroClient::opWriteArea of the file s7_micro_client.cpp. Executing manipulation can lead to heap-based buffer overflow. It is possible to launch the attack remotely. The exploit has been published and may be used.
๐@cveNotify
Gitee
gmg137/snap7-rs: snap7 C++ ๅบ็ Rust ็ปๅฎ๏ผ้่ฟ้ๆ้พๆฅๅฐ snap7๏ผๆ ้้ขๅคไพ่ตใ
๐จ CVE-2025-14673
A vulnerability has been found in gmg137 snap7-rs up to 1.142.1. Affected is the function snap7_rs::client::S7Client::as_ct_write of the file /tests/snap7-rs/src/client.rs. The manipulation leads to heap-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
๐@cveNotify
A vulnerability has been found in gmg137 snap7-rs up to 1.142.1. Affected is the function snap7_rs::client::S7Client::as_ct_write of the file /tests/snap7-rs/src/client.rs. The manipulation leads to heap-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.
๐@cveNotify
Gitee
gmg137/snap7-rs: snap7 C++ ๅบ็ Rust ็ปๅฎ๏ผ้่ฟ้ๆ้พๆฅๅฐ snap7๏ผๆ ้้ขๅคไพ่ตใ
๐จ CVE-2025-14674
A vulnerability was found in aizuda snail-job up to 1.6.0. Affected by this vulnerability is the function QLExpressEngine.doEval of the file snail-job-common/snail-job-common-core/src/main/java/com/aizuda/snailjob/common/core/expression/strategy/QLExpressEngine.java. The manipulation results in injection. The attack can be launched remotely. Upgrading to version 1.7.0-beta1 addresses this issue. The patch is identified as 978f316c38b3d68bb74d2489b5e5f721f6675e86. The affected component should be upgraded.
๐@cveNotify
A vulnerability was found in aizuda snail-job up to 1.6.0. Affected by this vulnerability is the function QLExpressEngine.doEval of the file snail-job-common/snail-job-common-core/src/main/java/com/aizuda/snailjob/common/core/expression/strategy/QLExpressEngine.java. The manipulation results in injection. The attack can be launched remotely. Upgrading to version 1.7.0-beta1 addresses this issue. The patch is identified as 978f316c38b3d68bb74d2489b5e5f721f6675e86. The affected component should be upgraded.
๐@cveNotify
Gitee
Login - Gitee
Gitee.com๏ผ็ ไบ๏ผ ๆฏ OSCHINA.NET ๆจๅบ็ไปฃ็ ๆ็ฎกๅนณๅฐ๏ผๆฏๆ Git ๅ SVN๏ผๆไพๅ
่ดน็็งๆไปๅบๆ็ฎกใ็ฎๅๅทฒๆ่ถ
่ฟ 1350ไธ็ๅผๅ่
้ๆฉ Giteeใ
๐จ CVE-2025-13281
A half-blind Server Side Request Forgery (SSRF) vulnerability exists in kube-controller-manager when using the in-tree Portworx StorageClass. This vulnerability allows authorized users to leak arbitrary information from unprotected endpoints in the control planeโs host network (including link-local or loopback services).
๐@cveNotify
A half-blind Server Side Request Forgery (SSRF) vulnerability exists in kube-controller-manager when using the in-tree Portworx StorageClass. This vulnerability allows authorized users to leak arbitrary information from unprotected endpoints in the control planeโs host network (including link-local or loopback services).
๐@cveNotify
GitHub
CVE-2025-13281: Portworx Half-Blind SSRF in kube-controller-manager ยท Issue #135525 ยท kubernetes/kubernetes
CVSS Rating: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N - Medium (5.8) A half-blind Server Side Request Forgery (SSRF) vulnerability exists in kube-controller-manager when using the in-tree Portw...
๐จ CVE-2025-67898
MJML through 4.18.0 allows mj-include directory traversal to test file existence and (in the type="css" case) read files. NOTE: this issue exists because of an incomplete fix for CVE-2020-12827.
๐@cveNotify
MJML through 4.18.0 allows mj-include directory traversal to test file existence and (in the type="css" case) read files. NOTE: this issue exists because of an incomplete fix for CVE-2020-12827.
๐@cveNotify
GitHub
CVE-2020-12827 unfixed? (`ignoreIncludes` continues to default to `false`? ๐ค ) ยท Issue #3018 ยท mjmlio/mjml
Hi! Past vulnerability CVE-2020-12827 has come to my attention. After reading the detailed description and inspecting the two related commitsโฆ 21034a7 30e29ed โฆbetween releases 4.6.2 and 4.6.3, my ...
๐จ CVE-2025-14691
A vulnerability was detected in Mayan EDMS up to 4.10.1. The affected element is an unknown function of the file /authentication/. The manipulation results in cross site scripting. The attack may be performed from remote. The exploit is now public and may be used. Upgrading to version 4.10.2 is sufficient to fix this issue. You should upgrade the affected component. The vendor confirms that this is "[f]ixed in version 4.10.2". Furthermore, that "[b]ackports for older versions in process and will be out as soon as their respective CI pipelines complete."
๐@cveNotify
A vulnerability was detected in Mayan EDMS up to 4.10.1. The affected element is an unknown function of the file /authentication/. The manipulation results in cross site scripting. The attack may be performed from remote. The exploit is now public and may be used. Upgrading to version 4.10.2 is sufficient to fix this issue. You should upgrade the affected component. The vendor confirms that this is "[f]ixed in version 4.10.2". Furthermore, that "[b]ackports for older versions in process and will be out as soon as their respective CI pipelines complete."
๐@cveNotify
๐จ CVE-2025-67899
uriparser through 0.9.9 allows unbounded recursion and stack consumption, as demonstrated by ParseMustBeSegmentNzNc with large input containing many commas.
๐@cveNotify
uriparser through 0.9.9 allows unbounded recursion and stack consumption, as demonstrated by ParseMustBeSegmentNzNc with large input containing many commas.
๐@cveNotify
GitHub
Stack overflow in ParseMustBeSegmentNzNc ยท Issue #282 ยท uriparser/uriparser
I tried to check if the text is an valid URI, but got stack overflow and crash. uriparser: v0.9.9 compiler: Visual Studio 2022 x64 #include <uriparser/Uri.h> int main() { UriUriA uriParse_; U...