π¨ CVE-2023-36377
Buffer Overflow vulnerability in mtrojnar osslsigncode v.2.3 and before allows a local attacker to execute arbitrary code via a crafted .exe, .sys, and .dll files.
π@cveNotify
Buffer Overflow vulnerability in mtrojnar osslsigncode v.2.3 and before allows a local attacker to execute arbitrary code via a crafted .exe, .sys, and .dll files.
π@cveNotify
GitHub
Comparing 2.2...2.3 Β· mtrojnar/osslsigncode
OpenSSL-based Authenticode signing for PE, CAB, CAT, MSI, APPX, and script file - Comparing 2.2...2.3 Β· mtrojnar/osslsigncode
π¨ CVE-2025-15232
A vulnerability was identified in Tenda M3 1.0.0.13(4903). This vulnerability affects the function formSetAdPushInfo of the file /goform/setAdPushInfo. The manipulation of the argument mac/terminal leads to stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit is publicly available and might be used.
π@cveNotify
A vulnerability was identified in Tenda M3 1.0.0.13(4903). This vulnerability affects the function formSetAdPushInfo of the file /goform/setAdPushInfo. The manipulation of the argument mac/terminal leads to stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit is publicly available and might be used.
π@cveNotify
GitHub
CVEs/Tenda/setAdPushInfo.md at main Β· dwBruijn/CVEs
My most recent CVEs. Contribute to dwBruijn/CVEs development by creating an account on GitHub.
π¨ CVE-2025-15233
A security flaw has been discovered in Tenda M3 1.0.0.13(4903). This issue affects the function formSetAdInfoDetails of the file /goform/setAdInfoDetail. The manipulation of the argument adName/smsPassword/smsAccount/weixinAccount/weixinName/smsSignature/adRedirectUrl/adCopyRight/smsContent/adItemUID results in heap-based buffer overflow. The attack may be performed from remote. The exploit has been released to the public and may be exploited.
π@cveNotify
A security flaw has been discovered in Tenda M3 1.0.0.13(4903). This issue affects the function formSetAdInfoDetails of the file /goform/setAdInfoDetail. The manipulation of the argument adName/smsPassword/smsAccount/weixinAccount/weixinName/smsSignature/adRedirectUrl/adCopyRight/smsContent/adItemUID results in heap-based buffer overflow. The attack may be performed from remote. The exploit has been released to the public and may be exploited.
π@cveNotify
GitHub
CVEs/Tenda/setAdInfoDetail.md at main Β· dwBruijn/CVEs
My most recent CVEs. Contribute to dwBruijn/CVEs development by creating an account on GitHub.
π¨ CVE-2025-15355
ISOinsight developed by NetVision Information has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript codes in user's browser through phishing attacks.
π@cveNotify
ISOinsight developed by NetVision Information has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript codes in user's browser through phishing attacks.
π@cveNotify
π¨ CVE-2025-15103
DVP-12SE11T - Authentication Bypass via Partial Password Disclosure
π@cveNotify
DVP-12SE11T - Authentication Bypass via Partial Password Disclosure
π@cveNotify
π¨ CVE-2025-15234
A weakness has been identified in Tenda M3 1.0.0.13(4903). Impacted is the function formSetRemoteInternetLanInfo of the file /goform/setInternetLanInfo. This manipulation of the argument portIp/portMask/portGateWay/portDns/portSecDns causes heap-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be exploited.
π@cveNotify
A weakness has been identified in Tenda M3 1.0.0.13(4903). Impacted is the function formSetRemoteInternetLanInfo of the file /goform/setInternetLanInfo. This manipulation of the argument portIp/portMask/portGateWay/portDns/portSecDns causes heap-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been made available to the public and could be exploited.
π@cveNotify
GitHub
CVEs/Tenda/setRemoteInternetLanInfo.md at main Β· dwBruijn/CVEs
My most recent CVEs. Contribute to dwBruijn/CVEs development by creating an account on GitHub.
π¨ CVE-2025-15241
A security vulnerability has been detected in CloudPanel Community Edition up to 2.5.1. The affected element is an unknown function of the file /admin/users of the component HTTP Header Handler. Such manipulation of the argument Referer leads to open redirect. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used. Upgrading to version 2.5.2 is sufficient to fix this issue. Upgrading the affected component is recommended.
π@cveNotify
A security vulnerability has been detected in CloudPanel Community Edition up to 2.5.1. The affected element is an unknown function of the file /admin/users of the component HTTP Header Handler. Such manipulation of the argument Referer leads to open redirect. It is possible to launch the attack remotely. The exploit has been disclosed publicly and may be used. Upgrading to version 2.5.2 is sufficient to fix this issue. Upgrading the affected component is recommended.
π@cveNotify
GitHub
GitHub - Stolichnayer/cloudpanel-open-redirect: CloudPanel CE β€ v2.5.1 contains an Open Redirect vulnerability in the /admin/usersβ¦
CloudPanel CE β€ v2.5.1 contains an Open Redirect vulnerability in the /admin/users endpoint due to improper validation of the Referer header. - Stolichnayer/cloudpanel-open-redirect
π¨ CVE-2025-15242
A vulnerability was detected in PHPEMS up to 11.0. The impacted element is an unknown function of the component Coupon Handler. Performing manipulation results in race condition. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitability is regarded as difficult. The exploit is now public and may be used.
π@cveNotify
A vulnerability was detected in PHPEMS up to 11.0. The impacted element is an unknown function of the component Coupon Handler. Performing manipulation results in race condition. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitability is regarded as difficult. The exploit is now public and may be used.
π@cveNotify
Byebyedoggy
1229 PHPEMS Coupon Recharge Race Condition Poc
Vulnerability Information\rItem Details Vulnerability Name PHPEMS Coupon Recharge Race Condition Vulnerability Affected Versions PHPEMS 11.0 and earlier Type Logic Flaw Severity Medium Reproduction Environment\rTest Site: Local deployment Source Code Setup:β¦
π¨ CVE-2025-15243
A flaw has been found in code-projects Simple Stock System 1.0. This affects an unknown function of the file /market/login.php. Executing manipulation of the argument Username can lead to sql injection. The attack can be launched remotely. The exploit has been published and may be used.
π@cveNotify
A flaw has been found in code-projects Simple Stock System 1.0. This affects an unknown function of the file /market/login.php. Executing manipulation of the argument Username can lead to sql injection. The attack can be launched remotely. The exploit has been published and may be used.
π@cveNotify
π¨ CVE-2025-15244
A vulnerability has been found in PHPEMS up to 11.0. This impacts an unknown function of the component Purchase Request Handler. The manipulation leads to race condition. The attack may be initiated remotely. A high degree of complexity is needed for the attack. The exploitability is said to be difficult. The exploit has been disclosed to the public and may be used.
π@cveNotify
A vulnerability has been found in PHPEMS up to 11.0. This impacts an unknown function of the component Purchase Request Handler. The manipulation leads to race condition. The attack may be initiated remotely. A high degree of complexity is needed for the attack. The exploitability is said to be difficult. The exploit has been disclosed to the public and may be used.
π@cveNotify
Byebyedoggy
1229 PHPEMS Points Race Condition POC
Vulnerability Information\rItem Details Vulnerability Name PHPEMS Points Concurrent Usage Race Condition Vulnerability Affected Versions PHPEMS 11.0 and earlier Type Logic Flaw Severity Medium Reproduction Environment\rTest Site: Local deployment Source Codeβ¦
π¨ CVE-2025-15245
A vulnerability was found in D-Link DCS-850L 1.02.09. Affected is the function uploadfirmware of the component Firmware Update Service. The manipulation of the argument DownloadFile results in path traversal. The attack must originate from the local network. The exploit has been made public and could be used. This vulnerability only affects products that are no longer supported by the maintainer.
π@cveNotify
A vulnerability was found in D-Link DCS-850L 1.02.09. Affected is the function uploadfirmware of the component Firmware Update Service. The manipulation of the argument DownloadFile results in path traversal. The attack must originate from the local network. The exploit has been made public and could be used. This vulnerability only affects products that are no longer supported by the maintainer.
π@cveNotify
tzh00203 on Notion
D-Link DCS850L v1.02.09 Path Traversal Vulnerability in Firmware Update | Notion
Vulnerability Title: Path Traversal and Command Injection Vulnerabilities in Firmware Upload Service of D-Link DCS-850L v1.02.09
π₯1
π¨ CVE-2022-50784
In the Linux kernel, the following vulnerability has been resolved:
wifi: iwlwifi: mei: fix potential NULL-ptr deref after clone
If cloning the SKB fails, don't try to use it, but rather return
as if we should pass it.
Coverity CID: 1503456
π@cveNotify
In the Linux kernel, the following vulnerability has been resolved:
wifi: iwlwifi: mei: fix potential NULL-ptr deref after clone
If cloning the SKB fails, don't try to use it, but rather return
as if we should pass it.
Coverity CID: 1503456
π@cveNotify
π¨ CVE-2022-50785
In the Linux kernel, the following vulnerability has been resolved:
fsi: occ: Prevent use after free
Use get_device and put_device in the open and close functions to
make sure the device doesn't get freed while a file descriptor is
open.
Also, lock around the freeing of the device buffer and check the
buffer before using it in the submit function.
π@cveNotify
In the Linux kernel, the following vulnerability has been resolved:
fsi: occ: Prevent use after free
Use get_device and put_device in the open and close functions to
make sure the device doesn't get freed while a file descriptor is
open.
Also, lock around the freeing of the device buffer and check the
buffer before using it in the submit function.
π@cveNotify
π¨ CVE-2022-50786
In the Linux kernel, the following vulnerability has been resolved:
media: s5p-mfc: Clear workbit to handle error condition
During error on CLOSE_INSTANCE command, ctx_work_bits was not getting
cleared. During consequent mfc execution NULL pointer dereferencing of
this context led to kernel panic. This patch fixes this issue by making
sure to clear ctx_work_bits always.
π@cveNotify
In the Linux kernel, the following vulnerability has been resolved:
media: s5p-mfc: Clear workbit to handle error condition
During error on CLOSE_INSTANCE command, ctx_work_bits was not getting
cleared. During consequent mfc execution NULL pointer dereferencing of
this context led to kernel panic. This patch fixes this issue by making
sure to clear ctx_work_bits always.
π@cveNotify
π¨ CVE-2023-54162
In the Linux kernel, the following vulnerability has been resolved:
ksmbd: fix possible memory leak in smb2_lock()
argv needs to be free when setup_async_work fails or when the current
process is woken up.
π@cveNotify
In the Linux kernel, the following vulnerability has been resolved:
ksmbd: fix possible memory leak in smb2_lock()
argv needs to be free when setup_async_work fails or when the current
process is woken up.
π@cveNotify
π¨ CVE-2025-14509
The Lucky Wheel for WooCommerce β Spin a Sale plugin for WordPress is vulnerable to PHP Code Injection in all versions up to, and including, 1.1.13. This is due to the plugin using eval() to execute user-supplied input from the 'Conditional Tags' setting without proper validation or sanitization. This makes it possible for authenticated attackers, with Administrator-level access and above, to execute arbitrary PHP code on the server. In WordPress multisite installations, this allows Site Administrators to execute arbitrary code, a capability they should not have since plugin/theme file editing is disabled for non-Super Admins in multisite environments.
π@cveNotify
The Lucky Wheel for WooCommerce β Spin a Sale plugin for WordPress is vulnerable to PHP Code Injection in all versions up to, and including, 1.1.13. This is due to the plugin using eval() to execute user-supplied input from the 'Conditional Tags' setting without proper validation or sanitization. This makes it possible for authenticated attackers, with Administrator-level access and above, to execute arbitrary PHP code on the server. In WordPress multisite installations, this allows Site Administrators to execute arbitrary code, a capability they should not have since plugin/theme file editing is disabled for non-Super Admins in multisite environments.
π@cveNotify
π¨ CVE-2025-15246
A vulnerability was determined in aizuda snail-job up to 1.7.0 on macOS. Affected by this vulnerability is the function FurySerializer.deserialize of the component API. This manipulation of the argument argsStr causes deserialization. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized.
π@cveNotify
A vulnerability was determined in aizuda snail-job up to 1.7.0 on macOS. Affected by this vulnerability is the function FurySerializer.deserialize of the component API. This manipulation of the argument argsStr causes deserialization. Remote exploitation of the attack is possible. The exploit has been publicly disclosed and may be utilized.
π@cveNotify
Gitee
aizuda/easy-retry.git: π₯π₯π₯ η΅ζ΄»οΌε―ι εεΏ«ιηεεΈεΌδ»»ε‘ιθ―εεεΈεΌδ»»ε‘θ°εΊ¦εΉ³ε°
π₯1
π¨ CVE-2024-1432
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in DeepFaceLab pretrained DF.wf.288res.384.92.72.22 and classified as problematic. This issue affects the function apply_xseg of the file main.py. The manipulation leads to deserialization. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-253391. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
π@cveNotify
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in DeepFaceLab pretrained DF.wf.288res.384.92.72.22 and classified as problematic. This issue affects the function apply_xseg of the file main.py. The manipulation leads to deserialization. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-253391. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
π@cveNotify