Aggregator

A vulnerability was found in PyTorch 2.6.0. It has been rated as critical. Affected by this issue is the function torch.nn.utils.rnn.unpack_sequence. The manipulation leads to memory corruption. This vulnerability is handled as CVE-2025-2999. Attacking locally is a requirement. Furthermore, there is an exploit available.

A vulnerability was found in PyTorch 2.6.0. It has been declared as critical. Affected by this vulnerability is the function torch.nn.utils.rnn.pad_packed_sequence. The manipulation leads to memory corruption. This vulnerability is known as CVE-2025-2998. Local access is required to approach this attack. Furthermore, there is an exploit available.

Submit #524225 / VDB-302051

Submit #524212 / VDB-302050

Submit #524197 / VDB-302049

Submit #524198 / VDB-302048

Submit #524151 / VDB-302047

A vulnerability was found in zhangyanbo2007 youkefu 4.2.0. It has been classified as critical. Affected is an unknown function of the file /res/url. The manipulation of the argument url leads to server-side request forgery. This vulnerability is traded as CVE-2025-2997. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

Submit #524009 / VDB-302046

A vulnerability was found in Tenda FH1202 1.2.0.14(408) and classified as critical. This issue affects some unknown processing of the file /goform/SysToolDDNS of the component Web Management Interface. The manipulation leads to improper access controls. The identification of this vulnerability is CVE-2025-2996. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability has been found in Tenda FH1202 1.2.0.14(408) and classified as critical. This vulnerability affects unknown code of the file /goform/SysToolChangePwd of the component Web Management Interface. The manipulation leads to improper access controls. This vulnerability was named CVE-2025-2995. The attack can be initiated remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, was found in Tenda FH1202 1.2.0.14(408). This affects an unknown part of the file /goform/qossetting of the component Web Management Interface. The manipulation leads to improper access controls. This vulnerability is uniquely identified as CVE-2025-2994. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as critical, has been found in Tenda FH1202 1.2.0.14(408). Affected by this issue is some unknown functionality of the file /default.cfg. The manipulation of the argument these leads to improper access controls. This vulnerability is handled as CVE-2025-2993. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to apply restrictive firewalling.

A vulnerability classified as critical was found in Tenda FH1202 1.2.0.14(408). Affected by this vulnerability is an unknown functionality of the file /goform/AdvSetWrlsafeset of the component Web Management Interface. The manipulation leads to improper access controls. This vulnerability is known as CVE-2025-2992. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability classified as critical has been found in Tenda FH1202 1.2.0.14(408). Affected is an unknown function of the file /goform/AdvSetWrlmacfilter of the component Web Management Interface. The manipulation leads to improper access controls. This vulnerability is traded as CVE-2025-2991. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

A vulnerability was found in Tenda FH1202 1.2.0.14(408). It has been rated as critical. This issue affects some unknown processing of the file /goform/AdvSetWrlGstset of the component Web Management Interface. The manipulation leads to improper access controls. The identification of this vulnerability is CVE-2025-2990. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability was found in Tenda FH1202 1.2.0.14(408). It has been declared as critical. This vulnerability affects unknown code of the file /goform/AdvSetWrl of the component Web Management Interface. The manipulation leads to improper access controls. This vulnerability was named CVE-2025-2989. The attack can be initiated remotely. Furthermore, there is an exploit available.

Submit #523405 / VDB-237958

Submit #523419 / VDB-302045

Submit #523418 / VDB-302044