Submit #564723: Tenda AC7 15.03.06.44 stack-based buffer overflow [Duplicate]
Submit #564723 / VDB-238335
Aggregator
CVE-2025-4353 | Golden Link Secondary System up to 20250424 queryTsDictionaryType.htm dictCn1 sql injection
9 months 1 week ago
A vulnerability, which was classified as critical, was found in Golden Link Secondary System up to 20250424. Affected is an unknown function of the file /paraframework/queryTsDictionaryType.htm. The manipulation of the argument dictCn1 leads to sql injection.
This vulnerability is traded as CVE-2025-4353. It is possible to launch the attack remotely. Furthermore, there is an exploit available.
vuldb.com
CVE-2025-4352 | Golden Link Secondary System up to 20250424 tcEntrFlowSelect.htm custTradeId sql injection
9 months 1 week ago
A vulnerability, which was classified as critical, has been found in Golden Link Secondary System up to 20250424. This issue affects some unknown processing of the file /reprotframework/tcEntrFlowSelect.htm. The manipulation of the argument custTradeId leads to sql injection.
The identification of this vulnerability is CVE-2025-4352. The attack may be initiated remotely. Furthermore, there is an exploit available.
vuldb.com
Submit #564722: Tenda DAP-1520 1.10B04_BETA02 stack-based Buffer Overflow [Accepted]
9 months 1 week ago
Submit #564722 / VDB-307474
duojie_0x00
Submit #564720: Tenda DAP-1520 1.10B04_BETA02 heap-based Buffer Overflow [Accepted]
9 months 1 week ago
Submit #564720 / VDB-307473
duojie_0x00
Submit #564721: Tenda DAP-1520 1.10B04_BETA02 stack-based Buffer Overflow [Duplicate]
9 months 1 week ago
Submit #564721 / VDB-307472
duojie_0x00
Submit #564719: Tenda DAP-1520 1.10B04_BETA02 Stack-based Buffer Overflow [Accepted]
9 months 1 week ago
Submit #564719 / VDB-307472
duojie_0x00
Wormable AirPlay Flaws Enable Zero-Click RCE on Apple Devices via Public Wi-Fi
9 months 1 week ago
Cybersecurity researchers have disclosed a series of now-patched security vulnerabilities in Apple's AirPlay protocol that, if successfully exploited, could enable an attacker to take over susceptible devices supporting the proprietary wireless technology.
The shortcomings have been collectively codenamed AirBorne by Israeli cybersecurity company Oligo.
"These vulnerabilities can be chained by
The Hacker News
Submit #564593: 新晨科技股份有限公司 黄金通二级系统三代管理端系统 未知 Use of Java I/O [Accepted]
9 months 1 week ago
Submit #564593 / VDB-307470
MHKD
Submit #564592: 新晨科技股份有限公司 黄金通二级系统三代管理端系统 未知 Use of Java I/O [Accepted]
9 months 1 week ago
Submit #564592 / VDB-307469
MHKD
CVE-2025-4350 | D-Link DIR-600L up to 2.07B01 wake_on_lan host command injection
9 months 1 week ago
A vulnerability classified as critical was found in D-Link DIR-600L up to 2.07B01. This vulnerability affects the function wake_on_lan. The manipulation of the argument host leads to command injection. This vulnerability only affects products that are no longer supported by the maintainer.
This vulnerability was named CVE-2025-4350. The attack can be initiated remotely. There is no exploit available.
vuldb.com
CVE-2025-4349 | D-Link DIR-600L up to 2.07B01 formSysCmd host command injection
9 months 1 week ago
A vulnerability classified as critical has been found in D-Link DIR-600L up to 2.07B01. This affects the function formSysCmd. The manipulation of the argument host leads to command injection. This vulnerability only affects products that are no longer supported by the maintainer.
This vulnerability is uniquely identified as CVE-2025-4349. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com
CVE-2025-4348 | D-Link DIR-600L up to 2.07B01 formSetWanL2TP host buffer overflow
9 months 1 week ago
A vulnerability was found in D-Link DIR-600L up to 2.07B01. It has been rated as critical. Affected by this issue is the function formSetWanL2TP. The manipulation of the argument host leads to buffer overflow. This vulnerability only affects products that are no longer supported by the maintainer.
This vulnerability is handled as CVE-2025-4348. The attack may be launched remotely. There is no exploit available.
vuldb.com
CVE-2025-4347 | D-Link DIR-600L up to 2.07B01 formWlSiteSurvey host buffer overflow
9 months 1 week ago
A vulnerability was found in D-Link DIR-600L up to 2.07B01. It has been declared as critical. Affected by this vulnerability is the function formWlSiteSurvey. The manipulation of the argument host leads to buffer overflow. This vulnerability only affects products that are no longer supported by the maintainer.
This vulnerability is known as CVE-2025-4347. The attack can be launched remotely. There is no exploit available.
vuldb.com
CVE-2025-4346 | D-Link DIR-600L up to 2.07B01 formSetWAN_Wizard534 host buffer overflow
9 months 1 week ago
A vulnerability was found in D-Link DIR-600L up to 2.07B01. It has been classified as critical. Affected is the function formSetWAN_Wizard534. The manipulation of the argument host leads to buffer overflow. This vulnerability only affects products that are no longer supported by the maintainer.
This vulnerability is traded as CVE-2025-4346. It is possible to launch the attack remotely. There is no exploit available.
vuldb.com
CVE-2025-4345 | D-Link DIR-600L up to 2.07B01 formSetLog host buffer overflow
9 months 1 week ago
A vulnerability was found in D-Link DIR-600L up to 2.07B01 and classified as critical. This issue affects the function formSetLog. The manipulation of the argument host leads to buffer overflow. This vulnerability only affects products that are no longer supported by the maintainer.
The identification of this vulnerability is CVE-2025-4345. The attack may be initiated remotely. There is no exploit available.
vuldb.com
CVE-2025-4343 | D-Link DIR-600L up to 2.07B01 formEasySetupWizard host buffer overflow
9 months 1 week ago
A vulnerability has been found in D-Link DIR-600L up to 2.07B01 and classified as critical. This vulnerability affects the function formEasySetupWizard. The manipulation of the argument host leads to buffer overflow. This vulnerability only affects products that are no longer supported by the maintainer.
This vulnerability was named CVE-2025-4343. The attack can be initiated remotely. There is no exploit available.
vuldb.com
CVE-2025-4344 | D-Link DIR-600L up to 2.07B01 formLogin host buffer overflow
9 months 1 week ago
A vulnerability, which was classified as critical, was found in D-Link DIR-600L up to 2.07B01. This affects the function formLogin. The manipulation of the argument host leads to buffer overflow. This vulnerability only affects products that are no longer supported by the maintainer.
This vulnerability is uniquely identified as CVE-2025-4344. It is possible to initiate the attack remotely. There is no exploit available.
vuldb.com
CVE-2025-4342 | D-Link DIR-600L up to 2.07B01 formEasySetupWizard3 host buffer overflow
9 months 1 week ago
A vulnerability, which was classified as critical, has been found in D-Link DIR-600L up to 2.07B01. Affected by this issue is the function formEasySetupWizard3. The manipulation of the argument host leads to buffer overflow. This vulnerability only affects products that are no longer supported by the maintainer.
This vulnerability is handled as CVE-2025-4342. The attack may be launched remotely. There is no exploit available.
vuldb.com
AI-Enabled App Development Outpacing Cybersecurity Controls
9 months 1 week ago
Wiz's Ami Luttwak on Managing the 'Speed of AI' Trade-Off in Security Control
"AI is the fastest adopted technology in the history, in the enterprise," said Ami Luttwak, co-founder and chief technology officer at Wiz, explaining how AI-enabled application development has outpaced the speed at which security personnel try to attain complete visibility over stored data.
"AI is the fastest adopted technology in the history, in the enterprise," said Ami Luttwak, co-founder and chief technology officer at Wiz, explaining how AI-enabled application development has outpaced the speed at which security personnel try to attain complete visibility over stored data.