Total
286780 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-2352 | 2025-03-17 | 2.4 Low | ||
| A vulnerability, which was classified as problematic, has been found in StarSea99 starsea-mall 1.0. This issue affects some unknown processing of the file /admin/indexConfigs/save of the component Backend. The manipulation of the argument categoryName leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. This product does not use versioning. This is why information about affected and unaffected releases are unavailable. Other parameters might be affected as well. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-32283 | 1 Tenda | 2 Fh1203, Fh1203 Firmware | 2025-03-17 | 7.3 High |
| Tenda FH1203 V2.0.1.6 firmware has a command injection vulnerablility in formexeCommand function via the cmdinput parameter. | ||||
| CVE-2024-32311 | 1 Tenda | 2 Fh1203, Fh1203 Firmware | 2025-03-17 | 6.5 Medium |
| Tenda FH1203 v2.0.1.6 firmware has a stack overflow vulnerability via the adslPwd parameter in the formWanParameterSetting function. | ||||
| CVE-2024-32299 | 1 Tenda | 2 Fh1203, Fh1203 Firmware | 2025-03-17 | 8.8 High |
| Tenda FH1203 v2.0.1.6 firmware has a stack overflow vulnerability via the PPW parameter in the fromWizardHandle function. | ||||
| CVE-2024-57578 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2025-03-17 | 5.7 Medium |
| Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the funcpara1 parameter in the formSetCfm function. | ||||
| CVE-2025-2353 | 2025-03-17 | 7.3 High | ||
| A vulnerability, which was classified as critical, was found in VAM Virtual Airlines Manager up to 2.6.2. Affected is an unknown function of the file /vam/index.php of the component HTTP GET Parameter Handler. The manipulation of the argument ID/registry_id/plane_icao leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-57577 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2025-03-17 | 5.7 Medium |
| Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the speed_dir parameter in the formSetSpeedWan function. | ||||
| CVE-2025-2354 | 2025-03-17 | 4.3 Medium | ||
| A vulnerability has been found in VAM Virtual Airlines Manager 2.6.2 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /vam/index.php. The manipulation of the argument registry_id/plane_icao/hub_id leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-34974 | 1 Tenda | 2 Ac18, Ac18 Firmware | 2025-03-17 | 8.2 High |
| Tenda AC18 v15.03.05.19 is vulnerable to Buffer Overflow in the formSetPPTPServer function via the endIp parameter. | ||||
| CVE-2024-32314 | 1 Tenda | 2 Ac500, Ac500 Firmware | 2025-03-17 | 3.8 Low |
| Tenda AC500 V2.0.1.9(1307) firmware contains a command injection vulnerablility in the formexeCommand function via the cmdinput parameter. | ||||
| CVE-2024-32316 | 1 Tenda | 2 Ac500, Ac500 Firmware | 2025-03-17 | 6.5 Medium |
| Tenda AC500 V2.0.1.9(1307) firmware has a stack overflow vulnerability in the fromDhcpListClient function. | ||||
| CVE-2024-32318 | 1 Tenda | 2 Ac500, Ac500 Firmware | 2025-03-17 | 9.8 Critical |
| Tenda AC500 V2.0.1.9(1307) firmware has a stack overflow vulnerability via the vlan parameter in the formSetVlanInfo function. | ||||
| CVE-2024-32320 | 1 Tenda | 2 Ac500, Ac500 Firmware | 2025-03-17 | 5.9 Medium |
| Tenda AC500 V2.0.1.9(1307) firmware has a stack overflow vulnerability via the timeZone parameter in the formSetTimeZone function. | ||||
| CVE-2025-2360 | 2025-03-17 | 7.3 High | ||
| A vulnerability classified as critical was found in D-Link DIR-823G 1.0.2B05_20181207. Affected by this vulnerability is the function SetUpnpSettings of the file /HNAP1/ of the component UPnP Service. The manipulation of the argument SOAPAction leads to improper authorization. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This vulnerability only affects products that are no longer supported by the maintainer. | ||||
| CVE-2024-33215 | 1 Tenda | 2 Fh1206, Fh1206 Firmware | 2025-03-17 | 9.8 Critical |
| Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based buffer overflow vulnerability via the mitInterface parameter in ip/goform/addressNat. | ||||
| CVE-2024-33214 | 1 Tenda | 2 Fh1206, Fh1206 Firmware | 2025-03-17 | 7.5 High |
| Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based buffer overflow vulnerability via the entrys parameter in ip/goform/RouteStatic. | ||||
| CVE-2025-2364 | 2025-03-17 | 3.5 Low | ||
| A vulnerability classified as problematic was found in lenve VBlog up to 1.0.0. Affected by this vulnerability is the function addNewArticle of the file blogserver/src/main/java/org/sang/service/ArticleService.java. The manipulation of the argument mdContent/htmlContent leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2024-33212 | 1 Tenda | 2 Fh1206, Fh1206 Firmware | 2025-03-17 | 8.8 High |
| Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based buffer overflow vulnerability via the funcpara1 parameter in ip/goform/setcfm. | ||||
| CVE-2024-33211 | 1 Tenda | 2 Fh1206, Fh1206 Firmware | 2025-03-17 | 7.3 High |
| Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based buffer overflow vulnerability via the PPPOEPassword parameter in ip/goform/QuickIndex. | ||||
| CVE-2024-33213 | 1 Tenda | 2 Fh1206, Fh1206 Firmware | 2025-03-17 | 6.5 Medium |
| Tenda FH1206 V1.2.0.8(8155)_EN was discovered to contain a stack-based buffer overflow vulnerability via the mitInterface parameter in ip/goform/RouteStatic. | ||||