An attacker who submits a crafted tar file with size in header struct being 0 may be able to trigger an calling of malloc(0) for a variable gnu_longlink, causing an out-of-bounds read.Read More ...
Continue Reading
August 10, 2022
The th_read() function doesnt free a variable t->th_buf.gnu_longlink after allocating memory, which may cause a memory leak.Read More ...
Continue Reading
August 10, 2022
Execution unit scheduler contention may lead to a side channel vulnerability found on AMD CPU microarchitectures codenamed Zen 1, Zen 2 and Zen 3 that use simultaneous multithreading (SMT) ...
Continue Reading
August 10, 2022
WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 adm.cgi has no filtering on parameters: ppp_username, ppp_passwd, rwan_gateway, rwan_mask and rwan_ip, which leads to command injection in page /wa ...
Continue Reading
August 10, 2022
WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 firewall.cgi has no filtering on parameter del_mac and parameter flag, which leads to command injection in page /cli_black_list.shtml.Read More ...
Continue Reading
August 10, 2022
WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 adm.cgi has no filtering on parameter led_switch, which leads to command injection in page /ledonoff.shtml.Read More ...
Continue Reading
August 10, 2022
WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 login.cgi has no filtering on parameter key, which leads to command injection in page /login.shtml.Read More ...
Continue Reading
August 10, 2022
WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 qos.cgi has no filtering on parameters: cli_list and cli_num, which leads to command injection in page /qos.shtml.Read More ...
Continue Reading
August 10, 2022
Back to Main
