xubeining/Cve_report

Releases0

Stars1

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2025-5685 ↗	Jun 5, 2025Thursday, 5 June 2025, 20:15	8.8 HIGH	9 HIGH
A vulnerability, which was classified as critical, was found in Tenda CH22 1.0.0.1. This affects the function formNatlimit of the file /goform/Natlimit. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-5619 ↗	Jun 4, 2025Wednesday, 4 June 2025, 23:15	8.8 HIGH	9 HIGH
A vulnerability, which was classified as critical, has been found in Tenda CH22 1.0.0.1. This issue affects the function formaddUserName of the file /goform/addUserName. The manipulation of the argument Password leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-5228 ↗	May 27, 2025Tuesday, 27 May 2025, 04:15	8.8 HIGH	8.3 HIGH
A vulnerability was found in D-Link DI-8100 up to 20250523. It has been classified as critical. Affected is the function httpd_get_parm of the file /login.cgi of the component jhttpd. The manipulation of the argument notify leads to stack-based buffer overflow. The attack can only be initiated within the local network. The exploit has been disclosed to the public and may be used.
CVE-2025-5080 ↗	May 22, 2025Thursday, 22 May 2025, 15:16	8.8 HIGH	9 HIGH
A vulnerability classified as critical has been found in Tenda FH451 1.0.0.9. Affected is the function webExcptypemanFilter of the file /goform/webExcptypemanFilter. The manipulation of the argument page leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-4867 ↗	May 18, 2025Sunday, 18 May 2025, 09:15	6.5 MEDIUM	6.8 MEDIUM
A vulnerability was found in Tenda A15 15.13.07.13. It has been declared as problematic. Affected by this vulnerability is the function formArpNerworkSet of the file /goform/ArpNerworkSet. The manipulation leads to denial of service. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.
CVE-2025-44175 ↗	May 12, 2025Monday, 12 May 2025, 18:15	5.4 MEDIUM	—
Tenda AC10 v4 V16.03.10.13 is vulnerable to Buffer Overflow in the GetParentControlInfo function.
CVE-2025-44176 ↗	May 12, 2025Monday, 12 May 2025, 18:15	6.5 MEDIUM	—
Tenda FH451 V1.0.0.9 is vulnerable to Remote Code Execution in the formSafeEmailFilter function.
CVE-2024-52675 ↗	Nov 19, 2024Tuesday, 19 November 2024, 13:15	9.8 CRITICAL	—
SourceCodester Sentiment Based Movie Rating System 1.0 is vulnerable to SQL Injection in /msrps/movies.php.