In tbd of tbd, there is a possible memory corruption due to a race condition. This could lead to local escalation of privilege with System…

vantage6 is privacy preserving federated learning infrastructure. Versions prior to 4.0.0 use pickle, which has known security issue, as a default serialization module but that…

Two heap-based buffer overflow vulnerabilities exist in the gwcfg_cgi_set_manage_post_data functionality of Yifan YF325 v1.0_20221108. A specially crafted network request can lead to a heap buffer…

Two heap-based buffer overflow vulnerabilities exist in the gwcfg_cgi_set_manage_post_data functionality of Yifan YF325 v1.0_20221108. A specially crafted network request can lead to a heap buffer…

A leftover debug code vulnerability exists in the httpd debug credentials functionality of Yifan YF325 v1.0_20221108. A specially crafted network request can lead to authentication…

A stack-based buffer overflow vulnerability exists in the httpd gwcfg.cgi get functionality of Yifan YF325 v1.0_20221108. A specially crafted network packet can lead to command…

A stored cross-site scripting (XSS) vulnerability exists in the upload_brand.cgi functionality of peplink Surf SOHO HW1 v6.3.5 (in QEMU). A specially crafted HTTP request can…

An OS command injection vulnerability exists in the data.cgi xfer_dns functionality of peplink Surf SOHO HW1 v6.3.5 (in QEMU). A specially crafted HTTP request can…

A stack-based buffer overflow vulnerability exists in the libutils.so nvram_restore functionality of Yifan YF325 v1.0_20221108. A specially crafted network request can lead to a buffer…