Search
Search Results (344019 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-12864 | 1 Youdao | 1 Qanything | 2025-08-01 | N/A |
| A Denial of Service (DoS) vulnerability was discovered in the file upload feature of netease-youdao/qanything version v2.0.0. The vulnerability is due to improper handling of form-data with a large filename in the file upload request. An attacker can exploit this vulnerability by sending a large filename, causing the server to become overwhelmed and unavailable for legitimate users. This attack does not require authentication, making it highly scalable and increasing the risk of exploitation. | ||||
| CVE-2025-54847 | 2025-08-01 | N/A | ||
| Not used | ||||
| CVE-2025-54846 | 2025-08-01 | N/A | ||
| Not used | ||||
| CVE-2025-54845 | 2025-08-01 | N/A | ||
| Not used | ||||
| CVE-2025-54844 | 2025-08-01 | N/A | ||
| Not used | ||||
| CVE-2025-54843 | 2025-08-01 | N/A | ||
| Not used | ||||
| CVE-2025-54842 | 2025-08-01 | N/A | ||
| Not used | ||||
| CVE-2025-54841 | 2025-08-01 | N/A | ||
| Not used | ||||
| CVE-2025-54840 | 2025-08-01 | N/A | ||
| Not used | ||||
| CVE-2025-54839 | 2025-08-01 | N/A | ||
| Not used | ||||
| CVE-2025-54657 | 2025-08-01 | N/A | ||
| Not used | ||||
| CVE-2025-29360 | 1 Tenda | 2 Rx3, Rx3 Firmware | 2025-08-01 | 7.5 High |
| Tenda RX3 US_RX3V1.0br_V16.03.13.11_multi_TDE01 is vulnerable to Buffer Overflow via the time and timeZone parameters at /goform/SetSysTimeCfg. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted packet. | ||||
| CVE-2025-29359 | 1 Tenda | 2 Rx3, Rx3 Firmware | 2025-08-01 | 7.5 High |
| Tenda RX3 US_RX3V1.0br_V16.03.13.11_multi_TDE01 is vulnerable to Buffer Overflow via the deviceId parameter at /goform/saveParentControlInfo. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted packet. | ||||
| CVE-2025-29358 | 1 Tenda | 2 Rx3, Rx3 Firmware | 2025-08-01 | 7.5 High |
| Tenda RX3 US_RX3V1.0br_V16.03.13.11_multi_TDE01 is vulnerable to Buffer Overflow via the firewallEn parameter at /goform/SetFirewallCfg. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted packet. | ||||
| CVE-2025-29357 | 1 Tenda | 2 Rx3, Rx3 Firmware | 2025-08-01 | 7.5 High |
| Tenda RX3 US_RX3V1.0br_V16.03.13.11_multi_TDE01 is vulnerable to Buffer Overflow via the startIp and endIp parameters at /goform/SetPptpServerCfg. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted packet. | ||||
| CVE-2025-48206 | 1 Nitsantech | 1 Ns-backup | 2025-08-01 | 6.1 Medium |
| The ns_backup extension through 13.0.0 for TYPO3 allows XSS. | ||||
| CVE-2023-31746 | 1 Adslr | 2 Vw2100, Vw2100 Firmware | 2025-08-01 | 9.8 Critical |
| There is a command injection vulnerability in the adslr VW2100 router with firmware version M1DV1.0. An unauthenticated attacker can exploit the vulnerability to execute system commands as the root user. | ||||
| CVE-2023-37847 | 1 Xxyopen | 1 Novel-plus | 2025-08-01 | 9.8 Critical |
| novel-plus v3.6.2 was discovered to contain a SQL injection vulnerability. | ||||
| CVE-2024-1251 | 1 Tongda2000 | 1 Office Anywhere | 2025-08-01 | 5.5 Medium |
| A vulnerability classified as critical has been found in Tongda OA 2017 up to 11.10. Affected is an unknown function of the file /general/email/outbox/delete.php. The manipulation of the argument DELETE_STR leads to sql injection. The exploit has been disclosed to the public and may be used. VDB-252990 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||
| CVE-2023-7021 | 1 Tongda2000 | 1 Office Anywhere | 2025-08-01 | 6.3 Medium |
| A vulnerability was found in Tongda OA 2017 up to 11.9. It has been classified as critical. Affected is an unknown function of the file general/vehicle/checkup/delete_search.php. The manipulation of the argument VU_ID leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 11.10 is able to address this issue. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-248568. NOTE: The vendor was contacted early about this disclosure but did not respond in any way. | ||||