Security Vulnerabilities
FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the host_ip parameter in the web_snmp_notifyv3_add_post function.
CVSS Score
9.8
EPSS Score
0.001
Published
2025-05-20
FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the ruleNamekey parameter in the web_acl_mgmt_Rules_Apply_post function.
CVSS Score
9.8
EPSS Score
0.001
Published
2025-05-20
A command injection vulnerability in the component /cgi-bin/qos.cgi of Wavlink WL-WN579A3 v1.0 allows attackers to execute arbitrary commands via a crafted input.
CVSS Score
9.8
EPSS Score
0.01
Published
2025-05-20
FW-WGS-804HPT v1.305b241111 was discovered to contain a stack overflow via the web_sys_infoContact_post function.
CVSS Score
9.8
EPSS Score
0.001
Published
2025-05-20
In JetBrains TeamCity before 2025.03.2 stored XSS via GitHub Checks Webhook was possible
CVSS Score
4.8
EPSS Score
0.0
Published
2025-05-20
In JetBrains TeamCity before 2025.03.2 stored XSS via YouTrack integration was possible
CVSS Score
4.8
EPSS Score
0.0
Published
2025-05-20
In JetBrains TeamCity before 2025.03.2 stored XSS via Jira integration was possible
CVSS Score
4.8
EPSS Score
0.0
Published
2025-05-20
In JetBrains TeamCity before 2025.03.2 open redirect was possible on editing VCS Root page
CVSS Score
4.3
EPSS Score
0.0
Published
2025-05-20
D-link DI-8100 16.07.26A1 is vulnerable to Command Injection. An attacker can exploit this vulnerability by crafting specific HTTP requests, triggering the command execution flaw and gaining the highest privilege shell access to the firmware system.
CVSS Score
9.8
EPSS Score
0.001
Published
2025-05-20
TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a buffer overflow via the interfacenameds parameter in the formDhcpv6s interface.
CVSS Score
6.5
EPSS Score
0.001
Published
2025-05-20