Security Vulnerabilities
Tenda F3 V12.01.01.48_multi and after is vulnerable to Buffer Overflow via the portList parameter in /goform/setNAT.
CVSS Score
5.6
EPSS Score
0.0
Published
2025-09-10
Tenda F3 V12.01.01.48_multi and after is vulnerable to Buffer Overflow via the QosList parameter in goform/setQoS.
CVSS Score
5.6
EPSS Score
0.0
Published
2025-09-10
Tenda F3 V12.01.01.48_multi and after is vulnerable to Buffer Overflow. via the macFilterList parameter in goform/setNAT.
CVSS Score
5.6
EPSS Score
0.0
Published
2025-09-10
Tenda F3 V12.01.01.48_multi and after is vulnerable to Buffer Overflow via the onlineList parameter in goform/setParentControl.
CVSS Score
5.6
EPSS Score
0.0
Published
2025-09-10
Tenda F3 V12.01.01.48_multi and after is vulnerable to Buffer Overflow via the wifiTimeClose parameter in goform/setWifi.
CVSS Score
5.6
EPSS Score
0.0
Published
2025-09-10
Dell PowerProtect Data Manager, version(s) 19.19 and 19.20, Hyper-V contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. A high privileged attacker with local access could potentially exploit this vulnerability, leading to Command execution.
CVSS Score
8.2
EPSS Score
0.0
Published
2025-09-10
oasys v1.1 is vulnerable to Directory Traversal in ProcedureController.
CVSS Score
5.6
EPSS Score
0.001
Published
2025-09-10
An issue was discovered in MariaDB MCP 0.1.0 allowing attackers to gain sensitive information via the SSE service as the SSE service lacks user validation.
CVSS Score
7.5
EPSS Score
0.0
Published
2025-09-10
An issue was discovered in litmusautomation litmus-mcp-server thru 0.0.1 allowing unauthorized attackers to control the target's MCP service through the SSE protocol.
CVSS Score
7.5
EPSS Score
0.0
Published
2025-09-10
OS Command injection vulnerability in function OperateSSH in 1panel 2.0.8 allowing attackers to execute arbitrary commands via the operation parameter to the /api/v2/hosts/ssh/operate endpoint.
CVSS Score
8.8
EPSS Score
0.003
Published
2025-09-10