6.6
CVE-2024-45563 - Out-of-bounds Write in Camera Driver
Memory corruption while handling schedule request in Camera Request Manager(CRM) due to invalid link count in the corresponding session.
6.6
CVE-2024-45562 - Use After Free in HLOS
Memory corruption during concurrent access to server info object due to unprotected critical field.
7.8
CVE-2024-45554 - Use After Free in DSP Service
Memory corruption during concurrent SSR execution due to race condition on the global maps list.
8.7
CVE-2025-4342 - D-Link DIR-600L formEasySetupWizard3 buffer overflow
A vulnerability, which was classified as critical, has been found in D-Link DIR-600L up to 2.07B01. Affected by this issue is the function formEasySetupWizard3. The manipulation of the argument host leads to buffer overflow. The attack may be launched remotely. This vulnerability only affects produβ¦
5.3
CVE-2025-4341 - D-Link DIR-880L Request Header ssdpcgi sub_16570 command injection
A vulnerability classified as critical was found in D-Link DIR-880L up to 104WWb01. Affected by this vulnerability is the function sub_16570 of the file /htdocs/ssdpcgi of the component Request Header Handler. The manipulation of the argument HTTP_ST/REMOTE_ADDR/REMOTE_PORT/SERVER_ID leads to commaβ¦
5.4
CVE-2025-3020 - Wiesemann & Theis: Multiple W&T Products are vulnerable to cross-site-scripting
An low privileged remote Attacker can execute arbitrary web scripts or HTML via a crafted payload injected into several fields of the configuration webpage with limited impact.
5.3
CVE-2025-4340 - D-Link DIR-890L/DIR-806A1 soap.cgi sub_175C8 command injection
A vulnerability classified as critical has been found in D-Link DIR-890L and DIR-806A1 up to 100CNb11/108B03. Affected is the function sub_175C8 of the file /htdocs/soap.cgi. The manipulation leads to command injection. It is possible to launch the attack remotely. The exploit has been disclosed toβ¦
5.3
CVE-2025-4333 - feng_ha_ha/megagao ssm-erp/production_ssm FileServiceImpl.java uploadFile unrestricted upload
A vulnerability was found in feng_ha_ha/megagao ssm-erp and production_ssm up to 0.0.1. It has been classified as critical. This affects the function uploadFile of the file src/main/java/com/megagao/production/ssm/service/impl/FileServiceImpl.java. The manipulation of the argument uploadFile leads β¦
6.9
CVE-2025-4332 - PHPGurukul Company Visitor Management System visitor-detail.php sql injection
A vulnerability was found in PHPGurukul Company Visitor Management System 2.0 and classified as critical. Affected by this issue is some unknown functionality of the file /visitor-detail.php. The manipulation of the argument editid leads to sql injection. The attack may be launched remotely. The exβ¦
6.9
CVE-2025-4331 - SourceCodester Online Student Clearance System login.php sql injection
A vulnerability classified as critical was found in SourceCodester Online Student Clearance System 1.0. This vulnerability affects unknown code of the file /Admin/login.php. The manipulation of the argument username/password leads to sql injection. The attack can be initiated remotely. The exploit β¦