9.8
CVE-2025-50756 -
Wavlink WN535K3 20191010 was found to contain a command injection vulnerability in the set_sys_adm function via the newpass parameter. This vulnerability allows attackers to execute arbitrary commands via a crafted request.
5.1
CVE-2025-7553 - D-Link DIR-818LW System Time Page os command injection
A vulnerability classified as critical has been found in D-Link DIR-818LW up to 20191215. This affects an unknown part of the component System Time Page. The manipulation of the argument NTP Server leads to os command injection. It is possible to initiate the attack remotely. The exploit has been dβ¦
7
CVE-2025-1384 - Least Privilege Violation Vulnerability in the communications functions of NJ/NX-series Machine Autβ¦
Least Privilege Violation (CWE-272) Vulnerability exists in the communication function between the NJ/NX-series Machine Automation Controllers and the Sysmac Studio Software. An attacker may use this vulnerability to perform unauthorized access and to execute unauthorized code remotely to the contrβ¦
5.3
CVE-2025-7552 - Dromara Northstar Path AuthorizationInterceptor.java preHandle access control
A vulnerability was found in Dromara Northstar up to 7.3.5. It has been rated as critical. Affected by this issue is the function preHandle of the file northstar-main/src/main/java/org/dromara/northstar/web/interceptor/AuthorizationInterceptor.java of the component Path Handler. The manipulation ofβ¦
8.7
CVE-2025-7551 - Tenda FH1201 PPTPDClient fromPptpUserAdd stack-based overflow
A vulnerability was found in Tenda FH1201 1.2.0.14(408). It has been declared as critical. Affected by this vulnerability is the function fromPptpUserAdd of the file /goform/PPTPDClient. The manipulation of the argument modino/username leads to stack-based buffer overflow. The attack can be launcheβ¦
8.7
CVE-2025-7550 - Tenda FH1201 GstDhcpSetSer fromGstDhcpSetSer stack-based overflow
A vulnerability was found in Tenda FH1201 1.2.0.14(408). It has been classified as critical. Affected is the function fromGstDhcpSetSer of the file /goform/GstDhcpSetSer. The manipulation of the argument dips leads to stack-based buffer overflow. It is possible to launch the attack remotely. The exβ¦
8.7
CVE-2025-7549 - Tenda FH1201 L7Prot frmL7ProtForm stack-based overflow
A vulnerability was found in Tenda FH1201 1.2.0.14(408) and classified as critical. This issue affects the function frmL7ProtForm of the file /goform/L7Prot. The manipulation of the argument page leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been discloβ¦
8.7
CVE-2025-7548 - Tenda FH1201 SafeEmailFilter formSafeEmailFilter stack-based overflow
A vulnerability has been found in Tenda FH1201 1.2.0.14(408) and classified as critical. This vulnerability affects the function formSafeEmailFilter of the file /goform/SafeEmailFilter. The manipulation of the argument page leads to stack-based buffer overflow. The attack can be initiated remotely.β¦
3.7
CVE-2025-1220 - Null byte termination in hostnames
In PHP versions:8.1.* before 8.1.33, 8.2.* before 8.2.29, 8.3.* before 8.3.23, 8.4.* before 8.4.10 some functions like fsockopen() lack validation that the hostname supplied does not contain null characters. This may lead to other functions like parse_url() treat the hostname in different way, thusβ¦
6.9
CVE-2025-7547 - Campcodes Online Movie Theater Seat Reservation System admin_class.php save_movie unrestricted uploβ¦
A vulnerability, which was classified as critical, was found in Campcodes Online Movie Theater Seat Reservation System 1.0. This affects the function save_movie of the file /admin/admin_class.php. The manipulation of the argument cover leads to unrestricted upload. It is possible to initiate the atβ¦