8.7
CVE-2025-5795 - Tenda AC5 AdvSetLanip fromadvsetlanip buffer overflow
A vulnerability, which was classified as critical, was found in Tenda AC5 1.0/15.03.06.47. This affects the function fromadvsetlanip of the file /goform/AdvSetLanip. The manipulation of the argument lanMask leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has beโฆ
8.7
CVE-2025-5794 - Tenda AC5 setPptpUserList formSetPPTPUserList buffer overflow
A vulnerability, which was classified as critical, has been found in Tenda AC5 15.03.06.47. Affected by this issue is the function formSetPPTPUserList of the file /goform/setPptpUserList. The manipulation of the argument list leads to buffer overflow. The attack may be launched remotely. The exploiโฆ
8.7
CVE-2025-5793 - TOTOLINK EX1200T HTTP POST Request formPortFw buffer overflow
A vulnerability, which was classified as critical, was found in TOTOLINK EX1200T 4.1.2cu.5232_B20210713. Affected is an unknown function of the file /boafrm/formPortFw of the component HTTP POST Request Handler. The manipulation of the argument service_type leads to buffer overflow. It is possible โฆ
8.7
CVE-2025-5792 - TOTOLINK EX1200T HTTP POST Request formWlanRedirect buffer overflow
A vulnerability, which was classified as critical, has been found in TOTOLINK EX1200T 4.1.2cu.5232_B20210713. This issue affects some unknown processing of the file /boafrm/formWlanRedirect of the component HTTP POST Request Handler. The manipulation of the argument redirect-url leads to buffer oveโฆ
3.7
CVE-2025-49011 - SpiceDB checks involving relations with caveats can result in no permission when permission is expeโฆ
SpiceDB is an open source database for storing and querying fine-grained authorization data. Prior to version 1.44.2, on schemas involving arrows with caveats on the arrowโed relation, when the path to resolve a CheckPermission request involves the evaluation of multiple caveated branches, requestsโฆ
7.5
CVE-2025-47950 - CoreDNS Vulnerable to DoQ Memory Exhaustion via Stream Amplification
CoreDNS is a DNS server that chains plugins. In versions prior to 1.12.2, a Denial of Service (DoS) vulnerability exists in the CoreDNS DNS-over-QUIC (DoQ) server implementation. The server previously created a new goroutine for every incoming QUIC stream without imposing any limits on the number oโฆ
8.7
CVE-2025-5790 - TOTOLINK X15 HTTP POST Request formIpQoS buffer overflow
A vulnerability classified as critical was found in TOTOLINK X15 1.0.0-B20230714.1105. This vulnerability affects unknown code of the file /boafrm/formIpQoS of the component HTTP POST Request Handler. The manipulation of the argument mac leads to buffer overflow. The attack can be initiated remotelโฆ
8.7
CVE-2025-5789 - TOTOLINK X15 HTTP POST Request formPortFw buffer overflow
A vulnerability classified as critical has been found in TOTOLINK X15 1.0.0-B20230714.1105. This affects an unknown part of the file /boafrm/formPortFw of the component HTTP POST Request Handler. The manipulation of the argument service_type leads to buffer overflow. It is possible to initiate the โฆ
8.7
CVE-2025-5788 - TOTOLINK X15 HTTP POST Request formReflashClientTbl buffer overflow
A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105. It has been rated as critical. Affected by this issue is some unknown functionality of the file /boafrm/formReflashClientTbl of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflโฆ
8.7
CVE-2025-5787 - TOTOLINK X15 HTTP POST Request formWsc buffer overflow
A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /boafrm/formWsc of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. โฆ