0.0
CVE-2026-41604 - Apache Thrift: Swift Range crash in skip()
Out-of-bounds Read vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue.
0.0
CVE-2026-41603 - Apache Thrift: Java TSSLTransportFactory hostname verification
Improper Validation of Certificate with Host Mismatch vulnerability in Apache Thrift. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue.
0.0
CVE-2026-41602 - Apache Thrift: Go TFramedTransport uint32 overflow
Integer Overflow or Wraparound vulnerability in Apache Thrift TFramedTransport Go language implementation This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue.
0.0
CVE-2025-48431 - Apache Thrift: Specially crafted input can crash a c_glib Thrift server with invalid pointer error.
Mismatched Memory Management Routines vulnerability in Apache Thrift c_glib language bindings. This issue affects Apache Thrift: before 0.23.0. Users are recommended to upgrade to version 0.23.0, which fixes the issue. Description: Specially crafted requests can crash an c_glib-based Thrift servβ¦
9.3
CVE-2026-7248 - D-Link DI-8100 CGI Endpoint tgfile.htm tgfile_htm buffer overflow
A vulnerability was found in D-Link DI-8100 16.07.26A1. This affects the function tgfile_htm of the file tgfile.htm of the component CGI Endpoint. The manipulation of the argument fn results in buffer overflow. The attack can be executed remotely. The exploit has been made public and could be used.
8.6
CVE-2026-7247 - D-Link DI-8100 File Extension file_exten.asp file_exten_asp buffer overflow
A vulnerability has been found in D-Link DI-8100 16.07.26A1. Affected by this issue is the function file_exten_asp of the file file_exten.asp of the component File Extension Handler. The manipulation of the argument Name leads to buffer overflow. Remote exploitation of the attack is possible. The eβ¦
9.3
CVE-2026-7244 - Totolink A8000RU CGI cstecgi.cgi setWiFiEasyGuestCfg os command injection
A security flaw has been discovered in Totolink A8000RU 7.1cu.643_b20200521. The impacted element is the function setWiFiEasyGuestCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument merge results in os command injection. It is possible to launch the aβ¦
9.3
CVE-2026-7243 - Totolink A8000RU CGI cstecgi.cgi setRadvdCfg os command injection
A vulnerability was identified in Totolink A8000RU 7.1cu.643_b20200521. The affected element is the function setRadvdCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. The manipulation of the argument maxRtrAdvInterval leads to os command injection. It is possible to initiate the atβ¦
0.0
CVE-2025-10539 - Improper TLS Certificate Validation RCE via Malicious Update in DeskTime Time Tracking App
Due to improper TLS certificate validation in the DeskTime Time Tracking App before version 1.3.674, attackers who can position themselves in the network path between the client and the DeskTime update servers can return a malicious executable in response to an update request. This allows the attacβ¦
9.3
CVE-2026-7242 - Totolink A8000RU CGI cstecgi.cgi setOpenVpnClientCfg os command injection
A vulnerability was determined in Totolink A8000RU 7.1cu.643_b20200521. Impacted is the function setOpenVpnClientCfg of the file /cgi-bin/cstecgi.cgi of the component CGI Handler. Executing a manipulation of the argument enabled can lead to os command injection. The attack may be performed from remβ¦