0.0
CVE-2026-31017 - SSRF in ERPNext PDF Rendering Allows Server‑Side Requests
A Server-Side Request Forgery (SSRF) vulnerability exists in the Print Format functionality of ERPNext v16.0.1 and Frappe Framework v16.1.1, where user-supplied HTML is insufficiently sanitized before being rendered into PDF. When generating PDFs from user-controlled HTML content, the application a…
5.2
CVE-2026-32591 - Mirror-registry: quay: server-side request forgery in proxy cache upstream registry configuration
A flaw was found in Red Hat Quay's Proxy Cache configuration feature. When an organization administrator configures an upstream registry for proxy caching, Quay makes a network connection to the specified registry hostname without verifying that it points to a legitimate external service. An attack…
7.5
CVE-2025-50645 - Buffer Overflow in D‑Link DI‑8003 pppoe_list_opt.asp Endpoint
A vulnerability has been discovered in D-Link DI-8003 16.07.26A1, which can lead to a buffer overflow when the s parameter in the pppoe_list_opt.asp endpoint is manipulated. By sending a crafted request with an excessively large value for the s parameter, an attacker can trigger a buffer overflow c…
7.5
CVE-2025-50664 - Buffer Overflow in D‑Link DI‑8003 /user_group.asp Allows Remote Code Execution
A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of parameters in the /user_group.asp endpoint. The attacker can exploit this vulnerability by sending a crafted HTTP GET request with parameters name, mem, pri, and attr.
7.5
CVE-2025-50663 - Buffer Overflow in D‑Link DI‑8003 /usb_paswd.asp Endpoint
A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the name parameter in the /usb_paswd.asp endpoint.
7.5
CVE-2025-50662 - Buffer Overflow in D‑Link DI‑8003 Web Interface Allows Remote Code Execution
A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of the name parameter in the /url_group.asp endpoint.
0.0
CVE-2026-30080 - OpenAirInterface 2.2.0 Security Mode Complete Accepts IA0 Leading to Replay Attack
OpenAirInterface v2.2.0 accepts Security Mode Complete without any integrity protection. Configuration has supported integrity NIA1 and NIA2. But if an UE sends initial registration request with only security capability IA0, OpenAirInterface accepts and proceeds. This downgrade security context can…
7.5
CVE-2025-50671 - Buffer Overflow in D‑Link DI‑8003 /xwgl_ref.asp Allows Remote Attack
A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper handling of parameters in the /xwgl_ref.asp endpoint. An attacker can exploit this vulnerability by sending a crafted HTTP GET request with excessively long strings in parameters name, en, user_id, shibie_name, time…
7.5
CVE-2025-50644 - Buffer Overflow in D‑Link DI‑8003 qj.asp Endpoint Enables Remote Code Execution
A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 due to improper validation of user input in the qj.asp endpoint.
7.5
CVE-2025-50669 - Buffer Overflow in D‑Link DI‑8003/DI‑8003G via Wan_Ping Parameter
A buffer overflow vulnerability exists in D-Link DI-8003 16.07.26A1 and DI-8003G 19.12.10A1 due to improper handling of the wan_ping parameter in the /wan_ping.asp endpoint.