9.1
CVE-2025-15102 - DVP-12SE11T - Password Protection Bypass
DVP-12SE11T - Password Protection Bypass
8.7
CVE-2025-15234 - Tenda M3 setInternetLanInfo formSetRemoteInternetLanInfo heap-based overflow
A weakness has been identified in Tenda M3 1.0.0.13(4903). Impacted is the function formSetRemoteInternetLanInfo of the file /goform/setInternetLanInfo. This manipulation of the argument portIp/portMask/portGateWay/portDns/portSecDns causes heap-based buffer overflow. It is possible to initiate theโฆ
8.7
CVE-2025-15233 - Tenda M3 setAdInfoDetail formSetAdInfoDetails heap-based overflow
A security flaw has been discovered in Tenda M3 1.0.0.13(4903). This issue affects the function formSetAdInfoDetails of the file /goform/setAdInfoDetail. The manipulation of the argument adName/smsPassword/smsAccount/weixinAccount/weixinName/smsSignature/adRedirectUrl/adCopyRight/smsContent/adItemUโฆ
5.1
CVE-2025-15355 - NetVision Information๏ฝISOinsight - Reflected Cross-site Scripting
ISOinsight developed by NetVision Information has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript codes in user's browser through phishing attacks.
8.7
CVE-2025-15232 - Tenda M3 setAdPushInfo formSetAdPushInfo stack-based overflow
A vulnerability was identified in Tenda M3 1.0.0.13(4903). This vulnerability affects the function formSetAdPushInfo of the file /goform/setAdPushInfo. The manipulation of the argument mac/terminal leads to stack-based buffer overflow. The attack is possible to be carried out remotely. The exploit โฆ
8.7
CVE-2025-15231 - Tenda M3 setVlanInfo formSetRemoteVlanInfo stack-based overflow
A vulnerability was determined in Tenda M3 1.0.0.13(4903). This affects the function formSetRemoteVlanInfo of the file /goform/setVlanInfo. Executing a manipulation of the argument ID/vlan/port can lead to stack-based buffer overflow. The attack can be executed remotely. The exploit has been publicโฆ
8.7
CVE-2025-15230 - Tenda M3 setVlanPolicyData formSetVlanPolicy heap-based overflow
A vulnerability was found in Tenda M3 1.0.0.13(4903). Affected by this issue is the function formSetVlanPolicy of the file /goform/setVlanPolicyData. Performing a manipulation of the argument qvlan_truck_port results in heap-based buffer overflow. Remote exploitation of the attack is possible. The โฆ
6.9
CVE-2025-15229 - Tenda CH22 DhcpListClient fromDhcpListClient denial of service
A vulnerability has been found in Tenda CH22 up to 1.0.0.1. Affected by this vulnerability is the function fromDhcpListClient of the file /goform/DhcpListClient. Such manipulation of the argument LISTLEN leads to denial of service. The attack may be launched remotely. The exploit has been disclosedโฆ
6.1
CVE-2025-14313 - Advance WP Query Search Filter <= 1.0.10 - Reflected XSS via taxo_ajax
The Advance WP Query Search Filter WordPress plugin through 1.0.10 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin
6.1
CVE-2025-14312 - Advance WP Query Search Filter <= 1.0.10 - Reflected XSS via counter
The Advance WP Query Search Filter WordPress plugin through 1.0.10 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin