Common Vulnerabilities and Exposures (CVE)

CVE-2025-22907

Jul 7, 2026 16:38:15 UTC

RE11S v1.11 was discovered to contain a stack overflow via the selSSID parameter in the formWlSiteSurvey function.

CVE-2025-22906

Jul 7, 2026 16:37:57 UTC

RE11S v1.11 was discovered to contain a command injection vulnerability via the L2TPUserName parameter at /goform/setWAN.

CVE-2025-22905

Jul 7, 2026 16:37:39 UTC

RE11S v1.11 was discovered to contain a command injection vulnerability via the command parameter at /goform/mp.

CVE-2025-22904

Jul 7, 2026 16:36:27 UTC

RE11S v1.11 was discovered to contain a stack overflow via the pptpUserName parameter in the setWAN function.

CVE-2024-57483

Jul 7, 2026 16:34:59 UTC

Tenda i24 V2.0.0.5 is vulnerable to Buffer Overflow in the addWifiMacFilter function.

CVE-2024-57473

Jul 7, 2026 16:34:33 UTC

H3C N12 V100R005 contains a buffer overflow vulnerability due to the lack of length verification in the mac address editing function. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execu...

CVE-2024-57480

Jul 7, 2026 16:33:30 UTC

H3C N12 V100R005 contains a buffer overflow vulnerability due to the lack of length verification in the AP configuration function. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execute ...

CVE-2024-57479

Jul 7, 2026 16:32:06 UTC

H3C N12 V100R005 contains a buffer overflow vulnerability due to the lack of length verification in the mac address update function. Attackers who successfully exploit this vulnerability can cause the remote target device to crash or execut...

CVE-2024-50660

Jul 7, 2026 16:31:23 UTC

File Upload Bypass was found in AdPortal 3.0.39 allows a remote attacker to execute arbitrary code via the file upload functionality

CVE-2024-50659

Jul 7, 2026 16:30:45 UTC

Cross Site Scripting vulnerability iPublish Media Solutions AdPortal 3.0.39 allows a remote attacker to escalate privileges via the shippingAsBilling parameter in updateuserinfo.html.

CVE-2024-50658

Jul 7, 2026 16:30:11 UTC

Server-Side Template Injection (SSTI) was found in AdPortal 3.0.39 allows a remote attacker to execute arbitrary code via the shippingAsBilling and firstname parameters in updateuserinfo.html file

CVE-2024-51112

Jul 7, 2026 16:29:48 UTC

Open Redirect vulnerability in Pnetlab 5.3.11 allows an attacker to manipulate URLs to redirect users to arbitrary external websites via a crafted script

CVE-2024-51111

Jul 7, 2026 16:29:27 UTC

Cross-Site Scripting (XSS) vulnerability in Pnetlab 5.3.11 allows an attacker to inject malicious scripts into a web page, which are executed in the context of the victim's browser.

CVE-2026-56811

Jul 7, 2026 16:14:39 UTC

Allocation of Resources Without Limits or Throttling vulnerability in phoenixframework phoenix (Phoenix.Socket module) allows an unauthenticated attacker to cause a denial of service against any endpoint that mounts a Phoenix socket with a ...

CVE-2026-38976

Jul 7, 2026 16:14:19 UTC

mrubyc through 3.4.1 was found to contain a NULL pointer dereference in src/vm.c in op_super() / OP_SUPER due to a missing runtime guard for top-level super.