Common Vulnerabilities and Exposures (CVE)

CVE-2023-50989

Jul 9, 2026 00:29:24 UTC

Tenda i29 v1.0 V1.0.0.5 was discovered to contain a command injection vulnerability via the pingSet function.

CVE-2023-50988

Jul 9, 2026 00:29:22 UTC

Tenda i29 v1.0 V1.0.0.5 was discovered to contain a buffer overflow via the bandwidth parameter in the wifiRadioSetIndoor function.

CVE-2023-50987

Jul 9, 2026 00:29:21 UTC

Tenda i29 v1.0 V1.0.0.5 was discovered to contain a buffer overflow via the time parameter in the sysTimeInfoSet function.

CVE-2023-50986

Jul 9, 2026 00:29:20 UTC

Tenda i29 v1.0 V1.0.0.5 was discovered to contain a buffer overflow via the time parameter in the sysLogin function.

CVE-2023-50985

Jul 9, 2026 00:29:19 UTC

Tenda i29 v1.0 V1.0.0.5 was discovered to contain a buffer overflow via the lanGw parameter in the lanCfgSet function.

CVE-2023-50984

Jul 9, 2026 00:29:17 UTC

Tenda i29 v1.0 V1.0.0.5 was discovered to contain a buffer overflow via the ip parameter in the spdtstConfigAndStart function.

CVE-2023-50983

Jul 9, 2026 00:29:16 UTC

Tenda i29 v1.0 V1.0.0.5 was discovered to contain a command injection vulnerability via the sysScheduleRebootSet function.

CVE-2023-50651

Jul 9, 2026 00:29:15 UTC

TOTOLINK X6000R v9.4.0cu.852_B20230719 was discovered to contain a remote command execution (RCE) vulnerability via the component /cgi-bin/cstecgi.cgi.

CVE-2023-50643

Jul 9, 2026 00:29:14 UTC

An issue in Evernote Evernote for MacOS v.10.68.2 allows a remote attacker to execute arbitrary code via the RunAsNode and enableNodeClilnspectArguments components.

CVE-2023-50470

Jul 9, 2026 00:29:13 UTC

A cross-site scripting (XSS) vulnerability in the component admin_ Video.php of SeaCMS v12.8 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.

CVE-2023-50128

Jul 9, 2026 00:29:11 UTC

The remote keyless system of the Hozard alarm system (alarmsystemen) v1.0 sends an identical radio frequency signal for each request, which results in an attacker being able to conduct replay attacks to bring the alarm system to a disarmed ...

CVE-2023-49494

Jul 9, 2026 00:29:10 UTC

DedeCMS v5.7.111 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the component select_media_post_wangEditor.php.

CVE-2023-48940

Jul 9, 2026 00:29:09 UTC

A stored cross-site scripting (XSS) vulnerability in /admin.php of DaiCuo v2.5.15 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.

CVE-2023-48194

Jul 9, 2026 00:29:08 UTC

Vulnerability in Tenda AC8v4 .V16.03.34.09 due to sscanf and the last digit of s8 being overwritten with \x0. After executing set_client_qos, control over the gp register can be obtained.

CVE-2023-48193

Jul 9, 2026 00:29:06 UTC

Insecure Permissions vulnerability in JumpServer GPLv3 v.3.8.0 allows a remote attacker to execute arbitrary code via bypassing the command filtering function. NOTE: this is disputed because command filtering is not intended to restrict wha...