Common Vulnerabilities and Exposures (CVE)

CVE-2025-14656

Feb 24, 2026 05:50:18 UTC

A weakness has been identified in Tenda AC20 16.03.08.12. This affects the function httpd of the file /goform/openSchedWifi. Executing a manipulation of the argument schedStartTime/schedEndTime can lead to buffer overflow. The attack may be...

CVE-2025-14655

Feb 24, 2026 05:50:00 UTC

A security flaw has been discovered in Tenda AC20 16.03.08.12. The impacted element is the function formSetRebootTimer of the file /goform/SetSysAutoRebbotCfg of the component httpd. Performing a manipulation of the argument rebootTime resu...

CVE-2025-14654

Feb 24, 2026 05:49:45 UTC

A vulnerability was identified in Tenda AC20 16.03.08.12. The affected element is the function formSetPPTPUserList of the file /goform/setPptpUserList of the component httpd. Such manipulation of the argument list leads to stack-based buffe...

CVE-2025-14648

Feb 24, 2026 05:49:31 UTC

A security vulnerability has been detected in DedeBIZ up to 6.5.9. Affected by this vulnerability is an unknown functionality of the file /src/admin/catalog_add.php. Such manipulation leads to command injection. It is possible to launch the...

CVE-2025-14636

Feb 24, 2026 05:49:20 UTC

A security flaw has been discovered in Tenda AX9 22.03.01.46. This affects the function image_check of the component httpd. The manipulation results in use of weak hash. It is possible to launch the attack remotely. A high complexity level ...

CVE-2025-14607

Feb 24, 2026 05:49:06 UTC

A vulnerability was detected in OFFIS DCMTK up to 3.6.9. Affected by this issue is the function DcmByteString::makeDicomByteString of the file dcmdata/libsrc/dcbytstr.cc of the component dcmdata. The manipulation results in memory corruptio...

CVE-2025-14590

Feb 24, 2026 05:48:52 UTC

A security vulnerability has been detected in code-projects Prison Management System 2.0. Impacted is an unknown function of the file /admin/search1.php. The manipulation of the argument keyname leads to sql injection. It is possible to ini...

CVE-2025-14589

Feb 24, 2026 05:48:41 UTC

A weakness has been identified in code-projects Prison Management System 2.0. This issue affects some unknown processing of the file /admin/search.php. Executing a manipulation of the argument keyname can lead to sql injection. The attack m...

CVE-2025-14586

Feb 24, 2026 05:48:28 UTC

A vulnerability was determined in TOTOLINK X5000R 9.1.0cu.2089_B20211224. Affected by this issue is the function snprintf of the file /cgi-bin/cstecgi.cgi?action=exportOvpn&type=user. This manipulation of the argument User causes os command...

CVE-2025-14583

Feb 24, 2026 05:48:12 UTC

A flaw has been found in campcodes Online Student Enrollment System 1.0. This impacts an unknown function of the file /admin/register.php. Executing a manipulation of the argument photo can lead to unrestricted upload. The attack can be lau...

CVE-2025-68675

Feb 24, 2026 05:48:05 UTC

In Apache Airflow versions before 3.1.6, and 2.11.1 the proxies and proxy fields within a Connection may include proxy URLs containing embedded authentication information. These fields were not treated as sensitive by default and therefore ...

CVE-2025-14582

Feb 24, 2026 05:48:00 UTC

A vulnerability was detected in campcodes Online Student Enrollment System 1.0. This affects an unknown function of the file /admin/index.php?page=user-profile. Performing a manipulation of the argument userphoto results in unrestricted upl...

CVE-2025-14580

Feb 24, 2026 05:47:47 UTC

A security vulnerability has been detected in Qualitor up to 8.24.73. The impacted element is an unknown function of the file /Qualitor/html/bc/bcdocumento9/biblioteca/request/viewDocumento.php. Such manipulation of the argument cdscript le...

CVE-2025-14571

Feb 24, 2026 05:47:34 UTC

A vulnerability has been found in projectworlds Advanced Library Management System 1.0. Affected by this issue is some unknown functionality of the file /borrow_book.php. Such manipulation of the argument roll_number leads to sql injection....

CVE-2025-14570

Feb 24, 2026 05:47:22 UTC

A flaw has been found in projectworlds Advanced Library Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /view_admin.php. This manipulation of the argument admin_id causes sql injection. The atta...