Vuldb Updates

A vulnerability was found in Campcodes Online Water Billing System 1.0. It has been rated as critical. Affected is an unknown function of the file /editecex.php. This manipulation of the argument ID causes sql injection. This vulnerability is registered as CVE-2025-9423. Remote exploitation of the attack is possible. Furthermore, an exploit is available.

A vulnerability marked as critical has been reported in SAIL Image Decoding Library 0.9.8. This impacts an unknown function of the component BMPv3 Image Decoder. Performing manipulation results in integer overflow to buffer overflow. This vulnerability is reported as CVE-2025-32468. The attack is possible to be carried out remotely. No exploit exists.

A vulnerability has been found in SAIL Image Decoding Library 0.9.8 and classified as critical. This issue affects some unknown processing of the component PCX Image Decoder. Performing manipulation results in heap-based buffer overflow. This vulnerability was named CVE-2025-35984. The attack may be initiated remotely. There is no available exploit.

A vulnerability was found in SAIL Image Decoding Library 0.9.8 and classified as critical. Impacted is an unknown function of the component BMPv3 Palette Decoder. Executing manipulation can lead to integer overflow to buffer overflow. The identification of this vulnerability is CVE-2025-46407. The attack may be launched remotely. There is no exploit available.

A vulnerability was found in D-Link DSL-7740C DSL7740C.V6.TR069.20211230. It has been classified as critical. This impacts an unknown function of the component GET Handler. This manipulation causes command injection. The identification of this vulnerability is CVE-2025-29519. It is possible to initiate the attack remotely. There is no exploit available.

A vulnerability labeled as critical has been found in D-Link DSL-7740C DSL7740C.V6.TR069.20211230. This vulnerability affects unknown code of the component Maintenance Module. The manipulation results in improper access controls. This vulnerability is cataloged as CVE-2025-29520. The attack may be launched remotely. There is no exploit available.

A vulnerability described as very critical has been identified in D-Link DSL-7740C DSL7740C.V6.TR069.20211230. Impacted is an unknown function. Such manipulation leads to use of default credentials. This vulnerability is documented as CVE-2025-29521. The attack can be executed remotely. There is not any exploit available.

A vulnerability classified as critical was found in D-Link DSL-7740C DSL7740C.V6.TR069.20211230. The impacted element is the function ping. Executing manipulation can lead to command injection. This vulnerability appears as CVE-2025-29522. The attack may be performed from remote. There is no available exploit.

A vulnerability classified as critical has been found in Biosig libbiosig 3.9.0. This vulnerability affects unknown code of the file biosig.c of the component MFER Parser. This manipulation causes stack-based buffer overflow. This vulnerability appears as CVE-2025-54489. The attack may be initiated remotely. There is no available exploit.

A vulnerability classified as critical was found in Biosig libbiosig 3.9.0. This issue affects some unknown processing of the file biosig.c of the component MFER Parser. Such manipulation leads to stack-based buffer overflow. This vulnerability is traded as CVE-2025-54490. The attack may be launched remotely. There is no exploit available.

A vulnerability, which was classified as critical, has been found in Biosig libbiosig 3.9.0. Impacted is an unknown function of the file biosig.c of the component MFER Parser. Performing manipulation results in stack-based buffer overflow. This vulnerability is known as CVE-2025-54491. Remote exploitation of the attack is possible. No exploit is available.

A vulnerability, which was classified as critical, was found in Biosig libbiosig 3.9.0. The affected element is an unknown function of the file biosig.c of the component MFER Parser. Executing manipulation can lead to stack-based buffer overflow. This vulnerability is handled as CVE-2025-54492. The attack can be executed remotely. There is not any exploit available.

A vulnerability has been found in Biosig libbiosig 3.9.0 and classified as critical. The impacted element is an unknown function of the file biosig.c of the component MFER Parser. The manipulation leads to stack-based buffer overflow. This vulnerability is uniquely identified as CVE-2025-54493. The attack is possible to be carried out remotely. No exploit exists.

A vulnerability was found in Biosig libbiosig 3.9.0 and classified as critical. This affects an unknown function of the file biosig.c of the component MFER Parser. The manipulation results in stack-based buffer overflow. This vulnerability was named CVE-2025-54494. The attack may be performed from remote. There is no available exploit.

A vulnerability, which was classified as critical, has been found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. The affected element is the function ipRangeBlockManageRule of the file /goform/ipRangeBlockManageRule. Performing manipulation of the argument ipRangeBlockRuleName/scheduleIp/ipRangeBlockRuleIpAddr results in stack-based buffer overflow. This vulnerability was named CVE-2025-9361. The attack may be initiated remotely. In addition, an exploit is available. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability, which was classified as critical, was found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. The impacted element is the function urlFilterManageRule of the file /goform/urlFilterManageRule. Executing manipulation of the argument urlFilterRuleName/scheduleUrl/addURLFilter can lead to stack-based buffer overflow. The identification of this vulnerability is CVE-2025-9362. The attack may be launched remotely. There is no exploit available. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability has been found in Linksys RE6250, RE6300, RE6350, RE6500, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001 and classified as critical. This affects the function portTriggerManageRule of the file /goform/portTriggerManageRule. The manipulation of the argument triggerRuleName/schedule leads to stack-based buffer overflow. This vulnerability is referenced as CVE-2025-9363. Remote exploitation of the attack is possible. Furthermore, an exploit is available. The vendor was contacted early about this disclosure but did not respond in any way.

A vulnerability was found in D-Link DSL-7740C DSL7740C.V6.TR069.20211230. It has been declared as critical. Affected is an unknown function of the file config.xgi of the component Web Request Handler. Such manipulation leads to improper access controls. This vulnerability is referenced as CVE-2025-29514. It is possible to launch the attack remotely. No exploit is available.

A vulnerability was found in D-Link DSL-7740C DSL7740C.V6.TR069.20211230. It has been rated as critical. Affected by this vulnerability is an unknown functionality of the file DELT_file.xgi of the component XML Database Handler. Performing manipulation results in improper access controls. This vulnerability is identified as CVE-2025-29515. The attack can be initiated remotely. There is not any exploit available.

A vulnerability categorized as critical has been discovered in D-Link DSL-7740C DSL7740C.V6.TR069.20211230. Affected by this issue is some unknown functionality of the component Backup Handler. Executing manipulation can lead to command injection. This vulnerability is tracked as CVE-2025-29516. The attack can be launched remotely. No exploit exists.