Aggregator

CVE-2025-6401 | TOTOLINK N300RH 6.1c.1390_B20191101 HTTP POST Message /boafrm/formFilter url denial of service

9 months 3 weeks ago

A vulnerability was found in TOTOLINK N300RH 6.1c.1390_B20191101. It has been classified as problematic. This affects an unknown part of the file /boafrm/formFilter of the component HTTP POST Message Handler. The manipulation of the argument url leads to denial of service. This vulnerability is uniquely identified as CVE-2025-6401. Access to the local network is required for this attack. Furthermore, there is an exploit available.

vuldb.com

CVE-2025-6400 | TOTOLINK N300RH 6.1c.1390_B20191101 HTTP POST Message /boafrm/formPortFw service_type buffer overflow

VulDB Recent Entries

9 months 3 weeks ago

A vulnerability was found in TOTOLINK N300RH 6.1c.1390_B20191101 and classified as critical. Affected by this issue is some unknown functionality of the file /boafrm/formPortFw of the component HTTP POST Message Handler. The manipulation of the argument service_type leads to buffer overflow. This vulnerability is handled as CVE-2025-6400. The attack may be launched remotely. Furthermore, there is an exploit available.

vuldb.com

CVE-2025-4981 | Mattermost up to 9.11.15/10.5.5/10.6.5/10.7.2/10.8.0 uncontrolled search path

VulDB Recent Entries

9 months 3 weeks ago

A vulnerability has been found in Mattermost up to 9.11.15/10.5.5/10.6.5/10.7.2/10.8.0 and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to uncontrolled search path. This vulnerability is known as CVE-2025-4981. Attacking locally is a requirement. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

Submit #597758: code-projects School Fees Payment System 1.0 SQL Injection [Accepted]

Vuldb Submit

9 months 3 weeks ago

Submit #597758 / VDB-313397

DS_Leo

CVE-2025-6399 | TOTOLINK X15 1.0.0-B20230714.1105 HTTP POST Request /boafrm/formIPv6Addr submit-url buffer overflow

VulDB Recent Entries

9 months 3 weeks ago

A vulnerability, which was classified as critical, was found in TOTOLINK X15 1.0.0-B20230714.1105. Affected is an unknown function of the file /boafrm/formIPv6Addr of the component HTTP POST Request Handler. The manipulation of the argument submit-url leads to buffer overflow. This vulnerability is traded as CVE-2025-6399. It is possible to launch the attack remotely. Furthermore, there is an exploit available.

vuldb.com

Submit #597693: TOTOLINK X15 V1.0.0-B20230714.1105 Buffer Overflow [Accepted]

Vuldb Submit

9 months 3 weeks ago

Submit #597693 / VDB-313396

yuhongxiang

CVE-2025-5255 | Core.ai Phoenix Code up to 4.0.3 com.apple.security.cs.disable-library-validation DYLD_INSERT_LIBRARIES default permission

VulDB Recent Entries

9 months 3 weeks ago

A vulnerability, which was classified as critical, has been found in Core.ai Phoenix Code up to 4.0.3. This issue affects some unknown processing of the component com.apple.security.cs.disable-library-validation. The manipulation of the argument DYLD_INSERT_LIBRARIES leads to incorrect default permissions. The identification of this vulnerability is CVE-2025-5255. An attack has to be approached locally. There is no exploit available. It is recommended to apply a patch to fix this issue.

vuldb.com

GodFather Android Malware Uses On-Device Virtualization to Hijack Legitimate Banking Apps

GBHackers on Security | #1 Globally Trusted Cyber Security News Platform

9 months 3 weeks ago

Zimperium zLabs has uncovered a highly advanced iteration of the GodFather Android banking malware, which employs a groundbreaking on-device virtualization technique to compromise legitimate mobile banking and cryptocurrency applications. Unlike traditional overlay attacks that merely mimic login screens, this malware creates a fully isolated virtual environment on the victim’s device, enabling attackers to monitor and […]

The post GodFather Android Malware Uses On-Device Virtualization to Hijack Legitimate Banking Apps appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Aman Mishra

Submit #597688: TOTOLINK N300RH_V4 V6.1c.1390_B20191101 Buffer Overflow [Accepted]

Vuldb Submit

9 months 3 weeks ago

Submit #597688 / VDB-313395

yuhongxiang

Submit #597687: TOTOLINK N300RH_V4 V6.1c.1390_B20191101 Buffer Overflow [Accepted]

Vuldb Submit

9 months 3 weeks ago

Submit #597687 / VDB-313394

yuhongxiang

CVE-2025-5963 | Postbox 7.0.65 on macOS com.apple.security.cs.disable-library-validation DYLD_INSERT_LIBRARIES default permission

VulDB Recent Entries

9 months 3 weeks ago

A vulnerability classified as critical was found in Postbox 7.0.65 on macOS. This vulnerability affects unknown code of the component com.apple.security.cs.disable-library-validation. The manipulation of the argument DYLD_INSERT_LIBRARIES leads to incorrect default permissions. This vulnerability only affects products that are no longer supported by the maintainer. This vulnerability was named CVE-2025-5963. The attack needs to be approached locally. There is no exploit available.

vuldb.com