Vulnerabilities

DATE	CVE	VULNERABILITY TITLE	RISK
2025-01-16	CVE-2024-57575	Out-of-bounds Write vulnerability in Tenda Ac18 Firmware 15.03.05.19 Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the ssid parameter in the form_fast_setting_wifi_set function. network low complexity tenda CWE-787 critical	9.8
2025-01-16	CVE-2024-57577	Out-of-bounds Write vulnerability in Tenda Ac18 Firmware 15.03.05.19 Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the speed_dir parameter in the formSetSpeedWan function. low complexity tenda CWE-787	5.7
2025-01-16	CVE-2024-57578	Out-of-bounds Write vulnerability in Tenda Ac18 Firmware 15.03.05.19 Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the funcpara1 parameter in the formSetCfm function. low complexity tenda CWE-787	8.8
2025-01-16	CVE-2024-57579	Out-of-bounds Write vulnerability in Tenda Ac18 Firmware 15.03.05.19 Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the limitSpeedUp parameter in the formSetClientState function. network low complexity tenda CWE-787 critical	9.8
2025-01-16	CVE-2024-57580	Out-of-bounds Write vulnerability in Tenda Ac18 Firmware 15.03.05.19 Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the devName parameter in the formSetDeviceName function. network low complexity tenda CWE-787 critical	9.8
2025-01-16	CVE-2024-57581	Out-of-bounds Write vulnerability in Tenda Ac18 Firmware 15.03.05.19 Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the firewallEn parameter in the formSetFirewallCfg function. network low complexity tenda CWE-787 critical	9.8
2025-01-16	CVE-2024-57582	Out-of-bounds Write vulnerability in Tenda Ac18 Firmware 15.03.05.19 Tenda AC18 V15.03.05.19 was discovered to contain a stack overflow via the startIP parameter in the formSetPPTPServer function. network low complexity tenda CWE-787 critical	9.8
2025-01-16	CVE-2024-57583	Command Injection vulnerability in Tenda Ac18 Firmware 15.03.05.19 Tenda AC18 V15.03.05.19 was discovered to contain a command injection vulnerability via the usbName parameter in the formSetSambaConf function. network low complexity tenda CWE-77 critical	9.8
2025-01-16	CVE-2024-41746	IBM CICS TX Advanced 10.1, 11.1, and Standard 11.1 is vulnerable to stored cross-site scripting. network low complexity CWE-79	7.2
2025-01-16	CVE-2024-57769	SQL Injection vulnerability in Jfinaloa Project Jfinaloa JFinalOA before v2025.01.01 was discovered to contain a SQL injection vulnerability via the component borrowmoney/listData?applyUser. network low complexity jfinaloa-project CWE-89	8.8

Vulnerabilities {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities"}]}

Vulnerabilities