Vuldb Updates

A vulnerability has been found in H3C Magic R300 R300-2100MV100R004 and classified as critical. Affected by this issue is the function ipqos_lanip_editlist of the file /goform/aspForm. The manipulation leads to stack-based buffer overflow. This vulnerability is traded as CVE-2023-33636. Access to the local network is required for this attack to succeed. There is no exploit available.

A vulnerability was found in H3C Magic R300 R300-2100MV100R004 and classified as critical. This affects the function DelDNSHnList of the file /goform/aspForm. The manipulation results in stack-based buffer overflow. This vulnerability is known as CVE-2023-33637. Access to the local network is required for this attack. No exploit is available.

A vulnerability, which was classified as critical, has been found in H3C Magic R300 R300-2100MV100R004. Affected is the function EdittriggerList of the file /goform/aspForm. Performing a manipulation results in stack-based buffer overflow. This vulnerability is reported as CVE-2023-33634. The attacker must have access to the local network to execute the attack. No exploit exists.

A vulnerability described as critical has been identified in H3C Magic R300 R300-2100MV100R004. The impacted element is the function DelSTList of the file /goform/aspForm. The manipulation results in stack-based buffer overflow. This vulnerability is cataloged as CVE-2023-33631. The attack must originate from the local network. There is no exploit available.

A vulnerability classified as critical has been found in H3C Magic R300 R300-2100MV100R004. This affects the function ipqos_lanip_dellist of the file /goform/aspForm. This manipulation causes stack-based buffer overflow. This vulnerability is registered as CVE-2023-33632. The attack requires access to the local network. No exploit is available.

A vulnerability classified as critical was found in H3C Magic R300 R300-2100MV100R004. This impacts the function UpdateWanParams of the file /goform/aspForm. Such manipulation leads to stack-based buffer overflow. This vulnerability is documented as CVE-2023-33633. The attack requires being on the local network. There is not any exploit available.

A vulnerability marked as critical has been reported in H3C Magic R300 R300-2100MV100R004. The affected element is the function EditvsList of the file /goform/aspForm. The manipulation leads to stack-based buffer overflow. This vulnerability is listed as CVE-2023-33630. The attack must be carried out from within the local network. There is no available exploit.

A vulnerability labeled as critical has been found in Linux Kernel up to 6.1.148/6.6.102/6.12.43/6.16.3/6.17-rc2. This impacts the function recvmsg. Such manipulation leads to buffer overflow. This vulnerability is uniquely identified as CVE-2025-39682. The attack can only be initiated within the local network. No exploit exists. The affected component should be upgraded.

A vulnerability categorized as critical has been discovered in Linux Kernel up to 6.16.3/6.17-rc2. The impacted element is the function metric_tbl_addr. The manipulation results in null pointer dereference. This vulnerability is known as CVE-2025-39678. Access to the local network is required for this attack. No exploit is available. It is advisable to upgrade the affected component.

A vulnerability marked as critical has been reported in Linux Kernel up to 6.16.3/6.17-rc2. The impacted element is the function ismt_access of the component i2c. This manipulation causes out-of-bounds read. The identification of this vulnerability is CVE-2025-39680. The attack needs to be done within the local network. There is no exploit available. It is suggested to upgrade the affected component.

A vulnerability identified as critical has been detected in Linux Kernel up to 6.6.102/6.12.43/6.16.3/6.17-rc2. This affects the function nvif_vmm_ctor. This manipulation causes memory leak. This vulnerability is handled as CVE-2025-39679. The attack can only be done within the local network. There is not any exploit available. You should upgrade the affected component.

A vulnerability was found in Linux Kernel up to 6.17-rc2. It has been rated as critical. The affected element is the function qla4xxx_get_ep_fwdb. The manipulation leads to null pointer dereference. This vulnerability is traded as CVE-2025-39676. Access to the local network is required for this attack to succeed. There is no exploit available. Upgrading the affected component is advised.

A vulnerability has been found in Linux Kernel up to 6.16.3/6.17-rc2 and classified as critical. Affected is the function qdisc_dequeue_internal of the component sched. The manipulation leads to infinite loop. This vulnerability is documented as CVE-2025-39677. The attack requires being on the local network. There is not any exploit available. The affected component should be upgraded.

A vulnerability labeled as critical has been found in Linux Kernel up to 6.17-rc2. The affected element is the function mod_hdcp_hdcp1_create_session. The manipulation results in null pointer dereference. This vulnerability was named CVE-2025-39675. The attack needs to be approached within the local network. There is no available exploit. The affected component should be upgraded.

A vulnerability classified as problematic has been found in SourceCodester API Key Manager App 1.0. Affected by this vulnerability is an unknown functionality of the component Import Key Handler. Performing a manipulation results in cross site scripting. This vulnerability is identified as CVE-2026-0580. The attack can be initiated remotely. Additionally, an exploit exists.

A vulnerability was found in Mozilla Firefox up to 144. It has been classified as problematic. This vulnerability affects unknown code of the component HTML Component. Performing a manipulation results in authentication bypass using alternate channel. This vulnerability is reported as CVE-2025-13013. The attack is possible to be carried out remotely. No exploit exists. Upgrading the affected component is recommended.

A vulnerability identified as critical has been detected in Mozilla Firefox up to 144. The impacted element is an unknown function of the component Audio/Video. This manipulation causes use after free. This vulnerability is handled as CVE-2025-13014. The attack can be initiated remotely. There is not any exploit available. You should upgrade the affected component.

A vulnerability classified as critical was found in Exim up to 4.99.0. This issue affects some unknown processing. Executing a manipulation can lead to heap-based buffer overflow. This vulnerability is handled as CVE-2025-67896. The attack can be executed remotely. There is not any exploit available. Upgrading the affected component is advised.

A vulnerability was found in Mozilla Firefox up to 144. It has been declared as problematic. This issue affects some unknown processing of the component Graphics. Executing a manipulation can lead to race condition. This vulnerability appears as CVE-2025-13012. The attack may be performed from remote. There is no available exploit. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in GIMP. Affected by this issue is some unknown functionality of the component LBM File Parser. This manipulation causes stack-based buffer overflow. This vulnerability is handled as CVE-2025-14423. The attack can be initiated remotely. There is not any exploit available. It is advisable to upgrade the affected component.