Lucene search
K

202 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/28 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2026-53317

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - wifi: mt76: mt7921: Place upper limit on station AID Any station configured with an AID over 20 causes a firmware crash. This situation occurred in our testing...

5.5CVSS6AI score0.00114EPSS
Exploits0References4
CVE
CVE
added 2026/06/26 7:41 p.m.10 views

CVE-2026-53317

CVE-2026-53317 concerns the Linux kernel wifi driver stack (mt76/mt7921). A station AID value greater than 20 could trigger a firmware crash on AP interfaces (IFTYPE_AP) when a modified hostapd allocates AIDs starting at a high value (65 in testing). The issue is mitigated by a fix that imposes a...

5.5CVSS5.8AI score0.00114EPSS
Exploits0References4Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/06/26 7:41 p.m.8 views

CVE-2026-53317

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921: Place upper limit on station AID Any station configured with an AID over 20 causes a firmware crash. This situation occurred in our testing using an AP interface on 7922 hardware, with a modified hostapd,...

5.8AI score0.00114EPSS
Exploits0References5Affected Software1
Debian CVE
Debian CVE
added 2026/06/26 7:41 p.m.4 views

CVE-2026-53317

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921: Place upper limit on station AID Any station configured with an AID over 20 causes a firmware crash. This situation occurred in our testing using an AP interface on 7922 hardware, with a modified hostapd,...

5.5CVSS5.8AI score0.00114EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2026/06/26 12:0 a.m.11 views

PT-2026-52956

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A firmware crash occurs in the mt7921 wifi driver when a station is configured with an Association Identifier AID greater than 20. This issue specifically affects IFTYPE AP interfaces an...

5.8AI score0.00114EPSS
Exploits0References8
EUVD
EUVD
added 2026/06/19 4:48 p.m.9 views

EUVD-2017-19006

Joomla Payage 2.05 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the aid parameter. Attackers can send GET requests to index.php with malicious aid values in the makepayment task to extract sensitive...

8.8CVSS6AI score0.00237EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/19 4:48 p.m.27 views

CVE-2017-20279 Joomla Payage 2.05 SQL Injection via aid Parameter

Joomla Payage 2.05 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the aid parameter. Attackers can send GET requests to index.php with malicious aid values in the makepayment task to extract sensitive...

8.8CVSS0.00237EPSS
Exploits0References2
CVE
CVE
added 2026/06/19 4:48 p.m.13 views

CVE-2017-20279

Joomla Payage 2.05 is affected by an SQL injection in the aid parameter used in the make_payment task (unauthenticated access). The vulnerability allows manipulation of database queries, enabling extraction of sensitive data via boolean-based blind or time-based blind techniques. This is supporte...

8.8CVSS6AI score0.00237EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/19 4:48 p.m.8 views

CVE-2017-20279

Joomla Payage 2.05 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the aid parameter. Attackers can send GET requests to index.php with malicious aid values in the makepayment task to extract sensitive...

8.8CVSS6AI score0.00237EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.17 views

PT-2026-50960

Name of the Vulnerable Software and Affected Versions Joomla Payage version 2.05 Description An SQL injection allows unauthenticated attackers to manipulate database queries by injecting SQL code through the aid parameter. Attackers can send GET requests to the 'index.php' endpoint with malicious...

8.8CVSS6.2AI score0.00237EPSS
Exploits0References6
NVD
NVD
added 2026/06/09 1:16 p.m.12 views

CVE-2017-20247

WordPress Plugin PICA Photo Gallery 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the aid parameter. Attackers can send GET requests with crafted SQL payloads in the aid parameter to extract...

8.8CVSS0.00262EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/06/09 11:48 a.m.12 views

CVE-2017-20247 WordPress Plugin PICA Photo Gallery 1.0 SQL Injection

WordPress Plugin PICA Photo Gallery 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the aid parameter. Attackers can send GET requests with crafted SQL payloads in the aid parameter to extract...

8.8CVSS6.1AI score0.00262EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/06/09 11:48 a.m.32 views

CVE-2017-20247 WordPress Plugin PICA Photo Gallery 1.0 SQL Injection

WordPress Plugin PICA Photo Gallery 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the aid parameter. Attackers can send GET requests with crafted SQL payloads in the aid parameter to extract...

8.8CVSS0.00262EPSS
Exploits0References3
EUVD
EUVD
added 2026/06/09 11:48 a.m.10 views

EUVD-2017-18973

WordPress Plugin PICA Photo Gallery 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the aid parameter. Attackers can send GET requests with crafted SQL payloads in the aid parameter to extract...

8.8CVSS6.1AI score0.00262EPSS
Exploits0References3
CVE
CVE
added 2026/06/09 11:48 a.m.24 views

CVE-2017-20247

CVE-2017-20247 affects the WordPress plugin PICA Photo Gallery 1.0. It describes an SQL injection vulnerability where unauthenticated attackers can inject SQL via the aid parameter in GET requests to retrieve sensitive data (e.g., user credentials, table contents). The CVE notes high impact on co...

8.8CVSS6.1AI score0.00262EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.17 views

PT-2026-47770

WordPress Plugin PICA Photo Gallery 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the aid parameter. Attackers can send GET requests with crafted SQL payloads in the aid parameter to extract...

8.8CVSS6.1AI score0.00262EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/06/09 12:0 a.m.15 views

WordPress plugin PICA Photo Gallery SQL注入漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

8.8CVSS5.8AI score0.00262EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/03 12:0 a.m.15 views

EUVD-2026-34141

Mercusys AC12G EU V1 router with firmware AC12GEUV1200909 discloses kernel memory layout via the UPnP GetStatusInfo action. An unauthenticated attacker on the adjacent network can obtain a raw MIPS KSEG0 kernel pointer, revealing kernel memory layout and aiding further exploitation...

5.8AI score0.00166EPSS
Exploits0References1
NVD
NVD
added 2026/05/30 4:17 p.m.24 views

CVE-2018-25425

Yot CMS 3.3.1 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the aid and cid parameters. Attackers can send GET requests to index.php with crafted SQL payloads in the aid or cid parameters to extra...

8.8CVSS0.0027EPSS
Exploits0References4
EUVD
EUVD
added 2026/05/30 2:55 p.m.12 views

EUVD-2018-21947

Yot CMS 3.3.1 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the aid and cid parameters. Attackers can send GET requests to index.php with crafted SQL payloads in the aid or cid parameters to extra...

8.8CVSS6.2AI score0.0027EPSS
Exploits0References4
Rows per page
Query Builder