EUVD-2026-0298

This CVE ID was rejected because it was reserved but not used for a vulnerability disclosure...

CVE-2023-47802

A vulnerability regarding improper neutralization of special elements used in an OS command 'OS Command Injection' is found in the IP block functionality. This allows remote authenticated users with administrator privileges to execute arbitrary commands via unspecified vectors. The following mode...

CVE-2020-0298

In Bluetooth, there is a possible control over Bluetooth enabled state due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID...

CVE-1999-0298

ypbind with -ypset and -ypsetme options activated in Linux Slackware and SunOS allows local and remote attackers to overwrite files via a .. dot dot attack...

Azure Linux 3.0 Security Update: kernel (CVE-2010-0298)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2010-0298 advisory. - The x86 emulator in KVM 83 does not use the Current Privilege Level CPL and I/O Privilege Level IOPL in...

CVE-2025-0298

creationtimestamp| type| source ---|---|--- 2025-01-07 16:17:08+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lf62dt63b622 2025-01-07 17:42:42+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/499...

CVE-2025-0298

A vulnerability was found in code-projects Online Book Shop 1.0. It has been rated as critical. This issue affects some unknown processing of the file /processlogin.php. The manipulation of the argument usernm leads to sql injection. The attack may be initiated remotely. The exploit has been...

CVE-2025-0298 code-projects Online Book Shop process_login.php sql injection

A vulnerability was found in code-projects Online Book Shop 1.0. It has been rated as critical. This issue affects some unknown processing of the file /processlogin.php. The manipulation of the argument usernm leads to sql injection. The attack may be initiated remotely. The exploit has been...

CBL Mariner 2.0 Security Update: kernel (CVE-2010-0298)

The version of kernel installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2010-0298 advisory. - The x86 emulator in KVM 83 does not use the Current Privilege Level CPL and I/O Privilege Level IOPL in...

CVE-2010-0298 affecting package kernel for versions less than 6.6.35.1-1

CVE-2010-0298 affecting package kernel for versions less than 6.6.35.1-1. A patched version of the package is available...

Photon OS 4.0: Nodejs PHSA-2022-4.0-0298

An update of the nodejs package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2022-4.0-0298. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

CVE-2024-39351

A vulnerability regarding improper neutralization of special elements used in an OS command 'OS Command Injection' is found in the NTP configuration. This allows remote authenticated users with administrator privileges to execute arbitrary commands via unspecified vectors. The following models wi...

CVE-2023-47803

A vulnerability regarding improper limitation of a pathname to a restricted directory 'Path Traversal' is found in the Language Settings functionality. This allows remote attackers to read specific files containing non-sensitive information via unspecified vectors. The following models with...

CVE-2024-0298

creationtimestamp| type| source ---|---|--- 2024-01-08 06:27:09+00:00| seen| https://t.me/ctinow/164211 2024-01-11 19:31:47+00:00| seen| https://t.me/ctinow/166749 2024-01-25 09:11:58+00:00| seen| https://t.me/ctinow/173332...

CVE-2024-0298

The CVE-2024-0298 entry describes a command-injection vulnerability in Totolink N200RE (version 9.3.5u.6139_B20201216) affecting the /cgi-bin/cstecgi.cgi endpoint. Input parameter ip in setDiagnosisCfg can be manipulated to execute OS commands, with remote exploitation described as possible. Publ...

CVE-2024-0298 Totolink N200RE cstecgi.cgi setDiagnosisCfg os command injection

A vulnerability was found in Totolink N200RE 9.3.5u.6139B20201216. It has been classified as critical. Affected is the function setDiagnosisCfg of the file /cgi-bin/cstecgi.cgi. The manipulation of the argument ip leads to os command injection. It is possible to launch the attack remotely. The...

Mageia: Security Advisory (MGASA-2023-0298)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Cisco FXOS Software and UCS Fabric Interconnect Web UI Denial of Service (CVE-2018-0298)

A vulnerability in the web UI of Cisco FXOS and Cisco UCS Fabric Interconnect Software could allow an unauthenticated, remote attacker to cause a buffer overflow on an affected system. The vulnerability is due to incorrect input validation in the web UI. An attacker could exploit this vulnerabili...

Debian: Security Advisory (DSA-1996-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian: Security Advisory (DSA-2010-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...