CVE-2021-0581

In wifi driver, there is a possible out of bounds read due to a missing bounds check. This could lead to remote information disclosure to a proximal attacker with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroi...

CVE-2026-0581

creationtimestamp| type| source ---|---|--- 2026-01-05 10:02:34+00:00| published-proof-of-concept| Telegram/UCM3N0VAiIL0X9q05DMaRnnlz6r5GWtUQVOA9u8gPZf080...

CVE-2026-0581 Tenda AC1206 httpd BehaviorManager formBehaviorManager command injection

A vulnerability was determined in Tenda AC1206 15.03.06.23. Affected by this issue is the function formBehaviorManager of the file /goform/BehaviorManager of the component httpd. Executing a manipulation of the argument modulename/option/data/switch can lead to command injection. The attack can b...

TencentOS Server 4: glibc (TSSA-2024:0581)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0581 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

CVE-2025-0581

A vulnerability classified as problematic has been found in CampCodes School Management Software 1.0. This affects an unknown part of the file /chat/group/send of the component Chat History. The manipulation of the argument message leads to cross site scripting. It is possible to initiate the...

CVE-2025-0581

CVE-2025-0581 affects CampCodes School Management Software v1.0, specifically the /chat/group/send endpoint in the Chat History component. The root cause is manipulation of the message parameter enabling cross-site scripting (XSS), with remote exploitation and a publicly disclosed exploit. Severa...

CVE-2024-0581

creationtimestamp| type| source ---|---|--- 2024-02-06 08:41:14+00:00| seen| https://t.me/ctinow/179832...

CVE-2024-0581 Uncontrolled Resource Consumption vulnerability on Sandsprite scdbg

An Uncontrolled Resource Consumption vulnerability has been found on Sandsprite Scdbg.exe, affecting version 1.0. This vulnerability allows an attacker to send a specially crafted shellcode payload to the '/foff' parameter and cause an application shutdown. A malware program could use this...

CVE-2024-0581

CVE-2024-0581—Sandsprite Scdbg.exe (version 1.0) shows an Uncontrolled Resource Consumption vulnerability where a crafted payload sent to the “/foff” parameter can cause the application to shut down. The issue is manifested in Sandsprite Scdbg.exe’s handling of the parameter, enabling a local att...

CVE-2024-0581 Uncontrolled Resource Consumption vulnerability on Sandsprite scdbg

An Uncontrolled Resource Consumption vulnerability has been found on Sandsprite Scdbg.exe, affecting version 1.0. This vulnerability allows an attacker to send a specially crafted shellcode payload to the '/foff' parameter and cause an application shutdown. A malware program could use this...

Amazon Linux 2023 : wireshark-cli, wireshark-devel (ALAS2023-2023-038)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-038 advisory. A NULL pointer exception flaw was found in Wireshark. A process failure on crafted or malformed input in the IPPUSB dissector can cause a denial of service via a packet injection or a crafted...

SUSE CVE-2014-0581

Adobe Flash Player before 13.0.0.252 and 14.x and 15.x before 15.0.0.223 on Windows and OS X and before 11.2.202.418 on Linux, Adobe AIR before 15.0.0.356, Adobe AIR SDK before 15.0.0.356, and Adobe AIR SDK & Compiler before 15.0.0.356 allow attackers to execute arbitrary code or cause a denial o...

SUSE CVE-2022-0581

Crash in the CMS protocol dissector in Wireshark 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allows denial of service via packet injection or crafted capture file...

WordPress PrivateContent Plugin <= 8.4.3 is vulnerable to Bypass Vulnerability

Software PrivateContent Type Plugin Vulnerable versions = 8.4.3 Fixed in 8.4.4 OWASP Top 10 A5: Broken Access Control Classification Bypass Vulnerability CVE CVE-2023-0581 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 8c5077753b61 Credits Riccardo Granata Required...

CVE-2023-0581

creationtimestamp| type| source ---|---|--- 2023-01-30 18:36:13+00:00| seen| https://t.me/cibsecurity/57166...

CVE-2023-0581

The PrivateContent plugin for WordPress is vulnerable to protection mechanism bypass due to the use of client side validation in versions up to, and including, 8.4.3. This is due to the plugin checking if an IP had been blocklist via client-side scripts rather than server-side. This makes it...

CVE-2023-0581

CVE-2023-0581 affects the PrivateContent WordPress plugin (up to version 8.4.3). Root cause: login protection relies on client-side validation to determine blocklisted IPs, allowing unauthenticated bypass of login restrictions. Impact is the potential to brute-force login bypass. Mitigation: upda...

Amazon Linux 2022 : wireshark (ALAS2022-2022-226)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-226 advisory. - NULL pointer exception in the IPPUSB dissector in Wireshark 3.4.0 to 3.4.9 allows denial of service via packet injection or crafted capture file CVE-2021-39920 - NULL pointer exception in the...

Security Bulletin: IBM Business Process Manager (BPM) Vulnerable URLs (CVE-2013-0581)

Abstract When a dashboard is opened or a service is executed, a malicious attacker can intercept network requests from the client. Then, the attacker can modify the URL parameters of the request so that malicious code can be executed within the client browser. Content VULNERABILITY DETAILS:...

Debian DLA-2967-1 : wireshark - LTS security update

The remote Debian 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-2967 advisory. Multiple security vulnerabilities have been discovered in Wireshark, a network traffic analyzer. An attacker could cause a denial of service infinite loop or...