CVE-2020-7847

The ipTIME NAS product allows an arbitrary file upload vulnerability in the Manage Bulletins/Upload feature, which can be leveraged to gain remote code execution. This issue affects: pTIME NAS 1.4.36...

MAL-2025-49319 Malicious code in web3-1-4 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f8b0f3301c4d4556f7e8700121e0fa272e12f9fa0f75868720564356cdde51ed The package web3-1-4 was found to contain malicious code. Source: ossf-package-analysis...

Malicious code in web3-1-4 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f8b0f3301c4d4556f7e8700121e0fa272e12f9fa0f75868720564356cdde51ed The package web3-1-4 was found to contain malicious code. Source: ossf-package-analysis...

CVE-2024-46897

Incorrect permission assignment for critical resource issue exists in Exment v6.1.4 and earlier and Exment v5.0.11 and earlier. A logged-in user with the permission of table management may obtain and/or alter the information of the unauthorized table...

1-4-all.net Improper Access Control vulnerability OBB-3850102

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

AZL-10401 CVE-2022-36879 affecting package kernel for versions less than 5.15.67.1-4

An issue was discovered in the Linux kernel through 5.18.14. xfrmexpandpolicies in net/xfrm/xfrmpolicy.c can cause a refcount to be dropped twice...

Debian: Security Advisory (DLA-2878-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

ai.hyacinth.framework:core-service-admin-server (>=0.5.0 <=0.5.24), ai.hyacinth.framework:core-service-discovery-server (>=0.5.0 <=0.5.24) +5661 more potentially affected by CVE-2021-21351 via com.thoughtworks.xstream:xstream (>=1.1.1 <=1.4.15)

com.thoughtworks.xstream:xstream MAVEN version =1.1.1, =0.5.0, =0.5.0, =0.5.0, =0.5.0, =0.5.0, =j8.2.2.0, =Finchley.SR4, =1.0.0.RELEASE, =1.1.0.RELEASE, =1.0.0.RELEASE, =1.1.1.RELEASE, =0.3.3, =0.4.0, =0.4.2 and more Source cves: CVE-2021-21351 Source advisory: OSV:GHSA-HRCP-8F3Q-4W2C...

Cisco 7937G Denial Of Service / Privilege Escalation

Exploit Title: Cisco 7937G 1-4-5-7 - DoS/Privilege Escalation Date: 2020-08-10 Exploit Author: Cody Martin Vendor Homepage: https://cisco.com Version: =SIP-1-4-5-7 Tested On: SIP-1-4-5-5, SIP-1-4-5-7 !/usr/bin/python import sys import getopt import requests import paramiko import socket import os...

Cisco 7937G - DoS/Privilege Escalation Exploit

Exploit Title: Cisco 7937G 1-4-5-7 - DoS/Privilege Escalation Exploit Author: Cody Martin Vendor Homepage: https://cisco.com Version: =SIP-1-4-5-7 Tested On: SIP-1-4-5-5, SIP-1-4-5-7 !/usr/bin/python import sys import getopt import requests import paramiko import socket import os def mainargv:...

Cisco 7937G - DoS/Privilege Escalation

Exploit Title: Cisco 7937G 1-4-5-7 - DoS/Privilege Escalation Date: 2020-08-10 Exploit Author: Cody Martin Vendor Homepage: https://cisco.com Version: =SIP-1-4-5-7 Tested On: SIP-1-4-5-5, SIP-1-4-5-7 !/usr/bin/python import sys import getopt import requests import paramiko import socket import os...

Cisco 7937G Denial of Service Vulnerability

The Cisco 7937G is an online conferencing endpoint device from Cisco USA. A security vulnerability exists in the Cisco 7937G versions 1-4-4-0 through 1-4-5-7. An attacker could exploit the vulnerability to cause a denial of service...

CVE-2020-16139

A denial-of-service in Cisco Unified IP Conference Station 7937G 1-4-4-0 through 1-4-5-7 allows attackers restart the device remotely through sending specially crafted packets. Note: We cannot prove this vulnerability exists. Out of an abundance of caution, this CVE is being assigned to better...

Cisco 7937G Input Validation Error Vulnerability

The Cisco 7937G is an online conferencing endpoint device from Cisco USA. A security vulnerability exists in the Cisco 7937G versions 1-4-4-0 through 1-4-5-7. An attacker could exploit the vulnerability to cause a denial of service...

Cisco 7937G Privilege Escalation

Exploit Title: Cisco 7937G Prvilege Escalation MSF Module Date: 2020-08-10 Exploit Author: Cody Martin Vendor Homepage: https://cisco.com Version: ', 'type': 'cve', 'ref': '2020-', 'type': 'edb', 'ref': '' , 'type': 'singlescanner', 'options': 'rhost': 'type': 'address', 'description': 'Target...

PT-2020-14769 · Cisco · Cisco Unified Ip Conference Station 7937G

Name of the Vulnerable Software and Affected Versions: Cisco Unified IP Conference Station 7937G versions 1-4-4-0 through 1-4-5-7 Description: A privilege escalation issue allows attackers to reset the credentials for the SSH administrative console to arbitrary values. The product is end of life...

Apple Security Update: watchOS 5.3.8

Apple recommends to install security update watchOS 5.3.8 on devices Apple Watch Series 1, 2, 3, and 4...

Nanjing Mapu Technology Co. Pocket University 1+4 Universal Program has a flawed logic vulnerability

Nanjing Mapu Technology Co. Pocket University 1+4 Universal Program is comprehensive mobile application service app. A logic flaw vulnerability exists in the Pocket University 1+4 Universal Program of Nanjing Mapu Technology Co. An attacker can exploit the vulnerability to obtain sensitive...

Android Studio 1-4 & 2.3.3 - Buffer Overflow Vulnerability

Document Title: =============== Android Studio 1-4 & 2.3.3 - Buffer Overflow Vulnerability References: =========== https://www.vulnerability-lab.com/getcontent.php?id=2092 Video: https://www.youtube.com/watch?v=cdXChK64WLc Release Date: ============= 2017-08-30 Vulnerability Laboratory ID VL-ID:...

AZL-6885 CVE-2015-4646 affecting package squashfs-tools for versions less than 4.5-1

1 unsquash-1.c, 2 unsquash-2.c, 3 unsquash-3.c, and 4 unsquash-4.c in Squashfs and sasquatch allow remote attackers to cause a denial of service application crash via a crafted input...