CVE-2016-10322

Synology Photo Station before 6.3-2958 allows remote authenticated guest users to execute arbitrary commands via shell metacharacters in the X-Forwarded-For HTTP header to photo/login.php...

CVE-2025-10322

A vulnerability has been found in Wavlink WL-WN578W2 221110. The affected element is an unknown function of the file /sysinit.html. The manipulation of the argument newpass/confpass leads to weak password recovery. The attack is possible to be carried out remotely. The exploit has been disclosed ...

CVE-2025-10322 Wavlink WL-WN578W2 sysinit.html password recovery

A vulnerability has been found in Wavlink WL-WN578W2 221110. The affected element is an unknown function of the file /sysinit.html. The manipulation of the argument newpass/confpass leads to weak password recovery. The attack is possible to be carried out remotely. The exploit has been disclosed ...

CVE-2025-10322

The CVE-2025-10322 entry concerns Wavlink WL-WN578W2 (firmware 221110). A flaw in /sysinit.html allows manipulation of the newpass/confpass parameter due to improper privilege handling, enabling weak password recovery. Exploitation is described as remote and publicly disclosed, with PoC activity ...

Linux Distros Unpatched Vulnerability : CVE-2018-10322

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The xfsdinodeverify function in fs/xfs/libxfs/xfsinodebuf.c in the Linux kernel through 4.16.3 allows local users to cause a denial of service...

CVE-2024-10322

creationtimestamp| type| source ---|---|--- 2025-02-12 12:35:36+00:00| seen| https://infosec.exchange/users/cve/statuses/113990941775308867 2025-02-12 13:15:38+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhyaygkedt2x 2025-02-14 10:04:59+00:00| seen|...

CVE-2024-10322 Brizy – Page Builder <= 2.6.8 - Authenticated (Author+) Stored Cross-Site Scripting via SVG File Upload

The Brizy – Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via REST API SVG File uploads in all versions up to, and including, 2.6.8 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Author-level...

SUSE CVE-2018-10322

The xfsdinodeverify function in fs/xfs/libxfs/xfsinodebuf.c in the Linux kernel through 4.16.3 allows local users to cause a denial of service xfsilockattrmapshared invalid pointer dereference via a crafted xfs image...

USN-4578-1: Linux kernel vulnerabilities | Cloud Foundry

Severity High Vendor Canonical Ubuntu Versions Affected Canonical Ubuntu 16.04 Description Hador Manor discovered that the DCCP protocol implementation in the Linux kernel improperly handled socket reuse, leading to a use-after-free vulnerability. A local attacker could use this to cause a denial...

Ubuntu: Security Advisory (USN-4579-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Ubuntu 16.04 LTS : Linux kernel vulnerabilities (USN-4579-1)

The remote Ubuntu 16.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-4579-1 advisory. Hadar Manor discovered that the DCCP protocol implementation in the Linux kernel improperly handled socket reuse, leading to a use-after-free...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1226)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Huawei EulerOS: Security Advisory for kernel (EulerOS-SA-2019-1076)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Jenkins Artifactory Plugin information disclosure vulnerability

Summary An exploitable information disclosure vulnerability exists in the testConnection endpoint of the Jenkins Artifactory Plugin 3.2.0 and 3.2.1. As a result of this vulnerability a crafted HTTP request from a user with Overall/Read permissions - such as an anonymous user, if enabled - can cau...

CVE-2019-10322

A missing permission check in Jenkins Artifactory Plugin 3.2.2 and earlier in ArtifactoryBuilder.DescriptorImpldoTestConnection allowed users with Overall/Read access to connect to an attacker-specified URL using attacker-specified credentials IDs obtained through another method, capturing...

CVE-2019-10322

CVE-2019-10322 affects the Jenkins Artifactory Plugin (3.2.2 and earlier). The vulnerability is due to a missing permission check in the ArtifactoryBuilder.doTestConnection endpoint, allowing any user with Overall/Read access to connect to an attacker-controlled URL using attacker-provided creden...

EulerOS Virtualization 3.0.1.0 : kernel (EulerOS-SA-2019-1507)

According to the versions of the kernel packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The Linux kernel has an undefined behavior when an argument of INTMIN is passed to the kernel/signal.c:killsomethinginfo function...

EulerOS 2.0 SP5 : kernel (EulerOS-SA-2019-1076)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A security flaw was found in the ipfragreasm function in net/ipv4/ipfragment.c in the Linux kernel which can cause a later system crash in...

Photon OS 1.0: Linux PHSA-2018-1.0-0169

An update of the linux package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2018-1.0-0169. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid121868...

Oracle Linux 7 : Unbreakable Enterprise kernel (ELSA-2019-4509)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2019-4509 advisory. - KVM: X86: Fix scan ioapic use-before-initialization Wanpeng Li Orabug: 29026132 CVE-2018-19407 - ALSA: usb-audio: Fix UAF decrement if card has no li...