CVE-2025-11355 UTT 1250GW aspChangeChannel strcpy buffer overflow

A vulnerability has been found in UTT 1250GW up to v2v3.2.2-200710. Affected by this vulnerability is the function strcpy of the file /goform/aspChangeChannel. The manipulation of the argument pvid leads to buffer overflow. It is possible to initiate the attack remotely. The exploit has been...

CVE-2019-11355

An issue was discovered in Poly formerly Polycom HDX 3.1.13. A feature exists that allows the creation of a server / client certificate, or the upload of the user certificate, on the administrator's page. The value received from the user is the factor value of a shell script on the equipment. By...

CVE-2024-11355

creationtimestamp| type| source ---|---|--- 2024-11-22 05:58:28+00:00| seen| https://infosec.exchange/users/cve/statuses/113525070780251396...

WordPress Ultimate YouTube Video & Shorts Player With Vimeo Plugin <= 3.3 is vulnerable to Broken Access Control

Software Ultimate YouTube Video & Shorts Player With Vimeo Type Plugin Vulnerable versions = 3.3 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2024-11355 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID a6927e0e3cdf Credits...

CVE-2020-11355

This CVE entry is rejected/not used and does not represent an active vulnerability.

CVE-2020-11355

...

SUSE: Security Advisory (SUSE-SU-2018:2412-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2018:2891-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CVE-2020-27866

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6020, R6080, R6120, R6220, R6260, R6700v2, R6800, R6900v2, R7450, JNR3210, WNR2020, Nighthawk AC2100, and Nighthawk AC2400 routers. Authentication is not required to exploit this...

Authentication flaw

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6020, R6080, R6120, R6220, R6260, R6700v2, R6800, R6900v2, R7450, JNR3210, WNR2020, Nighthawk AC2100, and Nighthawk AC2400 routers. Authentication is not required to exploit this...

CVE-2020-27866

This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R6020, R6080, R6120, R6220, R6260, R6700v2, R6800, R6900v2, R7450, JNR3210, WNR2020, Nighthawk AC2100, and Nighthawk AC2400 routers. Authentication is not required to exploit this...

CVE-2019-11355

Affected software: Polycom HDX 3.1.13. Vulnerability: command injection via a crafted CSR field on the administrator page, where the user-provided value is treated as a shell-script factor value; inserting characters (e.g., a single quote) can cause arbitrary system commands to be executed. Root ...

SUSE SLES12 Security Update : wireshark (SUSE-SU-2018:2891-2)

This update for wireshark to version 2.4.9 fixes the following issues : Wireshark was updated to 2.4.9 bsc1094301, bsc1106514. Security issues fixed : CVE-2018-16058: Bluetooth AVDTP dissector crash wnpa-sec-2018-44 CVE-2018-16056: Bluetooth Attribute Protocol dissector crash wnpa-sec-2018-45...

Wireshark 2.6.x < 2.6.1 Multiple Vulnerabilities

The version of Wireshark installed on the remote Windows host is prior to 2.6.1. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-2.6.1 advisory. - In Wireshark 2.6.0, 2.4.0 to 2.4.6, and 2.2.0 to 2.2.14, the LDSS dissector could crash. This was addressed in...

[ASA-201805-23] wireshark-qt: multiple issues

Arch Linux Security Advisory ASA-201805-23 ========================================== Severity: Critical Date : 2018-05-25 CVE-ID : CVE-2018-11354 CVE-2018-11355 CVE-2018-11356 CVE-2018-11357 CVE-2018-11358 CVE-2018-11359 CVE-2018-11360 CVE-2018-11361 CVE-2018-11362 Package : wireshark-qt Type :...

[ASA-201805-25] wireshark-cli: multiple issues

Arch Linux Security Advisory ASA-201805-25 ========================================== Severity: Critical Date : 2018-05-25 CVE-ID : CVE-2018-11354 CVE-2018-11355 CVE-2018-11356 CVE-2018-11357 CVE-2018-11358 CVE-2018-11359 CVE-2018-11360 CVE-2018-11361 CVE-2018-11362 Package : wireshark-cli Type :...

[ASA-201805-24] wireshark-common: multiple issues

Arch Linux Security Advisory ASA-201805-24 ========================================== Severity: Critical Date : 2018-05-25 CVE-ID : CVE-2018-11354 CVE-2018-11355 CVE-2018-11356 CVE-2018-11357 CVE-2018-11358 CVE-2018-11359 CVE-2018-11360 CVE-2018-11361 CVE-2018-11362 Package : wireshark-common Typ...

[ASA-201805-22] wireshark-gtk: multiple issues

Arch Linux Security Advisory ASA-201805-22 ========================================== Severity: Critical Date : 2018-05-25 CVE-ID : CVE-2018-11354 CVE-2018-11355 CVE-2018-11356 CVE-2018-11357 CVE-2018-11358 CVE-2018-11359 CVE-2018-11360 CVE-2018-11361 CVE-2018-11362 Package : wireshark-gtk Type :...

Security fix for the ALT Linux 9 package wireshark version 2.6.1-alt1

May 24, 2018 Anton Farygin 2.6.1-alt1 - 2.6.1 fixes: CVE-2018-11359, CVE-2018-11361, CVE-2018-11358, CVE-2018-11360, CVE-2018-11356, CVE-2018-11357, CVE-2018-11355, CVE-2018-11354, CVE-2018-11362...

CVE-2018-11355

CVE-2018-11355 affects Wireshark 2.6.0 where the RTCP dissector could crash due to a buffer overflow while processing RTCP packet status chunks. The fix was implemented in epan/dissectors/packet-rtcp.c to prevent the overflow. Upgrading to a patched release (e.g., Wireshark 2.6.1 or later as cite...