Lucene search
+L

17 matches found

cvelist
cvelist
added 5 days ago35 views

CVE-2026-15511 Comfast CF-WR631AX V3 FastCGI Backend webmgnt system_wl_upload_pic_file os command injection

A vulnerability was determined in Comfast CF-WR631AX V3 up to 2.7.0.8. Affected by this vulnerability is the function systemwluploadpicfile of the file /usr/bin/webmgnt of the component FastCGI Backend. This manipulation of the argument filename causes os command injection. It is possible to...

10CVSS0.0269EPSS
Exploits0References5
circl
circl
added 5 days ago8 views

CVE-2026-15511

creationtimestamp| type| source ---|---|--- 2026-07-12 10:25:44+00:00| seen| https://infosec.exchange/users/vuldb/statuses/116906521019305139 2026-07-12 23:36:37+00:00| seen| https://bsky.app/profile/kriptabiz.bsky.social/post/3mqidsx7oaq2e 2026-07-12 23:51:52+00:00| seen|...

10CVSS7AI score0.0269EPSS
Exploits0References7
ptsecurity
ptsecurity
added 5 days ago15 views

PT-2026-57563

Name of the Vulnerable Software and Affected Versions Comfast CF-WR631AX V3 versions prior to 2.7.0.8 Description An OS command injection flaw exists in the FastCGI Backend component within the /usr/bin/webmgnt file. The issue occurs in the system wl upload pic file function when processing the...

10CVSS7.2AI score0.0269EPSS
Exploits0References8
redhatcve
redhatcve
added 2025/05/22 3:45 p.m.9 views

CVE-2020-15511

HashiCorp Terraform Enterprise up to v202006-1 contained a default signup page that allowed user registration even when disabled, bypassing SAML enforcement. Fixed in v202007-1...

5.3CVSS6.8AI score0.00852EPSS
Exploits0
circl
circl
added 2024/02/26 9:41 a.m.6 views

CVE-2019-15511

creationtimestamp| type| source ---|---|--- 2024-02-26 09:41:29+00:00| seen| https://t.me/ctinow/193193...

7.8CVSS7.5AI score0.00749EPSS
Exploits1References1
prion
prion
added 2022/02/18 8:15 p.m.17 views

Design/Logic Flaw

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley MicroStation CONNECT 10.16.0.80. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists...

6.8CVSS7.8AI score0.02087EPSS
Exploits0References2Affected Software3
cve
cve
added 2022/02/18 7:46 p.m.108 views

CVE-2021-46639

CVE-2021-46639 affects Bentley MicroStation CONNECT 10.16.0.80. Connected sources (ZDI-22-226 and related notices) describe an out-of-bounds write in DGN file parsing that can allow remote code execution; exploitation requires user interaction (visiting malicious page or opening a malicious file)...

7.8CVSS7.8AI score0.02087EPSS
Exploits0References2Affected Software3
hashicorp
hashicorp
added 2020/11/25 8:15 p.m.5 views

Terraform Enterprise Allowed Local Account Creation Bypassing SSO

Summary HashiCorp Terraform Enterprise up to v202006-1 contained a default signup page that allowed user registration even when disabled, bypassing SAML enforcement. This vulnerability, CVE-2020-15511, was fixed in v202007-1. Background Terraform Enterprise allowed single sign-on to be enabled vi...

5.3CVSS6.1AI score0.00852EPSS
Exploits0
nvd
nvd
added 2020/07/30 2:15 p.m.18 views

CVE-2020-15511

HashiCorp Terraform Enterprise up to v202006-1 contained a default signup page that allowed user registration even when disabled, bypassing SAML enforcement. Fixed in v202007-1...

5.3CVSS5.2AI score0.00852EPSS
Exploits0References2
osv
osv
added 2020/07/30 2:15 p.m.3 views

CVE-2020-15511

HashiCorp Terraform Enterprise up to v202006-1 contained a default signup page that allowed user registration even when disabled, bypassing SAML enforcement. Fixed in v202007-1...

5.3CVSS5.7AI score0.00852EPSS
Exploits0References2
cvelist
cvelist
added 2020/07/30 1:15 p.m.27 views

CVE-2020-15511

HashiCorp Terraform Enterprise up to v202006-1 contained a default signup page that allowed user registration even when disabled, bypassing SAML enforcement. Fixed in v202007-1...

5.2AI score0.00852EPSS
Exploits0References2
cve
cve
added 2020/07/30 1:15 p.m.47 views

CVE-2020-15511

CVE-2020-15511 affects HashiCorp Terraform Enterprise up to v202006-1. The vulnerability is a default signup page that allowed user registration even when disabled, bypassing SAML enforcement. Root cause: signup flow could be used to create accounts without proper SAML gating. Impact stated in so...

5.3CVSS5.2AI score0.00852EPSS
Exploits0References2Affected Software1
nvd
nvd
added 2019/11/21 6:15 p.m.22 views

CVE-2019-15511

An exploitable local privilege escalation vulnerability exists in the GalaxyClientService installed by GOG Galaxy. Due to Improper Access Control, an attacker can send unauthenticated local TCP packets to the service to gain SYSTEM privileges in Windows system where GOG Galaxy software is...

7.8CVSS8AI score0.00749EPSS
Exploits1References2
cve
cve
added 2019/11/21 5:47 p.m.200 views

CVE-2019-15511

CVE-2019-15511 affects the GalaxyClientService in GOG Galaxy. Root cause: faulty/improper access control enabling unauthenticated local TCP packets to be processed, allowing local privilege escalation to SYSTEM on Windows. Affected products/versions: GOG Galaxy and GalaxyClientService before 1.2....

7.8CVSS7.9AI score0.00749EPSS
Exploits1References2Affected Software1
cve
cve
added 2019/08/29 9:31 p.m.42 views

CVE-2018-15511

CVE-2018-15511 – totemomail 6.0.0 build 570 suffers a cross-site scripting (XSS) vulnerability in the Notification template feature. The description confirms an attacker can inject arbitrary web script or HTML via this feature. Connected sources (NVD/NVD-derived records, PRION/CVE lists, and EUVD...

6.1CVSS6AI score0.0103EPSS
Exploits0References1Affected Software1
githubexploit
githubexploit
added 2019/08/21 1:52 p.m.122 views

Exploit for Missing Authentication for Critical Function in Gog Galaxy

GOG Galaxy Exploit for CVE-2019-15511 usage: exploit.py -...

7.8CVSS2AI score0.00749EPSS
Exploits1
cvelist
cvelist
added 2018/01/23 5:0 p.m.7 views

CVE-2017-15511

...

Exploits0
Rows per page
Query Builder