CVE-2018-15631

Improper access control in the Discuss App of Odoo Community 12.0 and earlier, and Odoo Enterprise 12.0 and earlier allows remote authenticated attackers to e-mail themselves arbitrary files from the database, via a crafted RPC request...

CVE-2019-15631

Remote Code Execution vulnerability in MuleSoft Mule CE/EE 3.x and API Gateway 2.x released before October 31, 2019 allows remote attackers to execute arbitrary code...

CVE-2019-15631

creationtimestamp| type| source ---|---|--- 2024-03-05 10:12:43+00:00| seen| https://t.me/ctinow/200064...

Design/Logic Flaw

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Bentley View 10.15.0.75. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsin...

CVE-2021-46656

CVE-2021-46656 affects Bentley View 10.15.0.75. The flaw is a JT file parsing buffer overflow that can lead to remote code execution. Exploitation requires user interaction (visiting a malicious page or opening a malicious file). The issue is documented across multiple sources (e.g., ZDI-22-243, ...

CVE-2020-15631

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1860 1.04B03HOTFIX WiFi extenders. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw...

CVE-2020-15631

The CVE-2020-15631 issue affects D-Link DAP-1860 with firmware 1.04B03_HOTFIX and involves the HNAP service. The flaw occurs when parsing the SOAPAction header on port 80, where a user-supplied string is used to spawn a system call without proper validation, allowing network-adjacent attackers to...

CVE-2019-15631

CVE-2019-15631 is a remote code execution vulnerability affecting MuleSoft Mule CE/EE 3.x and API Gateway 2.x, described as exploitable to run arbitrary code by a remote attacker and linked to releases before 31 October 2019. The connected records consistently identify the affected product family...

CVE-2018-15631

Summary: CVE-2018-15631 affects the Discuss App in Odoo Community 12.0 and earlier and Odoo Enterprise 12.0 and earlier. It is caused by improper access control, enabling remote authenticated attackers to email themselves arbitrary files from the database via a crafted RPC request. The issue has ...

CVE-2017-15631

TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-workmode variable in the pptpclient.lua file...

TP-Link Remote Command Injection

Introduction: ================ The WVR-, WAR- and ER- products are the SOHO/WIFI routers of TP-Link. These issues allow remote authenticated administrators to execute arbitrary commands via command injection through different variables of different lua files. If the attacker obtains the account a...