CVE-2023-44409

D-Link DAP-1325 SetSetupWizardStatus Enabled Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this...

CVE-2023-44409

D-Link DAP-1325 SetSetupWizardStatus Enabled Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this...

CVE-2023-44409 D-Link DAP-1325 SetSetupWizardStatus Enabled Stack-based Buffer Overflow Remote Code Execution Vulnerability

D-Link DAP-1325 SetSetupWizardStatus Enabled Stack-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1325 routers. Authentication is not required to exploit this...

CVE-2023-44409

Summary: CVE-2023-44409 affects the D-Link DAP-1325, where the HNAP1 SOAP endpoint mishandles XML data, failing to validate data length before copying into a fixed-size stack buffer. This causes a stack-based overflow that can allow a network-adjacent attacker to execute code with root privileges...

CVE-2019-18838

creationtimestamp| type| source ---|---|--- 2024-03-12 08:41:44+00:00| seen| https://t.me/ctinow/205371...

SUSE CVE-2019-18838

An issue was discovered in Envoy 1.12.0. Upon receipt of a malformed HTTP request without a Host header, it sends an internally generated "Invalid request" response. This internally generated response is dispatched through the configured encoder filter chain before being sent to the client. An...

Photon OS 1.0: Envoy PHSA-2020-1.0-0290

An update of the envoy package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2020-1.0-0290. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid136105...

Photon OS 2.0: Envoy PHSA-2020-2.0-0229

An update of the envoy package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2020-2.0-0229. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid135867...

CVE-2017-18838

creationtimestamp| type| source ---|---|--- 2020-04-20 23:29:07+00:00| seen| https://t.me/cibsecurity/11420...

CVE-2017-18838

Certain NETGEAR devices are affected by privilege escalation. This affects M4300-28G before 12.0.2.15, M4300-52G before 12.0.2.15, M4300-28G-POE+ before 12.0.2.15, M4300-52G-POE+ before 12.0.2.15, M4300-8X8F before 12.0.2.15, M4300-12X12F before 12.0.2.15, M4300-24X24F before 12.0.2.15, M4300-24X...

CVE-2017-18838

NETGEAR M4300/M4200 series switches are affected by privilege escalation before version 12.0.2.15. The provided documents list affected models but do not specify the vulnerable component, root cause, or exact patch/remediation details. Corroborating entries from Red Hat, CNVD, and CVE lists confi...

CVE-2019-18838

An issue was discovered in Envoy 1.12.0. Upon receipt of a malformed HTTP request without a Host header, it sends an internally generated "Invalid request" response. This internally generated response is dispatched through the configured encoder filter chain before being sent to the client. An...

CVE-2019-18838

CVE-2019-18838 affects Envoy 1.12.0. A malformed HTTP request without a Host header causes an internally generated “Invalid request” response to be processed through the encoder filter chain; an encoder filter that accesses a request’s Host header can trigger a NULL pointer dereference, leading t...

NetData < 1.11.0 Multiple Vulnerabilities

NetData is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:my-netdata:netdata"; ifdescription...

CVE-2018-18838

CVE-2018-18838 affects Netdata 1.10.0 and is a log injection vulnerability reachable via a %0a sequence in the url parameter to api/v1/registry. The CVSS:3.0 base is 7.5 (HIGH) with network access and no authentication; integrity impact is HIGH, confidentiality/availability are none. Public advis...