Lucene search
+L

82 matches found

Cvelist
Cvelist
added 2023/06/12 12:0 a.m.36 views

CVE-2023-33626

D-Link DIR-600 Hardware Version B5, Firmware Version 2.18 was discovered to contain a stack overflow via the gena.cgi binary...

9.9AI score0.01531EPSS
Exploits1References3
CVE
CVE
added 2023/06/12 12:0 a.m.171 views

CVE-2023-33626

CVE-2023-33626 affects D-Link DIR-600 hardware version B5 with firmware 2.18, due to a stack overflow in the binary gena.cgi . Several sources describe a boundary/overflow condition in gena.cgi that can allow a remote attacker to potentially execute arbitrary code or cause denial of service. The ...

9.8CVSS9.6AI score0.01531EPSS
Exploits1References3Affected Software1
Vulnrichment
Vulnrichment
added 2023/06/12 12:0 a.m.9 views

CVE-2023-33626

D-Link DIR-600 Hardware Version B5, Firmware Version 2.18 was discovered to contain a stack overflow via the gena.cgi binary...

8.1AI score0.01531EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2023/06/12 12:0 a.m.7 views

PT-2023-3742 · D Link · D-Link Dir-600

Name of the Vulnerable Software and Affected Versions: D-Link DIR-600 Hardware Version B5, Firmware Version 2.18 Description: The issue is related to a stack overflow in the gena.cgi binary, which can be exploited by a remote attacker to elevate privileges and execute arbitrary commands. This is ...

9.8CVSS8.2AI score0.01531EPSS
Exploits1References6
Prion
Prion
added 2023/02/20 5:15 p.m.13 views

Cross site scripting

A vulnerability was found in meta4creations Post Duplicator Plugin 2.18 on WordPress. It has been classified as problematic. Affected is the function mtphrpostduplicatornotice of the file includes/notices.php. The manipulation of the argument post-duplicated leads to cross site scripting. It is...

5.8CVSS6.5AI score0.00633EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2022/10/27 12:0 a.m.7 views

PT-2022-20404 · Google · Flutter +1

Name of the Vulnerable Software and Affected Versions: Dart versions prior to 2.18 Flutter versions prior to 3.30 Description: The implementation of backslash parsing in the Dart URI class differs from the WhatWG URL standards, as it uses the RFC 3986 syntax. This creates incompatibilities with t...

9.8CVSS9.5AI score0.00867EPSS
Exploits0References5
OSV
OSV
added 2022/08/17 9:15 p.m.6 views

CVE-2022-35147

DoraCMS v2.18 and earlier allows attackers to bypass login authentication via a crafted HTTP request...

9.8CVSS5.8AI score0.01256EPSS
Exploits1References1
NVD
NVD
added 2022/07/28 12:15 a.m.27 views

CVE-2022-34009

Fossil 2.18 on Windows allows attackers to cause a denial of service daemon crash via an XSS payload in a ticket. This occurs because the ticket data is stored in a temporary file, and the product does not properly handle the absence of this file after Windows Defender has flagged it as malware...

5.5CVSS0.0035EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2022/07/28 12:15 a.m.25 views

CVE-2022-34009

Fossil 2.18 on Windows allows attackers to cause a denial of service daemon crash via an XSS payload in a ticket. This occurs because the ticket data is stored in a temporary file, and the product does not properly handle the absence of this file after Windows Defender has flagged it as malware...

5.5CVSS6.1AI score0.0035EPSS
Exploits1References3
Prion
Prion
added 2022/07/28 12:15 a.m.13 views

Cross site scripting

Fossil 2.18 on Windows allows attackers to cause a denial of service daemon crash via an XSS payload in a ticket. This occurs because the ticket data is stored in a temporary file, and the product does not properly handle the absence of this file after Windows Defender has flagged it as malware...

1.9CVSS5.2AI score0.0035EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2022/07/27 11:23 p.m.31 views

CVE-2022-34009

Fossil 2.18 on Windows allows attackers to cause a denial of service daemon crash via an XSS payload in a ticket. This occurs because the ticket data is stored in a temporary file, and the product does not properly handle the absence of this file after Windows Defender has flagged it as malware...

5.5AI score0.0035EPSS
Exploits1References2
Debian CVE
Debian CVE
added 2022/07/27 11:23 p.m.76 views

CVE-2022-34009

Fossil 2.18 on Windows allows attackers to cause a denial of service daemon crash via an XSS payload in a ticket. This occurs because the ticket data is stored in a temporary file, and the product does not properly handle the absence of this file after Windows Defender has flagged it as malware...

5.5CVSS5.3AI score0.0035EPSS
Exploits1
CVE
CVE
added 2020/04/14 10:50 p.m.517 views

CVE-2020-5260

CVE-2020-5260 affects Git by newline-injection in the credential helper protocol, enabling a crafted URL to exfiltrate credentials from one host to another. Affected Git releases were patched in April 2020; fixes are in 2.17.4, 2.18.3, 2.19.4, 2.20.3, 2.21.2, 2.22.3, 2.23.2, 2.24.2, 2.25.3, 2.26....

9.3CVSS7.2AI score0.10047EPSS
Exploits2References19Affected Software2
CNVD
CNVD
added 2019/01/11 12:0 a.m.4 views

CloudBees Jenkins Job Config History Plugin Cross-Site Scripting Vulnerability

CloudBees Jenkins formerly known as Hudson Labs is a set of Java-based continuous integration tools , which is mainly used to monitor the continuous software version of the release/testing project and a number of timed tasks . Job Config History Plugin is used in one of the plug-in to save a copy...

6.1CVSS6.2AI score0.00842EPSS
Exploits0References1
0day.today
0day.today
added 2017/04/11 12:0 a.m.67 views

Proxifier for Mac 2.17 / 2.18 - Privelege Escalation Exploit

Exploit for macOS platform in category local exploits Source: https://m4.rkw.io/blog/cve20177643-local-root-privesc-in-proxifier-for-mac--218.html Proxifier 2.18 also 2.17 and possibly some earlier version ships with a KLoader binary which it installs suid root the first time Proxifier is run. Th...

7.2CVSS7.4AI score0.00965EPSS
Exploits8
CERT
CERT
added 2015/01/28 12:0 a.m.123 views

GNU C Library (glibc) __nss_hostname_digits_dots() function vulnerable to buffer overflow

Overview The nsshostnamedigitsdots function of the GNU C Library glibc allows a buffer overflow condition in which arbitrary code may be executed. This vulnerability has been assigned CVE-2015-0235, and is referred to in the media by the name "GHOST". Description According to Qualys, the...

10CVSS8.2AI score0.94859EPSS
Exploits29References2
Packet Storm
Packet Storm
added 2015/01/27 12:0 a.m.221 views

Qualys Security Advisory - glibc gethostbyname Buffer Overflow

Qualys Security Advisory CVE-2015-0235 GHOST: glibc gethostbyname buffer overflow -- Contents ---------------------------------------------------------------- 1 - Summary 2 - Analysis 3 - Mitigating factors 4 - Case studies 5 - Exploitation 6 - Acknowledgments -- 1 - Summary...

10CVSS0.3AI score0.94859EPSS
Exploits29
Positive Technologies
Positive Technologies
added 2015/01/27 12:0 a.m.17 views

PT-2015-1000

Name of the Vulnerable Software and Affected Versions glibc versions 2.2 through 2.17 Description The issue is related to a heap-based buffer overflow in the nss hostname digits dots function in glibc, which can be exploited via the gethostbyname or gethostbyname2 functions. This vulnerability ma...

10CVSS9.3AI score0.99998EPSS
Exploits302References440
exploitpack
exploitpack
added 2015/01/05 7:8 p.m.40 views

CoolPlayer-2.18-DEP-Bypass

Tested on: Windows XP SP3 running in Virtualbox Uses SetProcessDEPPolicy to disable DEP for the process Thanks to mrme for the encouragement Exploit-DB Notes: May not work on all Win XP SP3 machines windows/exec calc.exe 227 bytes - 240 bytes of shellcode space available shellcode =...

7.3AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2014/08/29 12:0 a.m.33 views

Fedora 20 : glibc-2.18-14.fc20 (2014-9824)

Locale names, including those obtained from environment variables LANG and the LC variables, are more tightly checked for proper syntax. setlocale will now fail with EINVAL for locale names that are overly long, contain slashes without starting with a slash, or contain '..' path components...

7.5CVSS8.1AI score0.18099EPSS
Exploits4References5
Rows per page
Query Builder