Lucene search
+L

62 matches found

Cvelist
Cvelist
added 2019/03/19 6:51 p.m.39 views

CVE-2019-6273

downloadfile in GL.iNet GL-AR300M-Lite devices with firmware 2.27 allows remote attackers to download arbitrary files...

7.2AI score0.11535EPSS
Exploits4References2
CVE
CVE
added 2019/03/19 6:44 p.m.71 views

CVE-2019-6272

GL-AR300M-Lite devices (firmware 2.27) are affected by CVE-2019-6272 due to a vulnerability in login_cgi that enables authenticated command injection, potentially allowing arbitrary code execution. The issue is triggered after an attacker with prior login access sends crafted requests to login_cg...

8.8CVSS9AI score0.12537EPSS
Exploits4References2Affected Software1
Cvelist
Cvelist
added 2019/03/19 6:44 p.m.36 views

CVE-2019-6272

Command injection vulnerability in logincgi in GL.iNet GL-AR300M-Lite devices with firmware 2.27 allows remote attackers to execute arbitrary code...

9.1AI score0.12537EPSS
Exploits4References2
CNVD
CNVD
added 2019/01/18 12:0 a.m.9 views

GL-AR300M-Lite Arbitrary File Download Vulnerability

The GL-AR300M-Lite is a smart wireless router. An arbitrary file download vulnerability exists in GL-AR300M-Lite version 2.27, which can be exploited by attackers to download arbitrary files...

6.5CVSS7AI score0.11535EPSS
Exploits4References1
CNVD
CNVD
added 2019/01/18 12:0 a.m.6 views

GL-AR300M-Lite Path Traversal Vulnerability

The GL-AR300M-Lite is a smart wireless router. A directory traversal vulnerability exists in GL-AR300M-Lite version 2.27. An attacker can exploit this vulnerability to have an indeterminate impact via a directory traversal sequence...

8.8CVSS7AI score0.11239EPSS
Exploits4References1
exploitpack
exploitpack
added 2019/01/16 12:0 a.m.29 views

GL-AR300M-Lite 2.27 - (Authenticated) Command Injection Arbitrary File Download Directory Traversal

GL-AR300M-Lite 2.27 - Authenticated Command Injection Arbitrary File Download Directory Traversal Exploit Title: GL-AR300M-Lite Authenticated Command injection - Arbitrary file download - Directory Traversal Date: 15/1/2019 Exploit Author: Pasquale Turi aka boombyte Vendor Homepage:...

6.5CVSS0.12537EPSS
Exploits7
Exploit DB
Exploit DB
added 2019/01/16 12:0 a.m.60 views

GL-AR300M-Lite 2.27 - (Authenticated) Command Injection / Arbitrary File Download / Directory Traversal

Exploit Title: GL-AR300M-Lite Authenticated Command injection - Arbitrary file download - Directory Traversal Date: 15/1/2019 Exploit Author: Pasquale Turi aka boombyte Vendor Homepage: https://www.gl-inet.com/ Software Link: https://www.gl-inet.com/products/gl-ar300m/ Version: Firmware version...

8.8CVSS7AI score0.12537EPSS
Exploits7
CNVD
CNVD
added 2018/06/12 12:0 a.m.5 views

S3QL Replay Attack Vulnerability

S3QL is a file system for storing online data. The system supports Amazon S3, SFTP servers, and more. A security vulnerability exists in the 'checksumbasicmapping' function in S3QL versions prior to 2.27. An attacker can exploit the vulnerability to display an old version of the metadata database...

7.5CVSS7.4AI score0.01885EPSS
Exploits1References1
Prion
Prion
added 2018/05/18 4:29 p.m.36 views

Buffer overflow

An AVX-512-optimized implementation of the mempcpy function in the GNU C Library aka glibc or libc6 2.27 and earlier may write data beyond the target buffer, leading to a buffer overflow in mempcpyavx512novzeroupper...

4.6CVSS8.7AI score0.00858EPSS
Exploits3References9Affected Software8
OSV
OSV
added 2018/05/18 4:29 p.m.27 views

CVE-2017-18269

An SSE2-optimized memmove implementation for i386 in sysdeps/i386/i686/multiarch/memcpy-sse2-unaligned.S in the GNU C Library aka glibc or libc6 2.21 through 2.27 does not correctly perform the overlapping memory check if the source memory range spans the middle of the address space, resulting in...

9.8CVSS7.1AI score
Exploits0References6
RedHat Linux
RedHat Linux
added 2018/04/10 8:47 a.m.5 views

glibc: Buffer overflow during unescaping of user names with the ~ operator

The glob function in glob.c in the GNU C Library aka glibc or libc6 before 2.27 contains a buffer overflow during unescaping of user names with the operator...

9.8CVSS7.6AI score0.02801EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2018/02/04 12:0 a.m.17 views

PT-2018-2775 · Gnu +5 · Glibc +5

Name of the Vulnerable Software and Affected Versions: glibc versions 2.27 and earlier Description: The issue is caused by an integer overflow in the mempcpy function of the glibc library, which provides system calls and basic functions. This overflow can occur when processing very long pathname...

9.8CVSS7.2AI score0.8833EPSS
Exploits59References197
OSV
OSV
added 2018/02/02 2:29 p.m.20 views

CVE-2017-14178

In snapd 2.27 through 2.29.2 the 'snap logs' command could be made to call journalctl without match arguments and therefore allow unprivileged, unauthenticated users to bypass systemd-journald's access restrictions...

7.5CVSS7.9AI score0.01757EPSS
Exploits0References3
CNVD
CNVD
added 2017/10/23 12:0 a.m.6 views

GNU C Library 'glob' function heap buffer overflow vulnerability

The GNU C Library a.k.a. glibc, libc6 is an open-source, free C language compiler released under the LGPL license. A heap buffer overflow vulnerability exists in the glob.c file 'glob' function in versions of GNU C Library prior to 2.27. A remote attacker could exploit this vulnerability to execu...

9.8CVSS8.1AI score0.02977EPSS
Exploits0References1
Prion
Prion
added 2017/10/20 5:29 p.m.28 views

Heap overflow

The GNU C Library aka glibc or libc6 before 2.27 contains an off-by-one error leading to a heap-based buffer overflow in the glob function in glob.c, related to the processing of home directories using the operator followed by a long string...

7.5CVSS9.4AI score0.02977EPSS
Exploits0References4Affected Software1
Vulnerability Lab
Vulnerability Lab
added 2015/11/22 12:0 a.m.36 views

SoundTap 2.27 - Code Execution Vulnerability

Document Title: =============== SoundTap 2.27 - Code Execution Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=1650 Release Date: ============= 2015-11-22 Vulnerability Laboratory ID VL-ID: ==================================== 1650 Common...

7.1AI score
Exploits0
0day.today
0day.today
added 2012/05/19 12:0 a.m.20 views

Vertrigoserv 2.27 Local Privilege Escalation Exploit

Exploit for windows platform in category local exploits 0day.today 2018-04-02...

6.8AI score
Exploits0
Packet Storm
Packet Storm
added 2011/08/31 12:0 a.m.34 views

IBM Open Admin Tool 2.27 Cross Site Scripting

“XSS in IBM Open Admin Tool OAT2.27installwindows.exe” Product version tested : OAT v2.27 Vendore has been informed : July 27, 2010 They fix the vulnerability on : March 2011 Fixed version: OAT v2.72 Credit : sumit kumar soni [email protected] Product Link:...

7.4AI score
Exploits0
RedHat Linux
RedHat Linux
added 2010/06/07 3:22 p.m.37 views

Moderate: Red Hat Security Advisory: perl security update

Updated perl packages that fix two security issues are now available for Red Hat Enterprise Linux 3 and 4. The Red Hat Security Response Team has rated this update as having moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give detailed severity ratings, are...

8.5CVSS6AI score0.03715EPSS
Exploits3References4
NVD
NVD
added 2008/10/07 9:11 p.m.22 views

CVE-2008-4475

ibackup 2.27 allows local users to overwrite arbitrary files via a symlink attack on temporary files...

7.2CVSS6.4AI score0.00345EPSS
Exploits0References7
Rows per page
Query Builder