115 matches found
MINI-6HR7-4X95-2957
Bulletin has no description...
CVE-2026-2957 qinming99 dst-admin File BackupController.java deleteBackup denial of service
A weakness has been identified in qinming99 dst-admin up to 1.5.0. This impacts the function deleteBackup of the file src/main/java/com/tugos/dst/admin/controller/BackupController.java of the component File Handler. This manipulation causes denial of service. The attack may be initiated remotely...
CVE-2026-2957 qinming99 dst-admin File BackupController.java deleteBackup denial of service
A weakness has been identified in qinming99 dst-admin up to 1.5.0. This impacts the function deleteBackup of the file src/main/java/com/tugos/dst/admin/controller/BackupController.java of the component File Handler. This manipulation causes denial of service. The attack may be initiated remotely...
EUVD-2026-2957
The GetGenie plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 4.3.0. This is due to the plugin not properly verifying that a user is authorized to delete a specific post. This makes it possible for authenticated attackers, with Author-level access a...
MiracleLinux 3 : dnsmasq-2.45-1.1.1AXS3 (AXSA:2009-389:01)
The remote MiracleLinux 3 host has a package installed that is affected by multiple vulnerabilities as referenced in the AXSA:2009-389:01 advisory. Dnsmasq is lightweight, easy to configure DNS forwarder and DHCP server. It is designed to provide DNS and, optionally, DHCP, to a small network. It...
Linux Distros Unpatched Vulnerability : CVE-2014-2957
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The dmarcprocess function in dmarc.c in Exim before 4.82.1, when EXPERIMENTALDMARC is enabled, allows remote attackers to execute arbitrary code via the From...
CVE-2010-2957
Cross-site scripting XSS vulnerability in Serendipity before 1.5.4, when "Remember me" logins are enabled, allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2006-2957
Cross-site scripting XSS vulnerability in i.List 1.5 beta and earlier allows remote attackers to inject arbitrary web script or HTML via the banurl parameter to add.php. NOTE: the provenance of this information is unknown; the details are obtained from third party information...
CVE-2025-2957
A vulnerability was found in TRENDnet TEW-411BRP+ 2.07. It has been classified as problematic. Affected is the function sub401DB0 of the file /usr/sbin/httpd of the component HTTP Request Handler. The manipulation leads to null pointer dereference. The attack can only be initiated within the loca...
CVE-2025-2957
creationtimestamp| type| source ---|---|--- 2025-03-30 19:32:28+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/9552 2025-03-30 22:00:20+00:00| seen| Telegram/D4G2y7Lt0clBHELobM9JrHHaOIOxKBHt0TACuW0rNTvIWI 2025-03-30 23:06:38+00:00| seen| https://t.me/cvedetector/21519...
CVE-2025-2957
A vulnerability was found in TRENDnet TEW-411BRP+ 2.07. It has been classified as problematic. Affected is the function sub401DB0 of the file /usr/sbin/httpd of the component HTTP Request Handler. The manipulation leads to null pointer dereference. The attack can only be initiated within the loca...
CVE-2025-2957 TRENDnet TEW-411BRP+ HTTP Request httpd sub_401DB0 null pointer dereference
A vulnerability was found in TRENDnet TEW-411BRP+ 2.07. It has been classified as problematic. Affected is the function sub401DB0 of the file /usr/sbin/httpd of the component HTTP Request Handler. The manipulation leads to null pointer dereference. The attack can only be initiated within the loca...
CVE-2025-2957 TRENDnet TEW-411BRP+ HTTP Request httpd sub_401DB0 null pointer dereference
A vulnerability was found in TRENDnet TEW-411BRP+ 2.07. It has been classified as problematic. Affected is the function sub401DB0 of the file /usr/sbin/httpd of the component HTTP Request Handler. The manipulation leads to null pointer dereference. The attack can only be initiated within the loca...
CVE-2025-2957
TRENDnet TEW-411BRP+ firmware 2.07 contains a null pointer dereference in the HTTP Request Handler (function sub_401DB0) in /usr/sbin/httpd. The flaw can be triggered from the local network, and the exploit has been disclosed publicly. Vendor was contacted early but did not respond.
CVE-2024-2957
creationtimestamp| type| source ---|---|--- 2024-04-11 05:11:40+00:00| seen| https://t.me/arpsyndicate/4438...
CVE-2024-2957
Rejected reason: DUPLICATE Please use CVE-2024-1983 instead...
CVE-2024-2957
...
CVE-2024-2957
...
CVE-2024-2957
CVE-2024-2957 is a duplicate of CVE-2024-1983. The linked Red Hat/NVD details show Simple Ajax Chat for WordPress (before 20240223) suffers a stored XSS via the name field, reflecting unsanitized input to other users. This confirms the vulnerability context, affected component, and root cause; CV...
openSUSE: Security Advisory for python39 (SUSE-SU-2023:2957-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...