170 matches found
D-Link Network Attached Storage - Backdoor Account
A vulnerability, which was classified as very critical, has been found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403. This issue affects some unknown processing of the file /cgi-bin/nassharing.cgi of the component HTTP GET Request Handler. The manipulation of the argument user...
CVE-2026-3272
creationtimestamp| type| source ---|---|--- 2026-02-27 02:38:45+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3mfsolhb2ys2k 2026-02-27 18:40:10+00:00| seen| https://bsky.app/profile/cyberhub.blog/post/3mfueclgiai2m...
MiracleLinux 8 : jasper-2.0.14-5.el8 (AXSA:2021-2685:01)
The remote MiracleLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-2685:01 advisory. jasper: Heap-based buffer overflow in cpcreate in jpcenc.c CVE-2020-27828 jasper: Heap-based buffer over-read in jp2decode in jp2dec.c CVE-2021-3272...
MiracleLinux 3 : kernel-2.6.18-53.14AXS3 (AXSA:2008-519:09)
The remote MiracleLinux 3 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2008-519:09 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Bugs fixed: CVE-2007-6417: The shmemgetpage function mm/shmem.c...
CVE-2017-3272 vulnerabilities
Vulnerabilities for packages: openjdk-17-openj9, openjdk-11-openj9, openjdk-21-openj9, openjdk-8-openj9...
CVE-2013-3272
EMC Replication Manager RM before 5.4.4 places encoded passwords in application log files, which makes it easier for local users to obtain sensitive information by reading a file and conducting an unspecified decoding attack...
CVE-2025-3272
Incorrect Authorization vulnerability in OpenText™ Operations Bridge Manager. The vulnerability could allow authenticated users to change their password without providing their old password. This issue affects Operations Bridge Manager: 24.2, 24.4...
CVE-2025-3272
Incorrect Authorization vulnerability in OpenText™ Operations Bridge Manager. The vulnerability could allow authenticated users to change their password without providing their old password. This issue affects Operations Bridge Manager: 24.2, 24.4...
CVE-2025-3272 Incorrect user authorization vulnerability has been identified in Open Text Operations Bridge Manager.
Incorrect Authorization vulnerability in OpenText™ Operations Bridge Manager. The vulnerability could allow authenticated users to change their password without providing their old password. This issue affects Operations Bridge Manager: 24.2, 24.4...
CVE-2025-3272 Incorrect user authorization vulnerability has been identified in Open Text Operations Bridge Manager.
Incorrect Authorization vulnerability in OpenText™ Operations Bridge Manager. The vulnerability could allow authenticated users to change their password without providing their old password. This issue affects Operations Bridge Manager: 24.2, 24.4...
CVE-2025-3272
OpenText Operations Bridge Manager is affected by CVE-2025-3272. The issue is an Incorrect Authorization vulnerability where authenticated users can change their own password without providing the current password. Affected versions are 24.2 and 24.4. According to the sources, the vulnerability p...
Moderate: Red Hat Security Advisory: Red Hat Ansible Automation Platform 2.4 Product Security and Bug Fix Update
An update is now available for Red Hat Ansible Automation Platform 2.4 Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...
CGA-3272-4GP3-MP58
Bulletin has no description...
Exploit for Use of Hard-coded Credentials in Dlink Dns-320L_Firmware
Dinkleberry 🫐 Are you one of the 92,000+ people1 stuck with a...
D-Link DNS/DNR Devices Multiple Vulnerabilities (SAP10383) - Active Check
Multiple D-Link DNS and DNR devices are prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPEPREFIX =...
CVE-2024-3272
creationtimestamp| type| source ---|---|--- 2024-04-08 13:56:56+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/6982 2024-04-09 08:20:54+00:00| exploited| https://t.me/thehackernews/4790 2024-04-09 08:44:03+00:00| exploited| https://t.me/KomunitiSiber/1750 2024-04-09 08:52:14+00:00|...
CVE-2024-3272 D-Link DNS-320L/DNS-325/DNS-327L/DNS-340L HTTP GET Request nas_sharing.cgi hard-coded credentials
UNSUPPORTED WHEN ASSIGNED A vulnerability, which was classified as very critical, has been found in D-Link DNS-320L, DNS-325, DNS-327L and DNS-340L up to 20240403. This issue affects some unknown processing of the file /cgi-bin/nassharing.cgi of the component HTTP GET Request Handler. The...
Rocky Linux 8 : jasper (RLSA-2021:4235)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2021:4235 advisory. - There's a flaw in jasper's jpc encoder in versions prior to 2.0.23. Crafted input provided to jasper by an attacker could cause an arbitrary...
CVE-2023-3272
Cleartext Transmission of Sensitive Information in the SICK ICR890-4 could allow a remote attacker to gather sensitive information by intercepting network traffic that is not encrypted...
CVE-2023-3272
The CVE-2023-3272 issue affects the SICK ICR890-4 track-and-trace system. The vulnerability arises from cleartext transmission of sensitive information over the network, exposing confidentiality (CVSS 7.5, HIGH) and enabling remote interception by an unauthenticated attacker. Connected documents ...