15 matches found
CVE-2022-37843
In TOTOLINK A860R V4.1.2cu.5182B20201027 in cstecgi.cgi, the acquired parameters are directly put into the system for execution without filtering, resulting in a command injection vulnerability...
BELL-CVE-2025-37843
Bulletin has no description...
CVE-2025-37843 PCI: pciehp: Avoid unnecessary device replacement check
In the Linux kernel, the following vulnerability has been resolved: PCI: pciehp: Avoid unnecessary device replacement check Hot-removal of nested PCI hotplug ports suffers from a long-standing race condition which can lead to a deadlock: A parent hotplug port acquires pcilockrescanremove, then...
CVE-2025-37843
In the Linux kernel, the following vulnerability has been resolved: PCI: pciehp: Avoid unnecessary device replacement check Hot-removal of nested PCI hotplug ports suffers from a long-standing race condition which can lead to a deadlock: A parent hotplug port acquires pcilockrescanremove, then...
CVE-2025-37843
CVE-2025-37843 : In the Linux kernel, a race between parent and child PCI hotplug ports can deadlock during nested PCI hotplug removal. A fix was implemented to avoid extra checks when the hotplug port itself was hot-removed, preventing the deadlock (particularly when removing multiple Thunderbol...
CVE-2021-37843
The resolution SAML SSO apps for Atlassian products allow a remote attacker to login to a user account when only the username is known i.e., no other authentication is provided. The fixed versions are for Jira: 3.6.6.1, 4.0.12, 5.0.5; for Confluence 3.6.6, 4.0.12, 5.0.5; for Bitbucket 2.5.9, 3.6....
CVE-2024-37843
Craft CMS
CVE-2024-37843
creationtimestamp| type| source ---|---|--- 2024-06-18 02:30:04+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/7693 2024-08-02 17:15:54+00:00| published-proof-of-concept| https://t.me/CNArsenal/2941 2024-08-04 10:54:02+00:00| published-proof-of-concept| https://t.me/HackerArsenal/1...
CVE-2022-37843
creationtimestamp| type| source ---|---|--- 2022-09-06 20:13:32+00:00| seen| https://t.me/cibsecurity/49321...
CVE-2022-37843
In TOTOLINK A860R V4.1.2cu.5182B20201027 in cstecgi.cgi, the acquired parameters are directly put into the system for execution without filtering, resulting in a command injection vulnerability...
CVE-2022-37843
CVE-2022-37843 affects TOTOLINK A860R with firmware 4.1.2cu.5182_B20201027, where cstecgi.cgi executes acquired parameters directly without filtering, enabling command injection. Root cause: unfiltered parameter handling leading to code execution. Documented impact values indicate high confidenti...
CVE-2021-37843
creationtimestamp| type| source ---|---|--- 2021-08-02 22:27:54+00:00| seen| https://t.me/cibsecurity/26700...
CVE-2021-37843
The resolution SAML SSO apps for Atlassian products allow a remote attacker to login to a user account when only the username is known i.e., no other authentication is provided. The fixed versions are for Jira: 3.6.6.1, 4.0.12, 5.0.5; for Confluence 3.6.6, 4.0.12, 5.0.5; for Bitbucket 2.5.9, 3.6....
CVE-2021-37843
The resolution SAML SSO apps for Atlassian products allow a remote attacker to login to a user account when only the username is known i.e., no other authentication is provided. The fixed versions are for Jira: 3.6.6.1, 4.0.12, 5.0.5; for Confluence 3.6.6, 4.0.12, 5.0.5; for Bitbucket 2.5.9, 3.6....
CVE-2021-37843
The CVE-2021-37843 issue affects Atlassian SAML SSO apps and allows a remote attacker to login to a user account knowing only the username (no additional authentication). Fixed versions include Jira: 3.6.6.1, 4.0.12, 5.0.5; Confluence: 3.6.6, 4.0.12, 5.0.5; Bitbucket: 2.5.9, 3.6.6, 4.0.12, 5.0.5;...