CVE-2025-48599

In multiple functions of WifiScanModeActivity.java, there is a possible way to bypass a device config restriction due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation...

CVE-2023-48599

creationtimestamp| type| source ---|---|--- 2024-01-06 15:26:48+00:00| seen| https://t.me/ctinow/163952...

CVE-2023-48599 Adobe Experience Manager | Cross-site Scripting (DOM-based XSS) (CWE-79)

Adobe Experience Manager versions 6.5.18 and earlier are affected by a Cross-site Scripting DOM-based XSS vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the...

CVE-2022-48599

creationtimestamp| type| source ---|---|--- 2023-08-09 22:15:30+00:00| seen| https://t.me/cibsecurity/68125...

CVE-2022-48599

ScienceLogic SL1 is affected by a SQL injection in the reporter events type feature, where unsanitized user input is passed directly into a SQL query. The vulnerability arises from improper input handling in the reporter events type function, enabling arbitrary SQL execution against the database....

PT-2022-4062 · Dd-Wrt · Dd-Wrt

Name of the Vulnerable Software and Affected Versions: DD-WRT versions Revision 32270 through Revision 48599 Description: The issue is related to insufficient input validation in the httpd module of DD-WRT, which can be exploited by sending a specially-crafted HTTP request to execute arbitrary...

DD-WRT 缓冲区错误漏洞

DD-WRT is a Linux-based alternative open source firmware to DD-WRT Open Source. It is suitable for use in a variety of WLAN routers and embedded systems. A buffer error vulnerability exists in DD-WRT revisions 32270 through 48599 that stems from a specially crafted HTTP request that could result ...