Lucene search
K

44 matches found

CNNVD
CNNVD
added 2026/06/09 12:0 a.m.15 views

TOTOLINK EX200 安全漏洞

TOTOLINK EX200 is a 2.4G wireless N range extender from TOTOLINK Corporation. It is designed to expand the coverage of an existing Wi-Fi network. The TOTOLINK EX200 version 4.0.3c.7646 contains a security vulnerability. This vulnerability stems from a minor permission violation in the vsftpd.conf...

6.9CVSS5.7AI score0.00285EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.16 views

PT-2026-47632

A security flaw has been discovered in TOTOLINK EX200 4.0.3c.7646. This affects an unknown function of the file /etc/vsftpd.conf of the component vsftpd. The manipulation results in least privilege violation. It is possible to launch the attack remotely. The exploit has been released to the publi...

6.9CVSS5.5AI score0.00285EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2026/01/20 12:0 a.m.6 views

MiracleLinux 8 : opencryptoki-3.21.0-10.el8_9.ML.1 (AXSA:2024-7646:02)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2024-7646:02 advisory. opencryptoki: timing side-channel in handling of RSA PKCS1 v1.5 padded ciphertexts Marvin CVE-2024-0914 Tenable has extracted the preceding description block...

5.9CVSS5.6AI score0.00878EPSS
Exploits0References2
OSV
OSV
added 2025/08/14 6:52 p.m.2 views

MAL-2025-7646 Malicious code in @crabas0npm2/dolorum-excepturi-temporibus (npm)

The package @crabas0npm2/dolorum-excepturi-temporibus was found to contain malicious code...

7.2AI score
Exploits0
OSV
OSV
added 2025/08/10 8:42 a.m.1 views

MINI-739W-9WGV-7646

Bulletin has no description...

5.8CVSS7.2AI score0.02879EPSS
Exploits0
Circl
Circl
added 2025/08/01 7:47 a.m.4 views

CVE-2025-7646

creationtimestamp| type| source ---|---|--- 2025-08-01 07:47:15+00:00| seen| Telegram/yFl9mA2aTv6PxBTC8vB4Y3Cf5kij5ahrR6RKvfHA-0NuUpY...

6.4CVSS4.8AI score0.00221EPSS
Exploits0
NVD
NVD
added 2025/08/01 7:15 a.m.3 views

CVE-2025-7646

The The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the custom script parameter in all versions up to, and including, 6.3.10 even when the user does not have the unfilteredhtml...

6.4CVSS0.00221EPSS
Exploits0References2
CVE
CVE
added 2025/08/01 6:44 a.m.26 views

CVE-2025-7646

The CVE-2025-7646 entry concerns The Plus Addons for Elementor Page Builder (Lite) for WordPress. The vulnerability is a Stored Cross-Site Scripting (XSS) in the plugin’s custom script parameter affecting all versions up to 6.3.10. An authenticated attacker with Contributor-level access or higher...

6.4CVSS5.5AI score0.00221EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/08/01 6:44 a.m.8 views

CVE-2025-7646 The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce <= 6.3.10 - Authenticated (Contributor+) Stored Cross-Site Scripting

The The Plus Addons for Elementor – Elementor Addons, Page Templates, Widgets, Mega Menu, WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the custom script parameter in all versions up to, and including, 6.3.10 even when the user does not have the unfilteredhtml...

6.4CVSS0.00221EPSS
Exploits0References2
Patchstack
Patchstack
added 2025/07/31 10:0 p.m.7 views

WordPress The Plus Addons for Elementor Page Builder Lite plugin <= 6.3.10 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by zer0gh0st in WordPress Plugin The Plus Addons for Elementor Page Builder Lite versions = 6.3.10...

6.4CVSS5.2AI score0.00221EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/22 3:7 p.m.7 views

CVE-2020-7646

curlrequest through 1.0.1 allows reading any file by populating the file parameter with user input...

9.8CVSS6.8AI score0.01884EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/02/05 12:5 p.m.9 views

CVE-2024-7646

A security issue was discovered in ingress-nginx where an actor with permission to create Ingress objects in the networking.k8s.io or extensions API group can bypass annotation validation to inject arbitrary commands and obtain the credentials of the ingress-nginx controller. In the default...

8.8CVSS7.2AI score0.27018EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2025/01/28 10:8 p.m.21 views

Security Bulletin: IBM InfoSphere Information Server is affected by a vulnerability in Kubernetes ingress-nginx (CVE-2024-7646)

Summary A vulnerability in Kubernetes ingress-nginx that is used by InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2024-7646 DESCRIPTION: Kubernetes ingress-nginx could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by an...

8.8CVSS7.4AI score0.27018EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2024/10/28 7:37 p.m.38 views

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Nginx

Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of Nginx Vulnerability Details CVEID:CVE-2024-7646 DESCRIPTION: Kubernetes ingress-nginx could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by an annotation validatio...

8.8CVSS7.9AI score0.27018EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2024/10/03 12:0 a.m.18 views

RHEL 8 : firefox (RHSA-2024:7646)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:7646 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. Security Fixes: firefox:...

9.8CVSS7.5AI score0.00738EPSS
Exploits0References25
OSV
OSV
added 2024/08/19 5:26 p.m.43 views

GO-2024-3075 CVE-2024-7646 in github.com/kubernetes/ingress-nginx

CVE-2024-7646 in github.com/kubernetes/ingress-nginx. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from vulnerability scanners, please suggest an edit to the...

8.8CVSS8.6AI score0.27018EPSS
Exploits0References5
Circl
Circl
added 2024/08/16 9:14 p.m.13 views

CVE-2024-7646

creationtimestamp| type| source ---|---|--- 2024-08-16 21:14:48+00:00| seen| https://t.me/cvedetector/3354 2024-08-17 14:16:54+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/8282 2024-08-17 14:46:06+00:00| published-proof-of-concept| https://t.me/GithubRedTeam/8283 2024-08-18...

8.8CVSS7.5AI score0.27018EPSS
Exploits0References12
Cvelist
Cvelist
added 2024/08/16 5:36 p.m.329 views

CVE-2024-7646

A security issue was discovered in ingress-nginx where an actor with permission to create Ingress objects in the networking.k8s.io or extensions API group can bypass annotation validation to inject arbitrary commands and obtain the credentials of the ingress-nginx controller. In the default...

8.8CVSS0.27018EPSS
Exploits0References4
OSV
OSV
added 2024/04/08 1:15 p.m.3 views

CVE-2024-31817

In TOTOLINK EX200 V4.0.3c.7646B20201211, an attacker can obtain sensitive information without authorization through the function getSysStatusCfg...

7.5CVSS5.8AI score0.5534EPSS
Exploits1References1
OSV
OSV
added 2024/04/08 1:15 p.m.3 views

CVE-2024-31814

TOTOLINK EX200 V4.0.3c.7646B20201211 allows attackers to bypass login through the FormLogin function...

8.8CVSS5.8AI score0.08567EPSS
Exploits1References1
Rows per page
Query Builder