366 matches found
125softnlp (=0.0.1), a2 (>=0.10.11 <=0.10.13) +4695 more potentially affected by CVE-2021-29533 via tensorflow (>=1.0.1 <=2.2.0)
tensorflow PYPI version =1.0.1, =0.10.11, =0.1.0, =0.0.0, =0.6.0, =0.1.6, =1.0.0, =0.0.1, =0.2.0, =0.6.0, =0.1.0, =0.1.0, =0.2.0 and more Source cves: CVE-2021-29533 Source advisory: OSV:PYSEC-2021-170...
D-Link DIR-816 Stack Buffer Overflow Vulnerability
The D-Link DIR-816 is a wireless AC750 dual-band router. A stack buffer overflow vulnerability exists in the handler function of /goform/addassignment in the D-Link DIR-816 A2 version 1.10 B05. An attacker can exploit the vulnerability by entering long text in the sip and smac fields to cause the...
CVE-2021-27114
An issue was discovered in D-Link DIR-816 A2 1.10 B05 devices. Within the handler function of the /goform/addassignment route, a very long text entry for the"'sip" and "smac" fields could lead to a Stack-Based Buffer Overflow and overwrite the return address...
CVE-2021-27113
An issue was discovered in D-Link DIR-816 A2 1.10 B05 devices. An HTTP request parameter is used in command string construction within the handler function of the /goform/addRouting route. This could lead to Command Injection via Shell Metacharacters...
CVE-2021-27113
An issue was discovered in D-Link DIR-816 A2 1.10 B05 devices. An HTTP request parameter is used in command string construction within the handler function of the /goform/addRouting route. This could lead to Command Injection via Shell Metacharacters...
D-Link DIR-816 A2 操作系统命令注入漏洞
The D-Link DIR-816 is a wireless AC750 dual-band router. A command injection vulnerability exists in the D-Link DIR-816 A2 version 1.10 B05. The vulnerability stems from the use of HTTP request parameters for command string construction in the handler function of /goform/addRouting. An attacker c...
D-link DIR-816 A2 Remote Code Injection Vulnerability
The D-link DIR-816 A2 is a wireless AC750 dual-band router. A remote code injection vulnerability exists in the D-link DIR-816. The vulnerability stems from the availability of HTTP request parameters in the command string construction in the handler function of /goform/dirsetWanWifi. The...
CVE-2021-26810
D-link DIR-816 A2 v1.10 is affected by a remote code injection vulnerability. An HTTP request parameter can be used in command string construction in the handler function of the /goform/dirsetWanWifi, which can lead to command injection via shell metacharacters in the statuscheckpppoeuser paramet...
CVE-2021-26810
D-link DIR-816 A2 v1.10 is affected by a remote code injection vulnerability. An HTTP request parameter can be used in command string construction in the handler function of the /goform/dirsetWanWifi, which can lead to command injection via shell metacharacters in the statuscheckpppoeuser paramet...
CVE-2021-26810
D-Link DIR-816 A2 (firmware v1.10) is affected by a remote code injection vulnerability tracked as CVE-2021-26810. The issue arises from HTTP request parameters used in command string construction within the /goform/dir_setWanWifi handler, enabling command injection via shell metacharacters in th...
AitSar (=0.1.1), BeerHolderBot (>=0.1.0 <=0.3.6) +7766 more potentially affected by unknown CVE via net2 (=0.2.39)
net2 CARGO version =0.2.39 is affected by a known vulnerability. The following packages have a transitive dependency on net2 and may be impacted: - AitSar =0.1.1 - BeerHolderBot =0.1.0, =0.1.0, =0.1.0, =1.0.0, =0.0.2, =0.1.0, =0.1.0, =0.2.0, =0.5.3 and more Source cves: unknown CVE Source advisor...
WakaTime: Broken Authentication and session management OWASP A2
Hi, Security Team! i found vulnerability on https://wakatime.com/ Steps To Reproduce: 1. First log in into the account, website will create a session for current login. 2. Copy all Cookies and paste it on notepad. 3. Log out your account. 4. Open your chrome browser and right click on bookmark ba...
CVE-2013-1202
Cisco ACE A2(3.6) is affected by a log-retention Denial of Service vulnerability (CVE-2013-1202). The flaw occurs in the SSL logging daemon where logs are not rotated, exhausting disk space and leading to DoS. An unauthenticated, remote attacker could exploit by opening many SSL connections to th...
SYS.2.2.2.A2
Ziel des Bausteins SYS.2.2.2 ist der Schutz von Informationen, die durch und auf Windows 8.1-Clients verarbeiten werden. Die Basis-Anforderung Copyright C 2019 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it...
Xiaomi Mi A2 Lite Access Control Error Vulnerability
Xiaomi Mi A2 Lite is a smartphone from Chinese company Xiaomi Technology Xiaomi. A vulnerability in the Xiaomi Mi A2 Lite build fingerprint: xiaomi/jasmine/jasminesprout:9/PKQ1.180904.001/V10.0.2.0.PDIMIFJ:user/release-keys in the com.qualcomm An access control error vulnerability exists in the...
Xiaomi Mi A2 Lite Access Control Error Vulnerability (CNVD-2019-41689)
Xiaomi Mi A2 Lite is a smartphone from Chinese company Xiaomi Technology Xiaomi. The Xiaomi Mi A2 Lite build fingerprint: xiaomi/daisy/daisysprout:9/PKQ1.180917.001/V10.0.3.0.PDLMIXM:user/release-keys in the com.huaqin. An access control error vulnerability exists in the factory app. An attacker...
CVE-2019-15473
The Xiaomi Mi A2 Lite Android device with a build fingerprint of xiaomi/jasmine/jasminesprout:9/PKQ1.180904.001/V10.0.2.0.PDIMIFJ:user/release-keys contains a pre-installed app with a package name of com.qualcomm.qti.callenhancement app versionCode=28, versionName=9 that allows unauthorized...
CVE-2019-15468
The Xiaomi Mi A2 Lite Android device with a build fingerprint of xiaomi/daisy/daisysprout:9/PKQ1.180917.001/V10.0.3.0.PDLMIXM:user/release-keys contains a pre-installed app with a package name of com.huaqin.factory app versionCode=1, versionName=QL1715201812071953 that allows unauthorized wireles...
CVE-2019-15472
The Xiaomi Mi A2 Lite Android device with a build fingerprint of xiaomi/daisy/daisysprout:9/PKQ1.180917.001/V10.0.3.0.PDLMIXM:user/release-keys contains a pre-installed app with a package name of com.qualcomm.qti.callenhancement app versionCode=28, versionName=9 that allows unauthorized microphon...
Design/Logic Flaw
The Xiaomi Mi A2 Lite Android device with a build fingerprint of xiaomi/daisy/daisysprout:9/PKQ1.180917.001/V10.0.3.0.PDLMIXM:user/release-keys contains a pre-installed app with a package name of com.qualcomm.qti.callenhancement app versionCode=28, versionName=9 that allows unauthorized microphon...