Lucene search
+L

366 matches found

vulnersOsv
vulnersOsv
added 2021/05/14 8:15 p.m.5 views

125softnlp (=0.0.1), a2 (>=0.10.11 <=0.10.13) +4695 more potentially affected by CVE-2021-29533 via tensorflow (>=1.0.1 <=2.2.0)

tensorflow PYPI version =1.0.1, =0.10.11, =0.1.0, =0.0.0, =0.6.0, =0.1.6, =1.0.0, =0.0.1, =0.2.0, =0.6.0, =0.1.0, =0.1.0, =0.2.0 and more Source cves: CVE-2021-29533 Source advisory: OSV:PYSEC-2021-170...

5.5CVSS5.9AI score0.00217EPSS
Exploits1
CNVD
CNVD
added 2021/04/15 12:0 a.m.8 views

D-Link DIR-816 Stack Buffer Overflow Vulnerability

The D-Link DIR-816 is a wireless AC750 dual-band router. A stack buffer overflow vulnerability exists in the handler function of /goform/addassignment in the D-Link DIR-816 A2 version 1.10 B05. An attacker can exploit the vulnerability by entering long text in the sip and smac fields to cause the...

9.8CVSS7.2AI score0.24552EPSS
Exploits1References1
OSV
OSV
added 2021/04/14 2:15 p.m.6 views

CVE-2021-27114

An issue was discovered in D-Link DIR-816 A2 1.10 B05 devices. Within the handler function of the /goform/addassignment route, a very long text entry for the"'sip" and "smac" fields could lead to a Stack-Based Buffer Overflow and overwrite the return address...

9.8CVSS7.3AI score0.24552EPSS
Exploits1References2
OSV
OSV
added 2021/04/14 2:15 p.m.5 views

CVE-2021-27113

An issue was discovered in D-Link DIR-816 A2 1.10 B05 devices. An HTTP request parameter is used in command string construction within the handler function of the /goform/addRouting route. This could lead to Command Injection via Shell Metacharacters...

9.8CVSS7.3AI score0.03459EPSS
Exploits1References2
Cvelist
Cvelist
added 2021/04/14 1:53 p.m.19 views

CVE-2021-27113

An issue was discovered in D-Link DIR-816 A2 1.10 B05 devices. An HTTP request parameter is used in command string construction within the handler function of the /goform/addRouting route. This could lead to Command Injection via Shell Metacharacters...

9.9AI score0.03459EPSS
Exploits1References2
CNNVD
CNNVD
added 2021/04/14 12:0 a.m.6 views

D-Link DIR-816 A2 操作系统命令注入漏洞

The D-Link DIR-816 is a wireless AC750 dual-band router. A command injection vulnerability exists in the D-Link DIR-816 A2 version 1.10 B05. The vulnerability stems from the use of HTTP request parameters for command string construction in the handler function of /goform/addRouting. An attacker c...

10CVSS5.8AI score0.03459EPSS
Exploits1References3
CNVD
CNVD
added 2021/03/31 12:0 a.m.4 views

D-link DIR-816 A2 Remote Code Injection Vulnerability

The D-link DIR-816 A2 is a wireless AC750 dual-band router. A remote code injection vulnerability exists in the D-link DIR-816. The vulnerability stems from the availability of HTTP request parameters in the command string construction in the handler function of /goform/dirsetWanWifi. The...

10CVSS7.8AI score0.04905EPSS
Exploits1References1
OSV
OSV
added 2021/03/30 2:15 p.m.6 views

CVE-2021-26810

D-link DIR-816 A2 v1.10 is affected by a remote code injection vulnerability. An HTTP request parameter can be used in command string construction in the handler function of the /goform/dirsetWanWifi, which can lead to command injection via shell metacharacters in the statuscheckpppoeuser paramet...

9.8CVSS6AI score0.04905EPSS
Exploits1References2
Cvelist
Cvelist
added 2021/03/30 1:27 p.m.26 views

CVE-2021-26810

D-link DIR-816 A2 v1.10 is affected by a remote code injection vulnerability. An HTTP request parameter can be used in command string construction in the handler function of the /goform/dirsetWanWifi, which can lead to command injection via shell metacharacters in the statuscheckpppoeuser paramet...

10AI score0.04905EPSS
Exploits1References2
CVE
CVE
added 2021/03/30 1:27 p.m.51 views

CVE-2021-26810

D-Link DIR-816 A2 (firmware v1.10) is affected by a remote code injection vulnerability tracked as CVE-2021-26810. The issue arises from HTTP request parameters used in command string construction within the /goform/dir_setWanWifi handler, enabling command injection via shell metacharacters in th...

10CVSS9.8AI score0.04905EPSS
Exploits1References2Affected Software1
vulnersOsv
vulnersOsv
added 2020/05/01 12:0 p.m.4 views

AitSar (=0.1.1), BeerHolderBot (>=0.1.0 <=0.3.6) +7766 more potentially affected by unknown CVE via net2 (=0.2.39)

net2 CARGO version =0.2.39 is affected by a known vulnerability. The following packages have a transitive dependency on net2 and may be impacted: - AitSar =0.1.1 - BeerHolderBot =0.1.0, =0.1.0, =0.1.0, =1.0.0, =0.0.2, =0.1.0, =0.1.0, =0.2.0, =0.5.3 and more Source cves: unknown CVE Source advisor...

5.7AI score
Exploits0
Hacker One
Hacker One
added 2020/02/18 1:44 p.m.71 views

WakaTime: Broken Authentication and session management OWASP A2

Hi, Security Team! i found vulnerability on https://wakatime.com/ Steps To Reproduce: 1. First log in into the account, website will create a session for current login. 2. Copy all Cookies and paste it on notepad. 3. Log out your account. 4. Open your chrome browser and right click on bookmark ba...

7.1AI score
Exploits0
CVE
CVE
added 2020/02/07 1:37 p.m.47 views

CVE-2013-1202

Cisco ACE A2(3.6) is affected by a log-retention Denial of Service vulnerability (CVE-2013-1202). The flaw occurs in the SSL logging daemon where logs are not rotated, exhausting disk space and leading to DoS. An unauthenticated, remote attacker could exploit by opening many SSL connections to th...

7.5CVSS7.5AI score0.01044EPSS
Exploits0References1Affected Software1
OpenVAS
OpenVAS
added 2019/12/09 12:0 a.m.19 views

SYS.2.2.2.A2

Ziel des Bausteins SYS.2.2.2 ist der Schutz von Informationen, die durch und auf Windows 8.1-Clients verarbeiten werden. Die Basis-Anforderung Copyright C 2019 Greenbone Networks GmbH SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can redistribute it and/or modify it...

7.3AI score
Exploits0References1
CNVD
CNVD
added 2019/11/19 12:0 a.m.5 views

Xiaomi Mi A2 Lite Access Control Error Vulnerability

Xiaomi Mi A2 Lite is a smartphone from Chinese company Xiaomi Technology Xiaomi. A vulnerability in the Xiaomi Mi A2 Lite build fingerprint: xiaomi/jasmine/jasminesprout:9/PKQ1.180904.001/V10.0.2.0.PDIMIFJ:user/release-keys in the com.qualcomm An access control error vulnerability exists in the...

5.5CVSS6.7AI score0.00305EPSS
Exploits0References1
CNVD
CNVD
added 2019/11/19 12:0 a.m.5 views

Xiaomi Mi A2 Lite Access Control Error Vulnerability (CNVD-2019-41689)

Xiaomi Mi A2 Lite is a smartphone from Chinese company Xiaomi Technology Xiaomi. The Xiaomi Mi A2 Lite build fingerprint: xiaomi/daisy/daisysprout:9/PKQ1.180917.001/V10.0.3.0.PDLMIXM:user/release-keys in the com.huaqin. An access control error vulnerability exists in the factory app. An attacker...

5.5CVSS6.8AI score0.00285EPSS
Exploits0References1
NVD
NVD
added 2019/11/14 5:15 p.m.11 views

CVE-2019-15473

The Xiaomi Mi A2 Lite Android device with a build fingerprint of xiaomi/jasmine/jasminesprout:9/PKQ1.180904.001/V10.0.2.0.PDIMIFJ:user/release-keys contains a pre-installed app with a package name of com.qualcomm.qti.callenhancement app versionCode=28, versionName=9 that allows unauthorized...

5.5CVSS5.2AI score0.00305EPSS
Exploits0References1
NVD
NVD
added 2019/11/14 5:15 p.m.11 views

CVE-2019-15468

The Xiaomi Mi A2 Lite Android device with a build fingerprint of xiaomi/daisy/daisysprout:9/PKQ1.180917.001/V10.0.3.0.PDLMIXM:user/release-keys contains a pre-installed app with a package name of com.huaqin.factory app versionCode=1, versionName=QL1715201812071953 that allows unauthorized wireles...

5.5CVSS5.3AI score0.00285EPSS
Exploits0References1
NVD
NVD
added 2019/11/14 5:15 p.m.10 views

CVE-2019-15472

The Xiaomi Mi A2 Lite Android device with a build fingerprint of xiaomi/daisy/daisysprout:9/PKQ1.180917.001/V10.0.3.0.PDLMIXM:user/release-keys contains a pre-installed app with a package name of com.qualcomm.qti.callenhancement app versionCode=28, versionName=9 that allows unauthorized microphon...

5.5CVSS5.2AI score0.00336EPSS
Exploits0References1
Prion
Prion
added 2019/11/14 5:15 p.m.10 views

Design/Logic Flaw

The Xiaomi Mi A2 Lite Android device with a build fingerprint of xiaomi/daisy/daisysprout:9/PKQ1.180917.001/V10.0.3.0.PDLMIXM:user/release-keys contains a pre-installed app with a package name of com.qualcomm.qti.callenhancement app versionCode=28, versionName=9 that allows unauthorized microphon...

2.1CVSS5.2AI score0.00336EPSS
Exploits0References1
Rows per page
Query Builder