Lucene search
K

256 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2022-2497

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.6 before 15.0.5, all versions starting from 15.1 before 15.1.4, all version...

8.5CVSS6.8AI score0.00971EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/08/10 11:14 a.m.9 views

CVE-2025-8748

MiR software versions prior to version 3.0.0 are affected by a command injection vulnerability. A malicious HTTP request crafted by an authenticated user could allow the execution of arbitrary commands on the underlying operating system...

8.8CVSS7.5AI score0.01286EPSS
Exploits0References1
CVE
CVE
added 2025/08/08 11:9 a.m.14 views

CVE-2025-8748

MiR software versions prior to 3.0.0 are affected by a command injection vulnerability that allows an authenticated user to execute arbitrary OS commands via a crafted HTTP request. Affected product: MiR robots software. Root cause: inadequate input handling in HTTP request processing leading to ...

8.8CVSS7.2AI score0.01286EPSS
Exploits0References2
OSV
OSV
added 2025/06/26 2:15 p.m.4 views

UBUNTU-CVE-2025-6707

Under certain conditions, an authenticated user request may execute with stale privileges following an intentional change by an authorized administrator. This issue affects MongoDB Server v5.0 version prior to 5.0.31, MongoDB Server v6.0 version prior to 6.0.24, MongoDB Server v7.0 version prior ...

5.4CVSS5.8AI score0.00143EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 2:4 a.m.7 views

CVE-2023-6838

Reflected XSS vulnerability can be exploited by tampering a request parameter in Authentication Endpoint. This can be performed in both authenticated and unauthenticated requests...

6.1CVSS6.1AI score0.00433EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:16 a.m.8 views

CVE-2022-29238

Jupyter Notebook is a web-based notebook environment for interactive computing. Prior to version 6.4.12, authenticated requests to the notebook server with ContentsManager.allowhidden = False only prevented listing the contents of hidden directories, not accessing individual hidden files or files...

4.3CVSS6.6AI score0.0103EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:22 p.m.6 views

CVE-2022-45724

Incorrect Access Control in Comfast router CF-WR6110N V2.3.1 allows a remote attacker on the same network to perform any HTTP request to an unauthenticated page to force the server to generate a SESSIONID, and using this SESSIONID an attacker can then perform authenticated requests...

5.4CVSS7AI score0.00504EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:32 p.m.8 views

CVE-2021-21915

An exploitable SQL injection vulnerability exist in the ‘grouplist’ page of the Advantech R-SeeNet 2.4.15 30.07.2021. A specially-crafted HTTP request at ‘companyfilter’ parameter. An attacker can make authenticated HTTP requests to trigger this vulnerability. This can be done as any authenticate...

8.8CVSS7.5AI score0.0138EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:31 p.m.5 views

CVE-2021-21876

Specially-crafted HTTP requests can lead to arbitrary command execution in PUT requests. An attacker can make authenticated HTTP requests to trigger this vulnerability...

9.1CVSS7.2AI score0.02694EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:33 p.m.12 views

CVE-2020-27242

An exploitable SQL injection vulnerability exists in ‘listImmoLabels.jsp’ page of OpenClinic GA 5.173.3 application. The immoLocation parameter in the ‘listImmoLabels.jsp’ page is vulnerable to authenticated SQL injection. An attacker can make an authenticated HTTP request to trigger this...

8.8CVSS7.9AI score0.00806EPSS
Exploits1
Snyk
Snyk
added 2025/03/03 5:41 p.m.2 views

Origin Validation Error

Overview rembg is a Remove image background Affected versions of this package are vulnerable to Origin Validation Error in the addmiddleware function in scommand.py, which reflects all origins by default. Due to the allowcredentials=True setting, an attacker can send authenticated cross-site...

8.7CVSS6.2AI score0.00179EPSS
Exploits1References2
OSV
OSV
added 2025/01/14 3:15 p.m.3 views

CVE-2024-39802

Multiple buffer overflow vulnerabilities exist in the qos.cgi qossettings functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to stack-based buffer overflow. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A buffer...

7.2CVSS6.4AI score0.00845EPSS
Exploits1References2
OSV
OSV
added 2025/01/14 3:15 p.m.6 views

CVE-2024-39798

Multiple external config control vulnerabilities exists in the openvpn.cgi openvpnserversetup functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger these...

7.2CVSS7.5AI score0.0183EPSS
Exploits1References2
OSV
OSV
added 2025/01/14 3:15 p.m.5 views

CVE-2024-39782

Multiple OS command injection vulnerabilities exist in the adm.cgi schreboot functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to a arbitrary code execution. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A command...

7.2CVSS6AI score0.03718EPSS
Exploits1References2
OSV
OSV
added 2025/01/14 3:15 p.m.6 views

CVE-2024-39781

Multiple OS command injection vulnerabilities exist in the adm.cgi schreboot functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to a arbitrary code execution. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A command...

7.2CVSS6AI score0.04469EPSS
Exploits1References2
OSV
OSV
added 2025/01/14 3:15 p.m.5 views

CVE-2024-39763

Multiple OS command injection vulnerabilities exist in the internet.cgi setaddrouting functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A...

7.2CVSS6AI score0.04815EPSS
Exploits1References2
OSV
OSV
added 2025/01/14 3:15 p.m.5 views

CVE-2024-37186

An os command injection vulnerability exists in the adm.cgi setledonoff functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability...

7.2CVSS6.1AI score0.22827EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2025/01/14 12:0 a.m.4 views

PT-2025-2543 · Wavlink · Wavlink Ac3000

Name of the Vulnerable Software and Affected Versions: Wavlink AC3000 version M33A8.V5030.210505 Description: A command injection vulnerability exists in the firewall.cgi iptablesWebsFilterRun functionality. This allows an attacker to execute arbitrary code by making a specially crafted HTTP...

9.1CVSS8.2AI score0.08248EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/01/14 12:0 a.m.8 views

PT-2025-2537 · Wavlink · Wavlink Ac3000

Name of the Vulnerable Software and Affected Versions: Wavlink AC3000 version M33A8.V5030.210505 Description: A buffer overflow issue exists in the qos.cgi qos sta settings functionality. This can be triggered by a specially crafted HTTP request, leading to a stack-based buffer overflow. An...

9.1CVSS7.3AI score0.01482EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2025/01/14 12:0 a.m.6 views

PT-2025-2572 · Wavlink · Wavlink Ac3000

Name of the Vulnerable Software and Affected Versions: Wavlink AC3000 version M33A8.V5030.210505 Description: Multiple external config control vulnerabilities exist in the nas.cgi set nas proftpd functionality. A specially crafted HTTP request can lead to permission bypass. An attacker can make a...

9.1CVSS7.5AI score0.01457EPSS
Exploits1References9
Rows per page
Query Builder