38 matches found
CVE-2024-25735
An issue was discovered on WyreStorm Apollo VX20 devices before 1.3.58. Remote attackers can discover cleartext passwords via a SoftAP /device/config GET request...
Franklin Fueling Systems TS-550 - Default Password Vulnerability
Exploit Title: Franklin Fueling Systems TS-550 - Exploit and Default Password Exploit Author: parsa rezaie khiabanloo Vendor Homepage: Franklin Fueling Systems http://www.franklinfueling.com/ Version: TS-550 Tested on: Linux/Androidtermux Step 1 : attacker can using these dorks and access to find...
DEBIAN-CVE-2022-45934
An issue was discovered in the Linux kernel through 6.0.10. l2capconfigreq in net/bluetooth/l2capcore.c has an integer wraparound via L2CAPCONFREQ packets...
UBUNTU-CVE-2022-45934
An issue was discovered in the Linux kernel through 6.0.10. l2capconfigreq in net/bluetooth/l2capcore.c has an integer wraparound via L2CAPCONFREQ packets...
Linux kernel 输入验证错误漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in Linux kernel version 6.0.10 and earlier, which stems from integer wrapping via L2CAPCONFREQ in its net/bluetooth/l2capcore.c component...
CVE-2022-45934
An issue was discovered in the Linux kernel through 6.0.10. l2capconfigreq in net/bluetooth/l2capcore.c has an integer wraparound via L2CAPCONFREQ packets...
DoorGets Cross-Site Request Forgery Vulnerability
DoorGets is a free and open source content management system. A cross-site request forgery vulnerability exists in /doorgets/app/requests/user/configurationRequest.php in doorGets 7.0. A remote attacker can exploit this vulnerability to modify "Google Analytics code"...
doorGets SQL Injection Vulnerability
DoorGets is a free and open source content management system. A SQL injection vulnerability exists in /doorgets/app/requests/user/configurationRequest.php in doorGets 7.0 at action=network. A user with remote backend administrator privileges or a user with Manage Network Configuration privileges...
CVE-2019-11621
doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/requests/user/configurationRequest.php when action=network. A remote background administrator privilege user or a user with permission to manage network configuration could exploit the vulnerability to obtain database sensitive...
CVE-2019-11617
doorGets 7.0 has a CSRF vulnerability in /doorgets/app/requests/user/configurationRequest.php. A remote attacker can exploit this vulnerability for "Google Analytics code" modification...
CVE-2019-11619
doorGets 7.0 has a SQL injection vulnerability in /doorgets/app/requests/user/configurationRequest.php when action=analytics. A remote background administrator privilege user or a user with permission to manage configuration analytics could exploit the vulnerability to obtain database sensitive...
Cross site request forgery (csrf)
doorGets 7.0 has a CSRF vulnerability in /doorgets/app/requests/user/configurationRequest.php. A remote attacker can exploit this vulnerability for "Google Analytics code" modification...
CVE-2019-10657
Grandstream GWN7000 before 1.0.6.32 and GWN7610 before 1.0.8.18 devices allow remote authenticated users to discover passwords via a /ubus/uci.apply config request...
Command injection
In manager.c in ss-manager in shadowsocks-libev 3.1.0, improper parsing allows command injection via shell metacharacters in a JSON configuration request received via 127.0.0.1 UDP traffic, related to the addserver, buildconfig, and constructcommandline functions...
Teradata Gateway and TD Express Security Vulnerabilities
Teradata Gateway and TD Express are both products of Teradata Corporation. The former is a gateway product and the latter is a free database software. A security vulnerability exists in Teradata Gateway and TD Express. A remote attacker could exploit this vulnerability to cause a denial of servic...
Integer overflow
Integer underflow in the l2capconfigreq function in net/bluetooth/l2capcore.c in the Linux kernel before 3.0 allows remote attackers to cause a denial of service heap memory corruption or possibly have unspecified other impact via a small command-size value within the command header of a Logical...
CVE-2011-2497
Integer underflow in the l2capconfigreq function in net/bluetooth/l2capcore.c in the Linux kernel before 3.0 allows remote attackers to cause a denial of service heap memory corruption or possibly have unspecified other impact via a small command-size value within the command header of a Logical...
CVE-2005-0581
Multiple buffer overflows in Computer Associates CA License Client and Server 0.1.0.15 allow remote attackers to execute arbitrary code via 1 certain long fields in the Checksum item in a GCR request, 2 a long IP address, hostname, or netmask values in a GCR request, 3 a long last parameter in a...