636 matches found
CVE-2024-12105
In WhatsUp Gold versions released before 2024.0.2, an authenticated user can use a specially crafted HTTP request that can lead to information disclosure...
CVE-2024-37606
A Stack overflow vulnerability in D-Link DCS-932L REVBFIRMWARE2.18.01 allows attackers to cause a Denial of Service DoS via a crafted HTTP request...
CVE-2024-37605
A NULL pointer dereference in D-Link DIR-860L REVBFIRMWARE2.04.B04ic5b allows attackers to cause a Denial of Service DoS via a crafted HTTP request...
CVE-2024-37607
A Buffer overflow vulnerability in D-Link DAP-2555 REVAFIRMWARE1.20 allows remote attackers to cause a Denial of Service DoS via a crafted HTTP request...
CVE-2024-37605
A NULL pointer dereference in D-Link DIR-860L REVBFIRMWARE2.04.B04ic5b allows attackers to cause a Denial of Service DoS via a crafted HTTP request...
CVE-2024-36831
A NULL pointer dereference in the pluginscallhandleuriclean function of D-Link DAP-1520 REVAFIRMWARE1.10B04BETA02HOTFIX allows attackers to cause a Denial of Service DoS via a crafted HTTP request without authentication...
CVE-2024-37605
A NULL pointer dereference in D-Link DIR-860L REVBFIRMWARE2.04.B04ic5b allows attackers to cause a Denial of Service DoS via a crafted HTTP request...
CVE-2024-37605
A NULL pointer dereference in D-Link DIR-860L REVBFIRMWARE2.04.B04ic5b allows attackers to cause a Denial of Service DoS via a crafted HTTP request...
CVE-2024-37606
A Stack overflow vulnerability in D-Link DCS-932L REVBFIRMWARE2.18.01 allows attackers to cause a Denial of Service DoS via a crafted HTTP request...
CVE-2024-37606
CVE-2024-37606 affects D-Link DCS-932L REVB firmware (2.18.01). The vulnerability is a stack/buffer overflow in the alphapd component that can be triggered by a crafted HTTP request, leading to Denial of Service. The issue is documented across multiple sources (NVD/NVD-derived listings, CNVD, Red...
CVE-2024-36831
A NULL pointer dereference in the pluginscallhandleuriclean function of D-Link DAP-1520 REVAFIRMWARE1.10B04BETA02HOTFIX allows attackers to cause a Denial of Service DoS via a crafted HTTP request without authentication...
CVE-2024-36831
D-Link DAP-1520 REVA_FIRMWARE_1.10B04_BETA02_HOTFIX is affected by a NULL pointer dereference in the plugins_call_handle_uri_clean function, enabling a remote attacker to cause a Denial of Service (DoS) via a crafted HTTP request without authentication. The issue is reported across multiple sourc...
CVE-2024-8525 Automated Logic WebCTRL and Carrier i-Vu Unrestricted File Upload
An unrestricted upload of file with dangerous type in Automated Logic WebCTRL 7.0 could allow an unauthenticated user to perform remote command execution via a crafted HTTP POST request which could lead to uploading a malicious file...
CVE-2023-49952
Mastodon 4.1.x before 4.1.17 and 4.2.x before 4.2.9 allows a bypass of rate limiting via a crafted HTTP request header...
CVE-2024-20476
A vulnerability in the web-based management interface of Cisco ISE could allow an authenticated, remote attacker to bypass the authorization mechanisms for specific file management functions. This vulnerability is due to lack of server-side validation of Administrator permissions. An attacker cou...
GHSA-25PW-Q952-X37G Duplicate Advisory: pyload-ng vulnerable to RCE with js2py sandbox escape
Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-r9pp-r4xf-597r. This link is maintained to preserve external references. Original Description An issue in pyload-ng v0.5.0b3.dev85 running under python3.11 or below allows attackers to execute arbitrary code via...
CVE-2024-39205
An issue in pyload-ng v0.5.0b3.dev85 running under python3.11 or below allows attackers to execute arbitrary code via a crafted HTTP request...
CVE-2024-39205
An issue in pyload-ng v0.5.0b3.dev85 running under python3.11 or below allows attackers to execute arbitrary code via a crafted HTTP request...
CVE-2024-39205
An issue in pyload-ng v0.5.0b3.dev85 running under python3.11 or below allows attackers to execute arbitrary code via a crafted HTTP request...
Sharp MFP 安全漏洞
Sharp MFP is a series of multifunction printers from Sharp Japan. A security vulnerability exists in Sharp MFP that stems from mishandling of keyword search inputs and SOAP messages, contains multiple out-of-bounds read vulnerabilities, and a carefully crafted HTTP request could cause the affecte...