Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3632 matches found

NVD
NVDadded 2024/04/09 3:15 p.m.12 views

CVE-2023-48724

A memory corruption vulnerability exists in the web interface functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point EAP225 V3 v5.1.0 Build 20220926. A specially crafted HTTP POST request can lead to denial of service of the device's web interface. An attacker can send an...

7.5CVSS7.7AI score0.01496EPSS
Exploits1References2
Cvelist
Cvelistadded 2024/04/09 2:12 p.m.18 views

CVE-2023-48724

A memory corruption vulnerability exists in the web interface functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point EAP225 V3 v5.1.0 Build 20220926. A specially crafted HTTP POST request can lead to denial of service of the device's web interface. An attacker can send an...

7.5CVSS7.8AI score0.01496EPSS
Exploits1References1
CVE
CVEadded 2024/04/09 2:12 p.m.45 views

CVE-2023-48724

CVE-2023-48724 affects the TP-Link AC1350 Wireless MU-MIMO G igabit Access Point (EAP225 V3), affected firmware v5.1.0 Build 20220926. Talos reports a memory corruption bug in the web interface (httpd_portal) caused by parsing x-www-form-urlencoded POST parameters in the web UI, leading to a deni...

7.5CVSS8.1AI score0.01496EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichmentadded 2024/04/09 2:12 p.m.14 views

CVE-2023-48724

A memory corruption vulnerability exists in the web interface functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point EAP225 V3 v5.1.0 Build 20220926. A specially crafted HTTP POST request can lead to denial of service of the device's web interface. An attacker can send an...

7.5CVSS7.1AI score0.01496EPSS
Exploits1References1
RedhatCVE
RedhatCVEadded 2024/04/03 12:18 p.m.70 views

CVE-2024-29025

A flaw was found in the io.netty:netty-codec-http package. Affected versions of this package are vulnerable to Allocation of Resources Without Limits or Throttling issues due to the accumulation of data in the HttpPostRequestDecoder. The decoder cumulates bytes in the undecodedChunk buffer until ...

5.3CVSS5.4AI score0.0138EPSS
Exploits1References7
Positive Technologies
Positive Technologiesadded 2024/03/28 12:0 a.m.3 views

PT-2024-2465 · Tenda · Tenda Fh1202

Name of the Vulnerable Software and Affected Versions: Tenda FH1202 version 1.2.0.14408 Description: The issue is related to a stack overflow vulnerability in the fromAddressNat function, specifically in the page parameter. This vulnerability can be exploited by a remote attacker using a speciall...

9CVSS7.5AI score0.00689EPSS
Exploits1References5
NVD
NVDadded 2024/03/26 9:15 p.m.17 views

CVE-2024-2910

A vulnerability, which was classified as critical, has been found in Ruijie RG-EG350 up to 20240318. Affected by this issue is the function vpnAction of the file /itboxpi/vpnquicksetservice.php?a=setvpn of the component HTTP POST Request Handler. The manipulation of the argument...

8.8CVSS6.9AI score0.03747EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2024/03/26 9:0 p.m.13 views

CVE-2024-2910 Ruijie RG-EG350 HTTP POST Request vpnAction os command injection

A vulnerability, which was classified as critical, has been found in Ruijie RG-EG350 up to 20240318. Affected by this issue is the function vpnAction of the file /itboxpi/vpnquicksetservice.php?a=setvpn of the component HTTP POST Request Handler. The manipulation of the argument...

6.5CVSS7.4AI score0.03747EPSS
Exploits0References4
CVE
CVEadded 2024/03/26 9:0 p.m.56 views

CVE-2024-2910

CVE-2024-2910 affects Ruijie RG-EG350 (pre-20240318) in the VPN quick set service. The vulnerable component is the HTTP POST handler function vpnAction in the file /itbox_pi/vpn_quickset_service.php?a=set_vpn. By manipulating arguments ip, port, user, pass, dns, or startIp, an attacker can trigge...

8.8CVSS6.9AI score0.03747EPSS
Exploits0References4Affected Software1
Cvelist
Cvelistadded 2024/03/26 9:0 p.m.25 views

CVE-2024-2910 Ruijie RG-EG350 HTTP POST Request vpnAction os command injection

A vulnerability, which was classified as critical, has been found in Ruijie RG-EG350 up to 20240318. Affected by this issue is the function vpnAction of the file /itboxpi/vpnquicksetservice.php?a=setvpn of the component HTTP POST Request Handler. The manipulation of the argument...

6.5CVSS7.1AI score0.03747EPSS
Exploits0References4
Vulnrichment
Vulnrichmentadded 2024/03/26 9:0 p.m.16 views

CVE-2024-2909 Ruijie RG-EG350 HTTP POST Request setAction os command injection

A vulnerability classified as critical was found in Ruijie RG-EG350 up to 20240318. Affected by this vulnerability is the function setAction of the file /itboxpi/networksafe.php?a=set of the component HTTP POST Request Handler. The manipulation of the argument bandwidth leads to os command...

9CVSS7.4AI score0.03987EPSS
Exploits0References4
Cvelist
Cvelistadded 2024/03/26 9:0 p.m.23 views

CVE-2024-2909 Ruijie RG-EG350 HTTP POST Request setAction os command injection

A vulnerability classified as critical was found in Ruijie RG-EG350 up to 20240318. Affected by this vulnerability is the function setAction of the file /itboxpi/networksafe.php?a=set of the component HTTP POST Request Handler. The manipulation of the argument bandwidth leads to os command...

9CVSS9.3AI score0.03987EPSS
Exploits0References4
CVE
CVEadded 2024/03/26 9:0 p.m.76 views

CVE-2024-2909

CVE-2024-2909 affects Ruijie RG-EG350 up to 20240318. The vulnerability resides in the HTTP POST Request Handler function setAction (file /itbox_pi/networksafe.php?a=set) where manipulation of the bandwidth argument enables OS command injection. It can be exploited remotely; multiple sources conf...

9CVSS9.2AI score0.03987EPSS
Exploits0References4Affected Software1
OSV
OSVadded 2024/03/15 6:30 p.m.3 views

GHSA-99WG-VMVQ-2CP5 RaspAP Vulnerable to Code Injection via an Unknown Process in File `includes/provider.php`

A vulnerability was found in RaspAP raspap-webgui 3.0.9 and classified as critical. This issue affects some unknown processing of the file includes/provider.php of the component HTTP POST Request Handler. The manipulation of the argument country leads to code injection. The attack may be initiate...

4.7CVSS7.4AI score0.00907EPSS
Exploits1References5
NVD
NVDadded 2024/03/15 5:15 p.m.13 views

CVE-2024-2497

A vulnerability was found in RaspAP raspap-webgui 3.0.9 and classified as critical. This issue affects some unknown processing of the file includes/provider.php of the component HTTP POST Request Handler. The manipulation of the argument country leads to code injection. The attack may be initiate...

7.2CVSS5.3AI score0.00907EPSS
Exploits1References3
OSV
OSVadded 2024/03/15 5:15 p.m.7 views

CVE-2024-2497

A vulnerability was found in RaspAP raspap-webgui 3.0.9 and classified as critical. This issue affects some unknown processing of the file includes/provider.php of the component HTTP POST Request Handler. The manipulation of the argument country leads to code injection. The attack may be initiate...

7.2CVSS7.4AI score
Exploits0References3
CVE
CVEadded 2024/03/15 5:0 p.m.61 views

CVE-2024-2497

RaspAP raspap-webgui 3.0.9 contains a code injection vulnerability in includes/provider.php via the HTTP POST parameter country, enabling remote code execution. Exploitation is possible over the network and public disclosures exist. A remediation is available: upgrade to billz/raspap-webgui 3.1.0...

7.2CVSS5.3AI score0.00907EPSS
Exploits1References3Affected Software1
NVD
NVDadded 2024/03/15 7:15 a.m.18 views

CVE-2024-2482

A vulnerability has been found in Surya2Developer Hostel Management Service 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /checkavailability.php of the component HTTP POST Request Handler. The manipulation of the argument oldpassword lea...

3.7CVSS4.3AI score0.00828EPSS
Exploits1References3
Vulnrichment
Vulnrichmentadded 2024/03/15 6:31 a.m.12 views

CVE-2024-2482 Surya2Developer Hostel Management Service HTTP POST Request check_availability.php observable response discrepancy

A vulnerability has been found in Surya2Developer Hostel Management Service 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /checkavailability.php of the component HTTP POST Request Handler. The manipulation of the argument oldpassword lea...

3.7CVSS6.9AI score0.00828EPSS
Exploits1References3
Cvelist
Cvelistadded 2024/03/15 6:31 a.m.27 views

CVE-2024-2482 Surya2Developer Hostel Management Service HTTP POST Request check_availability.php observable response discrepancy

A vulnerability has been found in Surya2Developer Hostel Management Service 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /checkavailability.php of the component HTTP POST Request Handler. The manipulation of the argument oldpassword lea...

3.7CVSS4.8AI score0.00828EPSS
Exploits1References3
Rows per page
Query Builder