Lucene search
K

98 matches found

BDU FSTEC
BDU FSTEC
added 2022/12/09 12:0 a.m.7 views

The vulnerability of D-Link DIR-823G router microprogramming software arises from the lack of measures taken to neutralize the special elements used in the operating system’s command set. This vulnerability allows a hacker to execute arbitrary operating system commands.

The vulnerability of the D-Link DIR-823G router’s microprogramming software exists due to the lack of measures taken to neutralize the special elements used in the operating system commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary operating system commands usin...

10CVSS8.1AI score0.03826EPSS
Exploits1References5Affected Software1
OSV
OSV
added 2022/09/15 3:15 p.m.3 views

CVE-2022-3001

This vulnerability exists in Milesight Video Management Systems VMS, all firmware versions prior to 40.7.0.79-r1, due to improper input handling at camera’s web-based management interface. A remote attacker could exploit this vulnerability by sending a specially crafted http request on the target...

7.5CVSS5.9AI score
Exploits0References1
Vulnrichment
Vulnrichment
added 2022/08/31 2:55 p.m.5 views

CVE-2022-36035 Flux CLI Workload Injection

Flux is a tool for keeping Kubernetes clusters in sync with sources of configuration like Git repositories, and automating updates to configuration when there is new code to deploy. Flux CLI allows users to deploy Flux components into a Kubernetes cluster via command-line. The vulnerability allow...

7.7CVSS7.8AI score0.00306EPSS
Exploits0References2
OSV
OSV
added 2022/07/20 2:48 p.m.3 views

USN-5272-1 hdf5 vulnerabilities

It was discovered that HDF5 incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service...

6.5CVSS7.3AI score0.01972EPSS
Exploits3References4
Positive Technologies
Positive Technologies
added 2022/07/18 12:0 a.m.4 views

PT-2022-20575 · Jquery +5 · Jquery Ui +5

Name of the Vulnerable Software and Affected Versions: jQuery UI versions prior to 1.13.2 Moodle versions prior to 3.11.17-alt1 Description: jQuery UI, a collection of user interface interactions, effects, widgets, and themes built on jQuery, is susceptible to a cross-site scripting XSS issue...

8CVSS6AI score0.44515EPSS
Exploits6References61
OSV
OSV
added 2022/07/14 12:2 p.m.3 views

USN-5519-1 python2.7, python3.10, python3.4, python3.5, python3.6, python3.8, python3.9 vulnerability

It was discovered that Python incorrectly handled certain inputs. An attacker could possibly use this issue to execute arbitrary code...

8CVSS7.1AI score0.07017EPSS
Exploits1References2
OSV
OSV
added 2022/02/08 10:24 p.m.3 views

USN-5159-1 node-bl vulnerability

It was discovered that bl incorrectly handled certain inputs. An attacker could possibly use this issue to cause a denial of service...

6.5CVSS6.8AI score0.02183EPSS
Exploits1References2
OSV
OSV
added 2022/02/08 12:17 p.m.6 views

USN-4754-5 python2.7 vulnerability

USN-4754-1 fixed vulnerabilities in Python. Because of a regression, a subsequent update removed the fix for CVE-2021-3177. This update reinstates the security fix for CVE-2021-3177 in Ubuntu 14.04 ESM. Original advisory details: It was discovered that Python incorrectly handled certain inputs. A...

9.8CVSS7.1AI score0.23293EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2022/01/25 12:0 a.m.7 views

The vulnerability of NETGEAR Wi-Fi router software, including models RBK752, RBR750, RBS750, RBK852, RBR850, and RBS850, stems from insufficient cleaning of input data, allowing attackers to execute arbitrary commands.

The vulnerability of NETGEAR Wi-Fi router software, including models RBK752, RBR750, RBS750, RBK852, RBR850, and RBS850, is related to insufficient cleaning of input data. Exploiting this vulnerability can allow a remote attacker to execute arbitrary commands...

10CVSS8.1AI score0.02063EPSS
Exploits0References3Affected Software33
OSV
OSV
added 2020/08/27 3:45 p.m.1 views

USN-4476-1 nss vulnerability

It was discovered that NSS incorrectly handled some inputs. An attacker could possibly use this issue to expose sensitive information...

9.1CVSS7.1AI score0.01541EPSS
Exploits0References2
OSV
OSV
added 2019/09/06 9:9 p.m.7 views

MGASA-2019-0246 Updated monit packages fix security vulnerabilities

Updated monit package fixes security vulnerabilities: Zack Flack discovered that Monit incorrectly handled certain input. A remote authenticated user could exploit this to conduct cross-site scripting XSS attacks CVE-2019-11454. Zack Flack discovered a buffer overread when Monit decoded certain...

8.1CVSS6.8AI score0.03138EPSS
Exploits2References3
securityvulns
securityvulns
added 2008/09/01 12:0 a.m.80 views

[Advisory] Invision Power Board <= 2.3.5 Multiple Vulnerabilities and Security Bypass

Title: Invision Power Board = 2.3.5 Multiple Vulnerabilities and Security Bypass Vendor: http://www.invisionpower.com/community/board/ Advisory: http://acid-root.new.fr/?0:18 Author: DarkFig gmdarkfig at gmail dot com Released on: 2008/08/29 Changelog: 2008/08/29 Summary: Introduction Blind SQL...

0.2AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2004/09/29 12:0 a.m.22 views

Debian DSA-144-1 : wwwoffle - improper input handling

A problem with wwwoffle has been discovered. The web proxy didn't handle input data with negative Content-Length settings properly which causes the processing child to crash. It is at this time not obvious how this can lead to an exploitable vulnerability; however, it's better to be safe than...

7.5CVSS5.3AI score0.04052EPSS
Exploits0References2
exploitpack
exploitpack
added 2003/10/22 12:0 a.m.15 views

DansGuardian 2.2.x - Denied URL Cross-Site Scripting

DansGuardian 2.2.x - Denied URL Cross-Site Scripting source: https://www.securityfocus.com/bid/8876/info A problem has been reported in the handling of some types of input to DansGuardian. This problem may permit an attacker to launch cross-site scripting attacks...

6.8AI score
Exploits0
Exploit DB
Exploit DB
added 2003/06/20 12:0 a.m.22 views

Tutos 1.1 - 'File_Select.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/8011/info It has been reported that Tutos does not properly handle input to the fileselect script. Because of this, an attacker may be able to execute code in the browser of another user with the privileges of the vulnerable site...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2003/06/20 12:0 a.m.22 views

Tutos 1.1 - File_New Arbitrary File Upload

source: https://www.securityfocus.com/bid/8012/info It has been reported that Tutos does not properly handle input to the filenew script. Because of this, an attacker may be able to upload arbitrary files to a vulnerable site. We can upload via...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2003/01/11 12:0 a.m.22 views

Xynph FTP Server 1.0 - Directory Traversal

source: https://www.securityfocus.com/bid/6587/info A problem with the handling of input has been reported in Xynph FTP Server. Under some circumstances, it may be possible for a remote user to escape the FTP root directory using relative path notation. This could allow unauthorized access to...

7.4AI score
Exploits0
Debian
Debian
added 2002/08/06 9:7 a.m.41 views

[SECURITY] [DSA 144-1] New wwwoffle packages fix security related problems

-------------------------------------------------------------------------- Debian Security Advisory DSA 144-1 [email protected] http://www.debian.org/security/ Martin Schulze August 6th, 2002 - -------------------------------------------------------------------------- Package : wwwoffle...

7.5CVSS6.1AI score0.04052EPSS
Exploits0
Rows per page
Query Builder