Lucene search
K

1307 matches found

NVD
NVD
added 2023/07/06 3:15 p.m.23 views

CVE-2023-25124

Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...

7.2CVSS7.5AI score0.01405EPSS
Exploits1References2
OSV
OSV
added 2023/07/06 3:15 p.m.4 views

CVE-2023-25107

Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...

7.2CVSS7.5AI score0.01318EPSS
Exploits1References2
OSV
OSV
added 2023/07/06 3:15 p.m.4 views

CVE-2023-25106

Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...

7.2CVSS6.3AI score0.01318EPSS
Exploits1References2
OSV
OSV
added 2023/07/06 3:15 p.m.4 views

CVE-2023-25112

Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...

7.2CVSS6.3AI score0.01318EPSS
Exploits1References2
OSV
OSV
added 2023/07/06 3:15 p.m.5 views

CVE-2023-25103

Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...

7.2CVSS6.3AI score0.01318EPSS
Exploits1References2
Cvelist
Cvelist
added 2023/07/06 2:53 p.m.21 views

CVE-2023-25124

Multiple buffer overflow vulnerabilities exist in the vtyshubus binary of Milesight UR32L v32.3.0.5 due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An attacker with high privileges can send HTTP requests to trigger these...

7.2CVSS7.7AI score0.01405EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2023/07/06 12:0 a.m.5 views

PT-2023-5081 · Milesight · Milesight Ur32L

Name of the Vulnerable Software and Affected Versions: Milesight UR32L version 32.3.0.5 Description: The issue is caused by a buffer overflow vulnerability in the set openvpn client function of the Milesight UR32L router's firmware. This vulnerability can be exploited by a remote attacker to...

8.3CVSS7.5AI score0.01318EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2023/07/06 12:0 a.m.6 views

PT-2023-5172 · Milesight · Milesight Ur32L

Name of the Vulnerable Software and Affected Versions: Milesight UR32L version 32.3.0.5 Description: Multiple buffer overflow vulnerabilities exist in the vtysh ubus binary due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An...

8.3CVSS7.5AI score0.01318EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2023/07/06 12:0 a.m.4 views

PT-2023-5143 · Milesight · Milesight Ur32L

Name of the Vulnerable Software and Affected Versions: Milesight UR32L version 32.3.0.5 Description: Multiple buffer overflow vulnerabilities exist in the vtysh ubus binary due to the use of an unsafe sprintf pattern. A specially crafted HTTP request can lead to arbitrary code execution. An...

9CVSS7.5AI score0.01318EPSS
Exploits1References6
OSV
OSV
added 2023/06/29 9:2 p.m.6 views

CLSA-2023-1688072526 Fix of 5 CVEs

CVE-2023-32233 // CVE-url: https://ubuntu.com/security/CVE-2023-32233 - netfilter: nftables: add nftsetisanonymous helper - netfilter: nftables: split set destruction in deactivate and destroy phase - netfilter: nftables: unbind set in rule from commit path - netfilter: nftables: fix set...

7.8CVSS6.9AI score0.16642EPSS
Exploits8References1
OSV
OSV
added 2023/06/29 8:59 p.m.6 views

CLSA-2023-1688072342 Fix of 5 CVEs

CVE-2023-32233 // CVE-url: https://ubuntu.com/security/CVE-2023-32233 - netfilter: nftables: add nftsetisanonymous helper - netfilter: nftables: split set destruction in deactivate and destroy phase - netfilter: nftables: unbind set in rule from commit path - netfilter: nftables: fix set...

7.8CVSS6.9AI score0.16642EPSS
Exploits8References1
OSSF Malicious Packages
OSSF Malicious Packages
added 2023/06/06 6:45 a.m.0 views

Malicious code in privacy-mask (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 998f7e814713415fe18daae62e103985641b6e30054350c3832c42097800856d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

6.9AI score
Exploits0References1
OSV
OSV
added 2023/06/06 6:45 a.m.8 views

MAL-2023-699 Malicious code in privacy-mask (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 998f7e814713415fe18daae62e103985641b6e30054350c3832c42097800856d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

7AI score
Exploits0References1
CNNVD
CNNVD
added 2023/06/02 12:0 a.m.6 views

Mitsubishi Electric 多款产品安全漏洞

The Mitsubishi Electric MELSEC iQ-R series and the Mitsubishi Electric MELSEC iQ-F series are both programmable logic controllers from Mitsubishi Electric Japan. A security vulnerability exists in several Mitsubishi Electric products, which is caused by a missing mask when entering a password fie...

6.2CVSS6.4AI score0.00331EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/05/26 12:0 a.m.4 views

PT-2023-24204 · Highlight · Highlight

Name of the Vulnerable Software and Affected Versions: Highlight versions prior to 6.0.0 Description: Highlight may record passwords on customer deployments when a password html input is switched to type="text" via a javascript "Show Password" button. This issue arises because the expected behavi...

6.5CVSS6.3AI score0.00285EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/05/16 8:56 a.m.2 views

kernel: sched/core: Do not requeue task on CPU excluded from cpus_mask

In the Linux kernel, the following vulnerability has been resolved: sched/core: Do not requeue task on CPU excluded from cpusmask The following warning was triggered on a large machine early in boot on a distribution kernel but the same problem should also affect mainline. WARNING: CPU: 439 PID: ...

5.5CVSS6AI score0.00203EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/05/16 8:56 a.m.10 views

kernel: udmabuf: Set the DMA mask for the udmabuf device (v2)

In the Linux kernel, the following vulnerability has been resolved: udmabuf: Set the DMA mask for the udmabuf device v2 If the DMA mask is not set explicitly, the following warning occurs when the userspace tries to access the dma-buf via the CPU as reported by syzbot here: WARNING: CPU: 1 PID:...

5.5CVSS6.3AI score0.00197EPSS
Exploits0References5
AlmaLinux
AlmaLinux
added 2023/05/16 12:0 a.m.37 views

Moderate: dhcp security and bug fix update

The Dynamic Host Configuration Protocol DHCP is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp packages provide a relay agent and ISC DHCP service required to...

6.5CVSS7AI score0.00664EPSS
Exploits0References6
RedHat Linux
RedHat Linux
added 2023/05/09 10:4 a.m.2 views

kernel: sched/core: Do not requeue task on CPU excluded from cpus_mask

In the Linux kernel, the following vulnerability has been resolved: sched/core: Do not requeue task on CPU excluded from cpusmask The following warning was triggered on a large machine early in boot on a distribution kernel but the same problem should also affect mainline. WARNING: CPU: 439 PID: ...

5.5CVSS6AI score0.00203EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/05/09 10:4 a.m.1 views

kernel: udmabuf: Set the DMA mask for the udmabuf device (v2)

In the Linux kernel, the following vulnerability has been resolved: udmabuf: Set the DMA mask for the udmabuf device v2 If the DMA mask is not set explicitly, the following warning occurs when the userspace tries to access the dma-buf via the CPU as reported by syzbot here: WARNING: CPU: 1 PID:...

5.5CVSS6.3AI score0.00197EPSS
Exploits0References5
Rows per page
Query Builder