VulnCheck KEV: CVE-2020-29597

IncomCMS 2.0 has a modules/uploader/showcase/script.php insecure file upload vulnerability. This vulnerability allows unauthenticated attackers to upload files into the server...

OESA-2023-1935 golang security update

. Security Fixes: A malicious HTTP sender can use chunk extensions to cause a receiver reading from a request or response body to read many more bytes from the network than are in the body. A malicious HTTP client can further exploit this to cause a server to automatically read a large amount of...

The vulnerability of 5G MediaTek wireless communication modules, related to insufficient validation of input data, allows attackers to trigger service interruptions.

The vulnerability of 5G wireless communication modules by MediaTek is related to insufficient verification of input data. Exploiting this vulnerability can allow a remote attacker to cause service failures...

[SECURITY] Fedora 39 Update: ansible-core-2.16.2-1.fc39

Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred t...

[SECURITY] Fedora 39 Update: ansible-9.1.0-1.fc39

Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred t...

The vulnerability of the web server of the microprogramming software for communication modules of SIMATIC CP, SIPLUS NET CP 1543-1, and the servo drive system SINAMICS S210 allows a intruder to cause service interruptions.

The vulnerability of the web server of the microprogramming software for communication modules of SIMATIC CP, SIPLUS NET CP 1543-1, and the servo drive system SINAMICS S210 is related to the lack of a mechanism for releasing memory. Exploiting this vulnerability could allow an attacker, operating...

[SECURITY] Fedora 38 Update: perl-5.36.3-498.fc38

Perl is a high-level programming language with roots in C, sed, awk and shell scripting. Perl is good at handling processes and files, and is especially good at handling text. Perl's hallmarks are practicality and efficiency. While it is used to do a lot of different things, Perl's most common...

Pluck 安全漏洞

Pluck is a content management system CMS developed using the PHP language. An arbitrary file upload vulnerability exists in Pluck version v4.7.18, which stems from the lack of valid validation of uploaded files in component /inc/modulesinstall.php. An attacker can exploit this vulnerability to...

PT-2023-31588 · Pluck Cms · Pluck Cms

Name of the Vulnerable Software and Affected Versions: Pluck-CMS version 4.7.18 Description: The issue is related to an arbitrary file upload vulnerability in the /inc/modules install.php component. This vulnerability allows attackers to execute arbitrary code by uploading a crafted ZIP file...

CVE-2023-49587

SAP Solution Manager - version 720, allows an authorized attacker to execute certain deprecated function modules which can read or modify data of same or other component without user interaction over the network...

CVE-2023-49587 Command Injection vulnerability in SAP Solution Manager

SAP Solution Manager - version 720, allows an authorized attacker to execute certain deprecated function modules which can read or modify data of same or other component without user interaction over the network...

The vulnerability of 5G MediaTek wireless communication modules, related to improper error handling, allows attackers to trigger service interruptions.

The vulnerability of 5G wireless communication modules from MediaTek is related to improper error handling. Exploiting this vulnerability can allow attackers to cause service failures when receiving improperly formatted RRC messages...

The vulnerability of 5G MediaTek wireless communication modules, related to improper error handling, allows attackers to trigger service interruptions.

The vulnerability of 5G wireless communication modules from MediaTek is related to improper error handling. Exploiting this vulnerability can allow attackers to cause service failures when receiving improperly formatted RRC messages...

The vulnerability of 5G MediaTek wireless communication modules, related to improper error handling, allows attackers to trigger service interruptions.

The vulnerability of 5G wireless communication modules from MediaTek is related to improper error handling. Exploiting this vulnerability can allow attackers to cause service failures when receiving improperly formatted RRC messages...

The vulnerability of 5G MediaTek wireless communication modules, related to improper error handling, allows attackers to trigger service interruptions.

The vulnerability of 5G wireless communication modules from MediaTek is related to improper error handling. Exploiting this vulnerability can allow attackers to cause service failures when receiving improperly formatted RRC messages...

Vulnerability of modules for supporting and implementing ICMP, TCP, SNMP, DHCP, NAT, and FTP network stack in Azure RTOS NetX Duo, allowing a hacker to execute arbitrary code or cause service failure.

Vulnerability of modules for supporting and implementing ICMP, TCP, SNMP, DHCP, NAT, and FTP network stack in Azure RTOS NetX Duo arises due to the operation of writing data beyond the buffer limit in memory, as a result of the pointer being set to an expired one. Exploitation of this vulnerabili...

The vulnerability of 5G MediaTek wireless communication modules, related to improper error handling, allows attackers to trigger service interruptions.

The vulnerability of 5G wireless communication modules from MediaTek is related to improper error handling. Exploiting this vulnerability can allow attackers to cause service failures when receiving improperly formatted RRC messages...

The vulnerability of 5G MediaTek wireless communication modules, related to improper error handling, allows attackers to trigger service interruptions.

The vulnerability of 5G wireless communication modules from MediaTek is related to improper error handling. Exploiting this vulnerability can allow attackers to cause service failures when receiving improperly formatted RRC messages...

CVE-2023-49429

Tenda AX9 V22.03.01.46 was discovered to contain a SQL command injection vulnerability in the 'setDeviceInfo' feature through the 'mac' parameter at /goform/setModules...

SUSE CVE-2023-45285

Using go get to fetch a module with the ".git" suffix may unexpectedly fallback to the insecure "git://" protocol if the module is unavailable via the secure "https://" and "git+ssh://" protocols, even if GOINSECURE is not set for said module. This only affects users who are not using the module...