537 matches found
CVE-2024-24976
A denial of service vulnerability exists in the OAS Engine File Data Source Configuration functionality of Open Automation Software OAS Platform V19.00.0057. A specially crafted series of network requests can cause the running program to stop. An attacker can send a sequence of requests to trigge...
CVE-2023-26925
An information disclosure vulnerability exists in the Syslog functionality of D-LINK DIR-882 1.30. A specially crafted network request can lead to the disclosure of sensitive information...
CVE-2023-49595
A stack-based buffer overflow vulnerability exists in the boa rollbackcontrolcode functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of network requests can lead to arbitrary code execution. An attacker can send a sequence of requests to trigger this vulnerability...
CVE-2023-34994
An improper resource allocation vulnerability exists in the OAS Engine configuration management functionality of Open Automation Software OAS Platform v18.00.0072. A specially crafted series of network requests can lead to creation of an arbitrary directory. An attacker can send a sequence of...
CVE-2023-32615
A file write vulnerability exists in the OAS Engine configuration functionality of Open Automation Software OAS Platform v18.00.0072. A specially crafted series of network requests can lead to arbitrary file creation or overwrite. An attacker can send a sequence of requests to trigger this...
CVE-2023-24595
An OS command injection vulnerability exists in the ysthirdparty systemuserscript functionality of Milesight UR32L v32.3.0.5. A specially crafted series of network requests can lead to command execution. An attacker can send a sequence of requests to trigger this vulnerability...
CVE-2023-24520
Two OS command injection vulnerability exist in the vtyshubus toolshexcute.constprop.1 functionality of Milesight UR32L v32.3.0.5. A specially-crafted network request can lead to command execution. An attacker can send a network request to trigger these vulnerabilities.This command injection is i...
CVE-2021-21817
An information disclosure vulnerability exists in the Zebra IP Routing Manager functionality of D-LINK DIR-3040 1.13B03. A specially crafted network request can lead to the disclosure of sensitive information. An attacker can send a sequence of requests to trigger this vulnerability...
CVE-2019-15388
The Coolpad 1851 Android device with a build fingerprint of Coolpad/android/android:8.1.0/O11019/1534834761:userdebug/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer versionCode=7, versionName=7.1.13. This app contains an exported service name...
CVE-2019-15389
The Haier A6 Android device with a build fingerprint of Haier/A6/A6:8.1.0/O11019/1534219877:userdebug/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer versionCode=7, versionName=7.1.13. This app contains an exported service named...
CVE-2025-20140
A vulnerability in the Wireless Network Control daemon wncd of Cisco IOS XE Software for Wireless LAN Controllers WLCs could allow an unauthenticated, adjacent wireless attacker to cause a denial of service DoS condition. This vulnerability is due to improper memory management. An attacker could...
CVE-2025-20140
A vulnerability in the Wireless Network Control daemon wncd of Cisco IOS XE Software for Wireless LAN Controllers WLCs could allow an unauthenticated, adjacent wireless attacker to cause a denial of service DoS condition. This vulnerability is due to improper memory management. An attacker could...
PT-2025-20248 · Cisco · Cisco Ios Xe
Name of the Vulnerable Software and Affected Versions: Cisco IOS XE Software for Wireless LAN Controllers WLCs affected versions not specified Description: A vulnerability in the Wireless Network Control daemon wncd could allow an unauthenticated, adjacent wireless attacker to cause a denial of...
XML External Entity (XXE) Injection
Overview rtc-tools is a Toolbox for control and optimization of water systems. Affected versions of this package are vulnerable to XML External Entity XXE Injection due to unsafe parsing of pathxml. An attacker could potentially exploit this by providing malicious XML input, leading to unauthoris...
CVE-2024-50595
An integer underflow vulnerability exists in the HTTP server PUT request functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0. A specially crafted series of network requests can lead to denial of service. An attacker can send a sequence of malicious packets to trigger this vulnerability.Thi...
WordPress plugin WP Compress 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue...
CVE-2025-27430
SAP CRM and SAP S/4HANA (Interaction Center) are affected by a server-side request forgery (SSRF) vulnerability. The vulnerability allows an attacker with low privileges to access internal network resources, compromising confidentiality with no impact on integrity or availability. The CVSS 3.1 ve...
Zoom Workplace App for Linux Denial of Service Vulnerability
Zoom Workplace App for Linux is a Linux application for enterprise communication and collaboration. A denial of service vulnerability exists in Zoom Workplace App for Linux, which stems from the application failing to properly handle specific network requests. An attacker could exploit the...
CVE-2021-40419
A firmware update vulnerability exists in the 'factory' binary of reolink RLC-410W v3.0.0.13620121102. A specially-crafted series of network requests can lead to arbitrary firmware update. An attacker can send a sequence of requests to trigger this vulnerability...
CVE-2022-26303
An external config control vulnerability exists in the OAS Engine SecureAddUser functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted series of network requests can lead to the creation of an OAS user account. An attacker can send a sequence of requests to trigge...