Lucene search
+L

537 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 10:7 a.m.9 views

CVE-2024-24976

A denial of service vulnerability exists in the OAS Engine File Data Source Configuration functionality of Open Automation Software OAS Platform V19.00.0057. A specially crafted series of network requests can cause the running program to stop. An attacker can send a sequence of requests to trigge...

4.9CVSS6.7AI score0.00901EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:39 a.m.6 views

CVE-2023-26925

An information disclosure vulnerability exists in the Syslog functionality of D-LINK DIR-882 1.30. A specially crafted network request can lead to the disclosure of sensitive information...

7.5CVSS6.3AI score0.00913EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:27 a.m.6 views

CVE-2023-49595

A stack-based buffer overflow vulnerability exists in the boa rollbackcontrolcode functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of network requests can lead to arbitrary code execution. An attacker can send a sequence of requests to trigger this vulnerability...

7.2CVSS7.9AI score0.00893EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 3:57 a.m.21 views

CVE-2023-34994

An improper resource allocation vulnerability exists in the OAS Engine configuration management functionality of Open Automation Software OAS Platform v18.00.0072. A specially crafted series of network requests can lead to creation of an arbitrary directory. An attacker can send a sequence of...

4.3CVSS6.8AI score0.00652EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:49 a.m.8 views

CVE-2023-32615

A file write vulnerability exists in the OAS Engine configuration functionality of Open Automation Software OAS Platform v18.00.0072. A specially crafted series of network requests can lead to arbitrary file creation or overwrite. An attacker can send a sequence of requests to trigger this...

8.1CVSS6.9AI score0.00727EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:22 a.m.8 views

CVE-2023-24595

An OS command injection vulnerability exists in the ysthirdparty systemuserscript functionality of Milesight UR32L v32.3.0.5. A specially crafted series of network requests can lead to command execution. An attacker can send a sequence of requests to trigger this vulnerability...

7.2CVSS7.3AI score0.0371EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:12 a.m.6 views

CVE-2023-24520

Two OS command injection vulnerability exist in the vtyshubus toolshexcute.constprop.1 functionality of Milesight UR32L v32.3.0.5. A specially-crafted network request can lead to command execution. An attacker can send a network request to trigger these vulnerabilities.This command injection is i...

8.8CVSS7.8AI score0.036EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:30 p.m.8 views

CVE-2021-21817

An information disclosure vulnerability exists in the Zebra IP Routing Manager functionality of D-LINK DIR-3040 1.13B03. A specially crafted network request can lead to the disclosure of sensitive information. An attacker can send a sequence of requests to trigger this vulnerability...

7.5CVSS6.2AI score0.02013EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:20 a.m.10 views

CVE-2019-15388

The Coolpad 1851 Android device with a build fingerprint of Coolpad/android/android:8.1.0/O11019/1534834761:userdebug/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer versionCode=7, versionName=7.1.13. This app contains an exported service name...

9.3CVSS7AI score0.01066EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:20 a.m.13 views

CVE-2019-15389

The Haier A6 Android device with a build fingerprint of Haier/A6/A6:8.1.0/O11019/1534219877:userdebug/release-keys contains a pre-installed platform app with a package name of com.lovelyfont.defcontainer versionCode=7, versionName=7.1.13. This app contains an exported service named...

9.3CVSS7AI score0.01066EPSS
Exploits0References1
OSV
OSV
added 2025/05/07 6:15 p.m.6 views

CVE-2025-20140

A vulnerability in the Wireless Network Control daemon wncd of Cisco IOS XE Software for Wireless LAN Controllers WLCs could allow an unauthenticated, adjacent wireless attacker to cause a denial of service DoS condition. This vulnerability is due to improper memory management. An attacker could...

7.4CVSS6.6AI score0.00204EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/05/07 5:36 p.m.4 views

CVE-2025-20140

A vulnerability in the Wireless Network Control daemon wncd of Cisco IOS XE Software for Wireless LAN Controllers WLCs could allow an unauthenticated, adjacent wireless attacker to cause a denial of service DoS condition. This vulnerability is due to improper memory management. An attacker could...

7.4CVSS7.5AI score0.00204EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/05/07 12:0 a.m.10 views

PT-2025-20248 · Cisco · Cisco Ios Xe

Name of the Vulnerable Software and Affected Versions: Cisco IOS XE Software for Wireless LAN Controllers WLCs affected versions not specified Description: A vulnerability in the Wireless Network Control daemon wncd could allow an unauthenticated, adjacent wireless attacker to cause a denial of...

7.4CVSS6.4AI score0.00204EPSS
Exploits0References4
Snyk
Snyk
added 2025/05/01 6:33 a.m.3 views

XML External Entity (XXE) Injection

Overview rtc-tools is a Toolbox for control and optimization of water systems. Affected versions of this package are vulnerable to XML External Entity XXE Injection due to unsafe parsing of pathxml. An attacker could potentially exploit this by providing malicious XML input, leading to unauthoris...

8.8CVSS7.5AI score
Exploits0References3
Cvelist
Cvelist
added 2025/04/02 1:41 p.m.16 views

CVE-2024-50595

An integer underflow vulnerability exists in the HTTP server PUT request functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0. A specially crafted series of network requests can lead to denial of service. An attacker can send a sequence of malicious packets to trigger this vulnerability.Thi...

4.3CVSS0.00707EPSS
Exploits1References1
CNNVD
CNNVD
added 2025/03/25 12:0 a.m.6 views

WordPress plugin WP Compress 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue...

5.8CVSS8.7AI score0.0037EPSS
Exploits0References6
CVE
CVE
added 2025/03/11 12:37 a.m.63 views

CVE-2025-27430

SAP CRM and SAP S/4HANA (Interaction Center) are affected by a server-side request forgery (SSRF) vulnerability. The vulnerability allows an attacker with low privileges to access internal network resources, compromising confidentiality with no impact on integrity or availability. The CVSS 3.1 ve...

3.5CVSS7AI score0.00231EPSS
Exploits0References2
CNVD
CNVD
added 2025/02/13 12:0 a.m.4 views

Zoom Workplace App for Linux Denial of Service Vulnerability

Zoom Workplace App for Linux is a Linux application for enterprise communication and collaboration. A denial of service vulnerability exists in Zoom Workplace App for Linux, which stems from the application failing to properly handle specific network requests. An attacker could exploit the...

6.5CVSS6.7AI score0.00456EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/06 4:11 a.m.10 views

CVE-2021-40419

A firmware update vulnerability exists in the 'factory' binary of reolink RLC-410W v3.0.0.13620121102. A specially-crafted series of network requests can lead to arbitrary firmware update. An attacker can send a sequence of requests to trigger this vulnerability...

10CVSS6.8AI score0.01232EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/02/05 7:6 p.m.9 views

CVE-2022-26303

An external config control vulnerability exists in the OAS Engine SecureAddUser functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted series of network requests can lead to the creation of an OAS user account. An attacker can send a sequence of requests to trigge...

7.5CVSS6.6AI score0.01208EPSS
Exploits1References1
Rows per page
Query Builder