Lucene search
+L

537 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 1:42 p.m.15 views

CVE-2020-13556

An out-of-bounds write vulnerability exists in the Ethernet/IP server functionality of EIP Stack Group OpENer 2.3 and development commit 8c73bf3. A specially crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger this...

9.8CVSS7.6AI score0.04519EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/02/05 1:41 p.m.13 views

CVE-2020-13530

A denial-of-service vulnerability exists in the Ethernet/IP server functionality of the EIP Stack Group OpENer 2.3 and development commit 8c73bf3. A large number of network requests in a small span of time can cause the running program to stop. An attacker can send a sequence of requests to trigg...

7.5CVSS6.6AI score0.02063EPSS
Exploits1
RedhatCVE
RedhatCVE
added 2025/02/05 11:16 a.m.15 views

CVE-2024-21785

A leftover debug code vulnerability exists in the Telnet Diagnostic Interface functionality of AutomationDirect P3-550E 1.2.10.9. A specially crafted series of network requests can lead to unauthorized access. An attacker can send a sequence of requests to trigger this vulnerability...

9.8CVSS6.7AI score0.01512EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/02/05 10:48 a.m.11 views

CVE-2024-21827

A leftover debug code vulnerability exists in the cliserver debug functionality of Tp-Link ER7206 Omada Gigabit VPN Router 1.4.1 Build 20240117 Rel.57421. A specially crafted series of network requests can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger...

7.2CVSS7.2AI score0.00871EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/02/05 4:47 a.m.9 views

CVE-2024-36980

An out-of-bounds read vulnerability exists in the OpenPLC Runtime EtherNet/IP PCCC parser functionality of OpenPLCv3 b4702061dc14d1024856f71b4543298d77007b88. A specially crafted network request can lead to denial of service. An attacker can send a series of EtherNet/IP requests to trigger this...

7.5CVSS7.3AI score0.01099EPSS
Exploits1
CNNVD
CNNVD
added 2025/01/30 12:0 a.m.5 views

Zoom Workplace 安全漏洞

Zoom Workplace App for Linux is a Linux application for enterprise communication and collaboration. A denial of service vulnerability exists in Zoom Workplace App for Linux, which stems from the application failing to properly handle specific network requests. An attacker could exploit the...

6.5CVSS6.6AI score0.00456EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/01/27 12:0 a.m.3 views

IBM Storage Defender 安全漏洞

IBM Storage Defender is a solution from International Business Machines IBM that provides end-to-end data resiliency. A security vulnerability exists in IBM Storage Defender that originates from sending network requests over an insecure channel...

7.5CVSS6.5AI score0.00247EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/01/14 12:0 a.m.5 views

PT-2025-3907 · Unknown · Invoice Ninja

Name of the Vulnerable Software and Affected Versions: Invoice Ninja versions 5.8.56 through 5.11.23 Description: Invoice Ninja is vulnerable to authenticated Server-Side Request Forgery SSRF, allowing for arbitrary file read and network resource requests as the application user. This issue enabl...

7.7CVSS6.8AI score0.00391EPSS
Exploits0References11
OSV
OSV
added 2024/12/18 7:22 p.m.6 views

CVE-2024-52579 Server-Side Request Forgery vulnerability in various APIs in Misskey

Misskey is an open source, federated social media platform. Some APIs using HttpRequestService do not properly check the target host. This vulnerability allows an attacker to send POST or GET requests to the internal server, which may result in a SSRF attack.It allows an attacker to send POST or...

6.4CVSS6.9AI score0.00215EPSS
Exploits0References3
Redos
Redos
added 2024/11/08 12:0 a.m.16 views

ROS-20241108-03

Vulnerability of multiqtune function of schmultiq component of Linux kernel is related to writing outside of dynamic memory buffer boundaries. Exploitation of the vulnerability could allow an attacker, acting remotely, to execute arbitrary code in kernel mode by executing specially specially...

7.8CVSS7.8AI score0.00284EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2024/10/30 12:0 a.m.21 views

Debian dla-3941 : libkpathsea-dev - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3941 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3941-1 [email protected]...

8.1CVSS7.1AI score0.00902EPSS
Exploits1References6
BDU FSTEC
BDU FSTEC
added 2024/10/24 12:0 a.m.6 views

The vulnerability of the PFE (evo-pfemand) control demon in JunOS Evolved operating systems allows a intruder to trigger a service failure.

The vulnerability of the PFE evo-pfemand control demon for JunOS Evolved is related to the unlimited distribution of resources. Exploiting this vulnerability allows a malicious actor to cause service failures by executing arbitrary commands through the command line interface, or by sending...

6.8CVSS5.7AI score0.00375EPSS
Exploits0References3Affected Software1
Veracode
Veracode
added 2024/09/23 4:56 p.m.7 views

XML External Entity (XXE) Injection

de.gematik.refv.commons:commons is vulnerable to XML External Entity XXE Injection. The vulnerability is due to the insecure default configuration of the WstxInputFactory. An attacker can issue unauthorized network requests or access internal systems by supplying malicious XML content...

9.8CVSS6.7AI score0.00637EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2024/09/19 10:38 p.m.45 views

CVE-2024-46984 XML External Entity Reference (XXE) vulnerability can lead to a Server Side Request Forgery attack in gematik app-referencevalidator

The reference validator is a tool to perform advanced validation of FHIR resources for TI applications and interoperability standards. The profile location routine in the referencevalidator commons package is vulnerable to XML External Entities attack due to insecure defaults of the used Woodstox...

8.6CVSS0.00637EPSS
Exploits0References6
Vulnrichment
Vulnrichment
added 2024/09/19 10:38 p.m.14 views

CVE-2024-46984 XML External Entity Reference (XXE) vulnerability can lead to a Server Side Request Forgery attack in gematik app-referencevalidator

The reference validator is a tool to perform advanced validation of FHIR resources for TI applications and interoperability standards. The profile location routine in the referencevalidator commons package is vulnerable to XML External Entities attack due to insecure defaults of the used Woodstox...

8.6CVSS6.8AI score0.00637EPSS
Exploits0References6
OSV
OSV
added 2024/09/18 3:15 p.m.4 views

CVE-2024-36980

An out-of-bounds read vulnerability exists in the OpenPLC Runtime EtherNet/IP PCCC parser functionality of OpenPLCv3 b4702061dc14d1024856f71b4543298d77007b88. A specially crafted network request can lead to denial of service. An attacker can send a series of EtherNet/IP requests to trigger this...

7.5CVSS5.8AI score0.01099EPSS
Exploits1References2
NVD
NVD
added 2024/09/18 3:15 p.m.32 views

CVE-2024-36980

An out-of-bounds read vulnerability exists in the OpenPLC Runtime EtherNet/IP PCCC parser functionality of OpenPLCv3 b4702061dc14d1024856f71b4543298d77007b88. A specially crafted network request can lead to denial of service. An attacker can send a series of EtherNet/IP requests to trigger this...

7.5CVSS0.01099EPSS
Exploits1References2
NVD
NVD
added 2024/07/08 4:15 p.m.27 views

CVE-2023-49595

A stack-based buffer overflow vulnerability exists in the boa rollbackcontrolcode functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of network requests can lead to arbitrary code execution. An attacker can send a sequence of requests to trigger this vulnerability...

7.2CVSS0.00893EPSS
Exploits0References2
OSV
OSV
added 2024/07/08 4:15 p.m.3 views

CVE-2023-50239

Two stack-based buffer overflow vulnerabilities exist in the boa setRadvdInterfaceParam functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger these...

7.2CVSS6.4AI score0.01413EPSS
Exploits1References2
NVD
NVD
added 2024/07/08 4:15 p.m.33 views

CVE-2023-50240

Two stack-based buffer overflow vulnerabilities exist in the boa setRadvdInterfaceParam functionality of Realtek rtl819x Jungle SDK v3.4.11. A specially crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger these...

7.2CVSS0.01413EPSS
Exploits1References2
Rows per page
Query Builder