Lucene search
K

110 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 2:11 a.m.6 views

CVE-2024-2485

A vulnerability was found in Tenda AC18 15.03.05.05 and classified as critical. Affected by this issue is the function formSetSpeedWan of the file /goform/SetSpeedWan. The manipulation of the argument speeddir leads to stack-based buffer overflow. The attack may be launched remotely. The exploit...

9CVSS7AI score0.01684EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/02/01 3:56 a.m.7 views

CVE-2024-53296

Dell PowerProtect DD versions prior to 7.10.1.50 and 7.13.1.20 contain a Stack-based Buffer Overflow vulnerability in the RestAPI. A high privileged attacker with remote access could potentially exploit this vulnerability, leading to Denial of service...

2.7CVSS4.9AI score0.00375EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/01/30 6:50 p.m.6 views

CVE-2025-0680 New Rock Technologies Cloud Connected Devices has a Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability.

Affected products contain a vulnerability in the device cloud rpc command handling process that could allow remote attackers to take control over arbitrary devices connected to the cloud...

9.8CVSS9.6AI score0.00598EPSS
Exploits1References2
Rosalinux
Rosalinux
added 2025/01/13 9:39 a.m.23 views

Advisory ROSA-SA-2025-2551

Software: openssh 7.4p1 OS: rosa-server79 packageevrstring: openssh-7.4p1-23.0.6.res7 CVE-ID: CVE-2018-20685 BDU-ID: 2019-00773 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the OpenSSH cryptographic security tool is caused by errors in the validation of the scp.c directory name in the scp clien...

6.8CVSS7.2AI score0.58204EPSS
Exploits9
CVE
CVE
added 2025/01/05 6:0 p.m.51 views

CVE-2025-0227

CVE-2025-0227 affects Tsinghua Unigroup Electronic Archives System 3.2.210802(62532). A vulnerability in the file /Logs/Annals/downLoad.html stems from manipulation of the path argument, resulting in information disclosure. The issue can be triggered remotely, and public exploit information exist...

5.3CVSS4.5AI score0.00309EPSS
Exploits0References5
Cvelist
Cvelist
added 2024/12/25 8:0 p.m.34 views

CVE-2024-12926 Codezips Project Management System advanced.php sql injection

A vulnerability classified as critical was found in Codezips Project Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /pages/forms/advanced.php. The manipulation of the argument name leads to sql injection. The attack can be launched remotely. The...

6.5CVSS0.00508EPSS
Exploits1References4
BDU FSTEC
BDU FSTEC
added 2023/12/25 12:0 a.m.7 views

The vulnerability of the dropbearpwd component in the TP-Link TL-WR841N router’s microprogramming software allows a intruder to gain unauthorized access to protected information.

The vulnerability of the dropbearpwd component in the TP-Link TL-WR841N router’s microprogramming software is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

6.5CVSS6.9AI score0.1745EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/06/02 12:0 a.m.4 views

The vulnerability of the bs_SetLimitCli_info function in the /lib/libshare-0.0.26.so library of the LB-LINK router software allows a attacker to gain full access to the device.

The vulnerability of the bsSetLimitCliinfo function in the /lib/libshare-0.0.26.so file of the LB-LINK router software is related to the lack of measures taken at the management level to clean up data. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain full...

10CVSS8.1AI score0.69663EPSS
Exploits1References3Affected Software4
Vulnrichment
Vulnrichment
added 2023/03/01 2:26 p.m.17 views

CVE-2023-25544

Dell NetWorker versions 19.5 and earlier contain 'Apache Tomcat' version disclosure vulnerability. A NetWorker server user with remote access to NetWorker clients may potentially exploit this vulnerability and may launch target-specific attacks...

7.5CVSS7.1AI score0.0055EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2023/02/15 4:43 a.m.2 views

SUSE CVE-2017-10311

Vulnerability in the MySQL Server component of Oracle MySQL subcomponent: Server: FTS. Supported versions that are affected are 5.7.19 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful...

4.9CVSS7AI score0.0245EPSS
Exploits0References4
BDU FSTEC
BDU FSTEC
added 2022/07/06 12:0 a.m.8 views

The vulnerability of the Slurm resource manager management module, related to deficiencies in authentication procedures, allows attackers to circumvent existing security restrictions.

The vulnerability of the Slurm resource manager is related to deficiencies in the authentication process. Exploiting this vulnerability allows a malicious actor to circumvent existing security restrictions from a remote location...

9CVSS7.8AI score0.02639EPSS
Exploits0References10Affected Software4
CNNVD
CNNVD
added 2021/07/07 12:0 a.m.4 views

QSAN Storage Manager 后置链接漏洞

QSAN Storage Manager is a NAS operating system from Quantium Technologies Incorporated QSAN. A security vulnerability exists in QSAN Storage Manager, which can be exploited by remote attackers to create symbolic links and then access arbitrary files...

7.5CVSS5.9AI score0.01669EPSS
Exploits0References2
CNVD
CNVD
added 2021/01/07 12:0 a.m.10 views

Orangehrm SQL Injection Vulnerability (CNVD-2021-01999)

Orangehrm is a human resource management system HRM from Orangehrm, USA. The system supports personnel information management, leave management, attendance management and recruitment management. OrangeHRM versions prior to 4.6.0.1 suffer from a SQL injection vulnerability that stems from the...

8.1CVSS7.7AI score0.02325EPSS
Exploits1References1
EUVD
EUVD
added 2016/08/31 3:0 p.m.6 views

EUVD-2016-6623

cgi-bin/cgimain in NUUO NVRmini 2 1.7.6 through 3.0.0 and NETGEAR ReadyNAS Surveillance 1.1.2 allows remote authenticated users to execute arbitrary commands via shell metacharacters in the sn parameter to the transferlicense command...

9CVSS9.1AI score0.14119EPSS
Exploits4References4
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.16 views

DansGuardian Webmin Module 0.x Edit.CGI Remote Directory Traversal Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/9394/info A problem has been identified in the handling of input by scripts packaged with the DansGuardian Webmin Module. Because of this, it is possible for a remote to gain access to potentially sensitive information...

7.1AI score
Exploits0
OpenVAS
OpenVAS
added 2012/07/02 12:0 a.m.19 views

SpecView Web Server Directory Traversal Vulnerability (Jul 2012) - Active Check

SpecView is prone to a directory traversal vulnerability because it fails to properly sanitize user-supplied input. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

5CVSS6.5AI score0.04813EPSS
Exploits1References1
CVE
CVE
added 2012/01/02 7:0 p.m.55 views

CVE-2011-3667

CVE-2011-3667 affects Bugzilla 2.x and 3.x before 3.4.13, 3.5.x and 3.6.x before 3.6.7, 3.7.x and 4.0.x before 4.0.3, and 4.1.x through 4.1.3. The root cause is that when createemailregexp is not empty, Bugzilla does not properly apply the user_can_create_account setting, allowing remote attacker...

6.8CVSS6.4AI score0.01067EPSS
Exploits1References4Affected Software1
Packet Storm
Packet Storm
added 2009/12/30 12:0 a.m.53 views

Simple PHP Guestbook 1.0 Administrative Access

Vendor: http://www.simplephpguestbook.com/ Version: 1.0 Tested on: Windows and Linux -------------------------------------- Simple PHP Guestbook Remote Admin Access Exploit Created by Sora + contact: vhr95zw at hotmail.com Description: Simple PHP Guestbook suffers an remote access in the guestboo...

1AI score
Exploits0
OSV
OSV
added 2009/04/28 4:30 p.m.10 views

CVE-2008-6767

wp-admin/upgrade.php in WordPress, probably 2.6.x, allows remote attackers to upgrade the application, and possibly cause a denial of service application outage, via a direct request...

6.4AI score
Exploits0References3
Exploit DB
Exploit DB
added 2008/12/05 12:0 a.m.30 views

ASPTicker 1.0 - Remote Database Disclosure

ASPTicker 1.0 DD Remote Vuln. ---------------------------------------------------------- Discovered By: ZoRLu msn: [email protected] Home: www.z0rlu.blogspot.com N0T: YALNIZLIK, YiTiRDi ANLAMINI YALNIZLIGIMDA : ----------------------------------------------------------- exp for demo: DD...

7.4AI score
Exploits0
Rows per page
Query Builder