Lucene search
K

120 matches found

OSV
OSV
added 2024/11/11 7:17 p.m.10 views

CVE-2024-51992 Method Exposure Vulnerability in Modals in orchid/platform

Orchid is a @laravel package that allows for rapid application development of back-office applications, admin/user panels, and dashboards. This vulnerability is a method exposure issue CWE-749: Exposed Dangerous Method or Function in the Orchid Platform’s asynchronous modal functionality, affecti...

4.1CVSS6.4AI score0.00322EPSS
Exploits0References3
GithubExploit
GithubExploit
added 2023/11/04 11:58 a.m.760 views

Exploit for Deserialization of Untrusted Data in Apache Activemq

CVE-2023-46604 This repository contains an exploit script and...

10CVSS9.4AI score0.99654EPSS
Exploits31
Citrix
Citrix
added 2023/08/11 12:0 a.m.9 views

Radius server test connectivity fails : Error: '1812/udp' is not a valid Radius authentication port.

Radius server test connectivity failure. Error: "Either 'ServerIP' is not a valid Radius server, '1812/udp' is not a valid Radius authentication port or Radius client is not configured properly in the Radius server."...

7.3AI score
Exploits0
OSV
OSV
added 2023/08/09 11:15 p.m.4 views

UBUNTU-CVE-2023-36671

An issue was discovered in the Clario VPN client through 5.9.1.1662 for macOS. The VPN client insecurely configures the operating system such that all IP traffic to the VPN server's IP address is sent in plaintext outside the VPN tunnel even if this traffic is not generated by the VPN client. Thi...

6.3CVSS5.8AI score0.00311EPSS
Exploits1References6
CNNVD
CNNVD
added 2023/08/09 12:0 a.m.4 views

Clario VPN client security vulnerability

Clario VPN client is a VPN client for Mac from Clario. A security vulnerability exists in Clario VPN client macOS version 5.9.1.1662, which originates when the VPN client insecurely configures the operating system so that all IP traffic that gets to the VPN server's IP address is sent outside the...

6.3CVSS6.7AI score0.00311EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2023/08/09 12:0 a.m.5 views

PT-2023-4448 · Avira · Avira Phantom Vpn

Name of the Vulnerable Software and Affected Versions: Avira Phantom VPN versions through 2.23.1 Description: An issue was discovered in Avira Phantom VPN where the VPN client insecurely configures the operating system, sending all IP traffic to the VPN server's IP address in plaintext outside th...

7.8CVSS6.9AI score0.00622EPSS
Exploits1References14
ATTACKERKB
ATTACKERKB
added 2023/08/07 7:15 p.m.7 views

CVE-2023-38921

Netgear WG302v2 v5.2.9 and WAG302v2 v5.1.19 were discovered to contain multiple command injection vulnerabilities in the upgradehandler function via the firmwareRestore and firmwareServerip parameters...

8.8CVSS7.4AI score0.01394EPSS
Exploits0References3
CNNVD
CNNVD
added 2023/08/07 12:0 a.m.5 views

NETGEAR WG302 Command Injection Vulnerability

NETGEAR WG302 is a wireless access point from NETGEAR. A security vulnerability exists in the NETGEAR WG302v2 version v5.2.9, WAG302v2 version v5.1.19, which stems from the firmwareRestore and firmwareServerip parameters in the upgradehandler function containing multiple command injection...

8.8CVSS7.7AI score0.01394EPSS
Exploits0References3
GithubExploit
GithubExploit
added 2023/07/20 5:39 a.m.805 views

Exploit for Off-by-one Error in F5 Nginx

CVE-2021-23017...

7.7CVSS7AI score0.52838EPSS
Exploits10
Positive Technologies
Positive Technologies
added 2023/07/15 12:0 a.m.5 views

PT-2023-4237 · NetGear · Netgear Wag302V2

Name of the Vulnerable Software and Affected Versions: Netgear WG302v2 version 5.2.9 Netgear WAG302v2 version 5.1.19 Description: The issue is related to command injection vulnerabilities in the upgrade handler function. These vulnerabilities can be exploited via the firmwareRestore and...

9CVSS9AI score0.01394EPSS
Exploits0References6
CISA KEV Catalog
CISA KEV Catalog
added 2023/06/29 12:0 a.m.20 views

D-Link DWL-2600AP Access Point Command Injection Vulnerability

D-Link DWL-2600AP access point contains an authenticated command injection vulnerability via the Save Configuration functionality in the Web interface, using shell metacharacters in the admin.cgi?action=configsave configBackup or downloadServerip parameter...

7.8CVSS7.6AI score0.97109EPSS
In wildExploits3
F5 Networks
F5 Networks
added 2023/02/21 7:54 p.m.29 views

K31152411: BIG-IP Analytics vulnerability CVE-2019-6655

Security Advisory Description BIG-IP platforms provisioned with AAM, AFM, Application Visibility and Reporting AVR, APM, ASM, and/or PEM may leak sensitive data. CVE-2019-6655 Impact BIG-IP AAM, AFM, AVR, APM, ASM, PEM The vulnerability is only present on BIG-IP systems provisioned with AAM, AFM,...

5.3CVSS5.3AI score0.0106EPSS
Exploits0
CNVD
CNVD
added 2023/02/07 12:0 a.m.3 views

TOTOLINK T8 updateWifiInfo Method Command Injection Vulnerability

TOTOLINK T8 is a wireless dual-band router that is mainly used for internet connection and data transmission. TOTOLINK T8 suffers from a command injection vulnerability that stems from the serverIp parameter of the updateWifiInfo method failing to correctly filter constructed command special...

9.8CVSS7.9AI score0.02109EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2022/12/05 12:0 a.m.8 views

The vulnerability of the embedded software of the NETGEAR R7000P router, related to buffer overflow vulnerabilities, allows a hacker to execute arbitrary code.

The vulnerability of the embedded software of the NETGEAR R7000P router is related to buffer overflow errors. Exploiting this vulnerability could allow a malicious actor to execute arbitrary code through the openvpnserverip parameter...

10CVSS8.5AI score0.01091EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2022/11/23 12:0 a.m.32 views

CVE-2020-23593

A vulnerability in OPTILINK OP-XT71000N Hardware Version: V2.2, Firmware Version: OPV3.3.1-191028 allows an unauthenticated, remote attacker to conduct a cross site request forgery CSRF attack to enable syslog mode through ' /mgmlogcfg.asp.' The system starts to log events, 'Remote' mode or 'Both...

6.6AI score0.00435EPSS
Exploits0References1
OSV
OSV
added 2022/11/22 2:15 p.m.6 views

CVE-2022-44199

Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow via parameter openvpnserverip...

9.8CVSS5.8AI score0.00967EPSS
Exploits1References2
OSV
OSV
added 2022/11/22 2:15 p.m.3 views

CVE-2022-44197

Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow via parameter openvpnserverip...

9.8CVSS5.8AI score0.01091EPSS
Exploits1References2
CNNVD
CNNVD
added 2022/11/22 12:0 a.m.3 views

NETGEAR R7000P 缓冲区错误漏洞

NETGEAR R7000P is a wireless router from NETGEAR, Inc. NETGEAR R7000P firmware version V1.3.1.64 is vulnerable to a buffer overflow vulnerability caused by a lack of length validation of the data entered in the openvpnserverip parameter, which could be exploited by an attacker to cause a denial o...

9.8CVSS8.2AI score0.00967EPSS
Exploits1References3
Cvelist
Cvelist
added 2022/11/22 12:0 a.m.28 views

CVE-2022-44197

Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow via parameter openvpnserverip...

9.7AI score0.01091EPSS
Exploits1References2
Prion
Prion
added 2022/11/17 11:15 p.m.18 views

Path traversal

Webvendome - webvendome Internal Server IP Disclosure. Send GET Request to the request which is shown in the picture. Internal Server IP and Full path disclosure...

5CVSS5.3AI score0.00583EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder