Lucene search
+L

63 matches found

ptsecurity
ptsecurity
added 2025/09/23 12:0 a.m.7 views

PT-2025-40810

Name of the Vulnerable Software and Affected Versions Belkin F9K1015 version 1.00.10 Description A buffer overflow issue exists in Belkin F9K1015 version 1.00.10. The issue is related to the manipulation of the L2TPUserName argument within the file /goform/formL2TPSetup. This allows for remote co...

9CVSS9.2AI score0.01204EPSS
Exploits1References14
nessus
nessus
added 2025/09/04 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2023-37117

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A heap-use-after-free vulnerability was found in live555 version 2023.05.10 while handling the SETUP. CVE-2023-37117 Note that Nessus relies on the presence of...

9.8CVSS7AI score0.0087EPSS
Exploits1References2
cnnvd
cnnvd
added 2025/08/28 12:0 a.m.4 views

Lychee 代码注入漏洞

Lychee is a beautiful and easy-to-use photo management system open-sourced by The Lychee Organisation. It is used to manage and share photos. A code injection vulnerability exists in Lychee versions prior to 2.0.2, which stems from a possible arbitrary code injection in lychee-setup...

9.1CVSS7.4AI score0.00359EPSS
Exploits0References3
ptsecurity
ptsecurity
added 2025/08/28 12:0 a.m.8 views

PT-2025-35094

Name of the Vulnerable Software and Affected Versions: lychee link checking action versions prior to 2.0.2 Description: The GitHub Action variable inputs.lycheeVersion can be used to execute arbitrary code in the context of the action. This can potentially compromise the security of the target...

9.1CVSS7.1AI score0.00359EPSS
Exploits0References7
cvelist
cvelist
added 2025/08/15 4:32 a.m.15 views

CVE-2025-9009 itsourcecode Online Tour and Travel Management System email_setup.php sql injection

A vulnerability has been found in itsourcecode Online Tour and Travel Management System 1.0. Affected is an unknown function of the file /admin/emailsetup.php. The manipulation of the argument Name leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclose...

7.5CVSS0.00387EPSS
Exploits1References5
ptsecurity
ptsecurity
added 2025/08/15 12:0 a.m.9 views

PT-2025-33441 · Itsourcecode · Itsourcecode Online Tour/Travel Management System

Name of the Vulnerable Software and Affected Versions: itsourcecode Online Tour and Travel Management System version 1.0 Description: A SQL injection vulnerability exists in itsourcecode Online Tour and Travel Management System 1.0. The vulnerability is located in an unknown function within the...

9.8CVSS7.3AI score0.00387EPSS
Exploits1References11
cvelist
cvelist
added 2025/08/14 9:6 a.m.12 views

CVE-2025-48860

A vulnerability in the web application of the ctrlX OS setup mechanism facilitated an authenticated low privileged attacker to gain remote access to backup archives created by a user with elevated permissions. Depending on the content of the backup archive, the attacker may have been able to acce...

8CVSS0.00327EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2025/08/12 10:52 p.m.4 views

CVE-2025-49456 Zoom Clients for Windows- Race Condition

Race condition in the installer for certain Zoom Clients for Windows may allow an unauthenticated user to impact application integrity via local access...

6.2CVSS7.1AI score0.00112EPSS
Exploits0References1
osv
osv
added 2025/07/06 6:15 p.m.5 views

CVE-2025-7088

A vulnerability, which was classified as critical, was found in Belkin F9K1122 1.00.33. This affects the function formPPPoESetup of the file /goform/formPPPoESetup of the component webs. The manipulation of the argument pppUserName leads to stack-based buffer overflow. It is possible to initiate...

8.7CVSS6.3AI score
Exploits0References5
redhatcve
redhatcve
added 2025/05/23 7:47 a.m.8 views

CVE-2024-46921

An issue was discovered in Samsung Mobile Processor and Modem Exynos 9820, 9825, 980, 990, 1080, 2100, 1280, 2200, 1330, 1380, 1480, 2400, 9110, W1000, Modem 5123, Modem 5300, Modem 5400. UE does not limit the number of attempts for the RRC Setup procedure in the 5G SA, leading to a denial of...

6.5CVSS6.9AI score0.00292EPSS
Exploits0
redhatcve
redhatcve
added 2025/05/23 2:32 a.m.6 views

CVE-2023-1121

The Simple Giveaways WordPress plugin before 2.45.1 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

4.8CVSS6.4AI score0.00442EPSS
Exploits2References1
redhatcve
redhatcve
added 2025/05/22 8:55 a.m.10 views

CVE-2019-8804

An inconsistency in Wi-Fi network configuration settings was addressed. This issue is fixed in iOS 13.2 and iPadOS 13.2. An attacker in physical proximity may be able to force a user onto a malicious Wi-Fi network during device setup...

5.7CVSS5.8AI score0.0042EPSS
Exploits0References1
debiancve
debiancve
added 2025/05/01 2:10 p.m.10 views

CVE-2022-49851

In the Linux kernel, the following vulnerability has been resolved: riscv: fix reserved memory setup Currently, RISC-V sets up reserved memory using the "early" copy of the device tree. As a result, when trying to get a reserved memory region using ofreservedmemlookup, the pointer to reserved...

7.1CVSS5.5AI score0.00171EPSS
Exploits0
osv
osv
added 2025/02/26 2:11 a.m.11 views

CVE-2022-49395 um: Fix out-of-bounds read in LDT setup

In the Linux kernel, the following vulnerability has been resolved: um: Fix out-of-bounds read in LDT setup syscallstubdata expects the datacount parameter to be the number of longs, not bytes. ================================================================== BUG: KASAN: stack-out-of-bounds in...

7.1CVSS6AI score0.00267EPSS
Exploits0References12
bdu_fstec
bdu_fstec
added 2025/02/10 12:0 a.m.8 views

The vulnerability of the i40e_xdp_setup() function (drivers/net/ethernet/intel/i40e/i40e_main.c) in the Linux kernel driver for the i40e driver allows a hacker to cause a service failure.

The vulnerability of the i40exdpsetup function drivers/net/ethernet/intel/i40e/i40emain.c in the Linux kernel driver for the i40e chip is related to improper resource locking. Exploiting this vulnerability could allow an attacker to cause a service failure...

1.9CVSS6.5AI score0.00273EPSS
Exploits0References39Affected Software6
ptsecurity
ptsecurity
added 2024/08/01 12:0 a.m.27 views

PT-2024-38319 · Chargepoint · Chargepoint Home Flex

Name of the Vulnerable Software and Affected Versions: ChargePoint Home Flex affected versions not specified Description: This issue allows network-adjacent attackers to disclose sensitive information on affected installations of ChargePoint Home Flex charging devices. The specific flaw exists...

5.7CVSS6.6AI score0.00454EPSS
Exploits0References3
cnnvd
cnnvd
added 2024/07/29 12:0 a.m.8 views

Apple macOS 安全漏洞

Apple macOS is a proprietary operating system developed by Apple Inc. for Mac computers. A security vulnerability exists in Apple macOS Sonoma prior to version 14.6, which stems from the fact that enabling Locked Mode when setting up a Mac may cause FileVault to be accidentally disabled...

5.3CVSS6.2AI score0.00556EPSS
Exploits0References2
vulnrichment
vulnrichment
added 2024/05/17 2:47 p.m.19 views

CVE-2024-35850 Bluetooth: qca: fix NULL-deref on non-serdev setup

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: qca: fix NULL-deref on non-serdev setup Qualcomm ROME controllers can be registered from the Bluetooth line discipline and in this case the HCI UART serdev pointer is NULL. Add the missing sanity check to prevent a...

6.7AI score0.00234EPSS
Exploits0References3
osv
osv
added 2024/02/02 4:15 p.m.5 views

DEBIAN-CVE-2024-23831

LedgerSMB is a free web-based double-entry accounting system. When a LedgerSMB database administrator has an active session in /setup.pl, an attacker can trick the admin into clicking on a link which automatically submits a request to setup.pl without the admin's consent. This request can be used...

7.5CVSS6.3AI score0.00274EPSS
Exploits0References1
githubexploit
githubexploit
added 2023/11/08 5:18 a.m.65 views

Exploit for Improper Input Validation in Atlassian Confluence_Data_Center

Confluence Vulnerability - CVE-2023-22515 :notebook: Int...

10CVSS9.8AI score0.99156EPSS
Exploits39
Rows per page
Query Builder