Lucene search
+L

151 matches found

Cvelist
Cvelist
added 2024/08/16 12:0 a.m.37 views

CVE-2024-43011

An arbitrary file deletion vulnerability exists in the admin/del.php file at line 62 in ZZCMS 2023 and earlier. Due to insufficient validation and sanitization of user input for file paths, an attacker can exploit this vulnerability by using directory traversal techniques to delete arbitrary file...

0.00672EPSS
Exploits0References2
OSV
OSV
added 2024/07/10 7:15 p.m.5 views

CVE-2024-5911

An arbitrary file upload vulnerability in Palo Alto Networks Panorama software enables an authenticated read-write administrator with access to the web interface to disrupt system processes and crash the Panorama. Repeated attacks eventually cause the Panorama to enter maintenance mode, which...

4.9CVSS5.9AI score0.00576EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/06/12 12:0 a.m.5 views

PT-2024-5657

Name of the Vulnerable Software and Affected Versions Palo Alto Networks Panorama affected versions not specified Description The issue is related to an arbitrary file upload vulnerability, allowing an authenticated read-write administrator with access to the web interface to disrupt system...

7CVSS5.5AI score0.00576EPSS
Exploits0References10
ICS
ICS
added 2024/03/14 6:0 a.m.90 views

Delta Electronics DIAEnergie

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION : Exploitable remotely Vendor : Delta Electronics Equipment : DIAEnergie Vulnerabilities : Improper Authorization, SQL Injection, Path Traversal, Cross-site Scripting 2. RISK EVALUATION Successful exploitation of these vulnerabilities could...

9.8CVSS7.9AI score0.0879EPSS
Exploits0References10
CNNVD
CNNVD
added 2024/01/10 12:0 a.m.5 views

Zentao Security Breach

Nature Easy Soft Network Technology ZenTao is China's easy soft Tianchuang network technology Nature Easy Soft Network Technology company's open source project management software. The software includes product management, project management, quality management and document management functions. ...

6.1CVSS6.7AI score0.00374EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2023/12/28 7:30 a.m.25 views

CVE-2023-51079

DISPUTED A vulnerability was found in the ParseTools.subCompileExpression method in the Mvel package. This vulnerability manifests as a TimeOut error, and may allow an attacker to leverage the TimeOut error to disrupt the normal functioning of the system or application, potentially leading to...

5.3CVSS5.2AI score0.00737EPSS
Exploits1References4
OSV
OSV
added 2023/12/15 8:15 a.m.5 views

CVE-2023-48375

SmartStar Software CWS is a web-based integration platform, it has a vulnerability of missing authorization and users are able to access data or perform actions that they should not be allowed to perform via commands. An authenticated with normal user privilege can execute administrator privilege...

8.8CVSS5.9AI score0.00687EPSS
Exploits0References1
Veracode
Veracode
added 2023/11/17 8:12 a.m.40 views

Denial Of Service (DoS)

libde265.so is vulnerable to Denial of Service DoS. The vulnerability is due to the slicesegmentheader function in the slice.cc component. An attacker is able to cause a DoS condition by crafting a specially crafted file and tricking the system into processing it. This could disrupt service on th...

6.5CVSS6.9AI score0.00766EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2023/11/03 5:48 a.m.87 views

CVE-2023-41353

CVE-2023-41353 affects Chunghwa Telecom Nokia G-040W-Q. The vulnerability is due to weak password requirements in the device, enabling a remote attacker with regular user privileges to infer the administrator password from system information after logging in, leading to admin access and arbitrary...

8.8CVSS8.8AI score0.00548EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/11/03 5:44 a.m.20 views

CVE-2023-41352 Chunghwa Telecom NOKIA G-040W-Q - Command Injection

Chunghwa Telecom NOKIA G-040W-Q has a vulnerability of insufficient filtering for user input. A remote attacker with administrator privilege can exploit this vulnerability to perform a Command Injection attack to execute arbitrary commands, disrupt the system or terminate services...

7.2CVSS7.7AI score0.01175EPSS
Exploits0References1
NVD
NVD
added 2023/11/03 5:15 a.m.22 views

CVE-2023-41346

ASUS RT-AX55’s authentication-related function has a vulnerability of insufficient filtering of special characters within its token-refresh module. An authenticated remote attacker can exploit this vulnerability to perform a Command Injection attack to execute arbitrary commands, disrupt the syst...

8.8CVSS9.1AI score0.01202EPSS
Exploits0References1
NVD
NVD
added 2023/11/03 5:15 a.m.29 views

CVE-2023-41345

ASUS RT-AX55’s authentication-related function has a vulnerability of insufficient filtering of special characters within its token-generated module. An authenticated remote attacker can exploit this vulnerability to perform a Command Injection attack to execute arbitrary commands, disrupt the...

8.8CVSS9.1AI score0.01288EPSS
Exploits0References1
Prion
Prion
added 2023/11/03 5:15 a.m.20 views

Command injection

ASUS RT-AX55’s authentication-related function has a vulnerability of insufficient filtering of special characters within its code-authentication module. An authenticated remote attacker can exploit this vulnerability to perform a Command Injection attack to execute arbitrary commands, disrupt th...

6.5CVSS9AI score0.01288EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/11/03 5:15 a.m.31 views

Command injection

ASUS RT-AX55’s authentication-related function has a vulnerability of insufficient filtering of special characters within its check token module. An authenticated remote attacker can exploit this vulnerability to perform a Command Injection attack to execute arbitrary commands, disrupt the system...

6.5CVSS9AI score0.01288EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/11/03 5:15 a.m.22 views

Command injection

ASUS RT-AX55’s authentication-related function has a vulnerability of insufficient filtering of special characters within its token-generated module. An authenticated remote attacker can exploit this vulnerability to perform a Command Injection attack to execute arbitrary commands, disrupt the...

6.5CVSS9AI score0.01288EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/11/03 4:32 a.m.34 views

CVE-2023-41348 ASUS RT-AX55 - command injection - 4

ASUS RT-AX55’s authentication-related function has a vulnerability of insufficient filtering of special characters within its code-authentication module. An authenticated remote attacker can exploit this vulnerability to perform a Command Injection attack to execute arbitrary commands, disrupt th...

8.8CVSS9.2AI score0.01288EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/11/03 4:29 a.m.27 views

CVE-2023-41347 ASUS RT-AX55 - command injection - 3

ASUS RT-AX55’s authentication-related function has a vulnerability of insufficient filtering of special characters within its check token module. An authenticated remote attacker can exploit this vulnerability to perform a Command Injection attack to execute arbitrary commands, disrupt the system...

8.8CVSS9.2AI score0.01288EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/11/03 4:29 a.m.16 views

CVE-2023-41347 ASUS RT-AX55 - command injection - 3

ASUS RT-AX55’s authentication-related function has a vulnerability of insufficient filtering of special characters within its check token module. An authenticated remote attacker can exploit this vulnerability to perform a Command Injection attack to execute arbitrary commands, disrupt the system...

8.8CVSS7.8AI score0.01288EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/11/03 4:21 a.m.16 views

CVE-2023-41346 ASUS RT-AX55 - command injection - 2

ASUS RT-AX55’s authentication-related function has a vulnerability of insufficient filtering of special characters within its token-refresh module. An authenticated remote attacker can exploit this vulnerability to perform a Command Injection attack to execute arbitrary commands, disrupt the syst...

8.8CVSS8.1AI score0.01202EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/11/03 12:0 a.m.5 views

ASUS RT-AX55 Security Breach

The ASUS RT-AX55 is a dual-band Wi-Fi router from Asus China. A security vulnerability exists in the ASUS RT-AX55, which originates from an insufficient special character filtering issue in the code-authentication module of the authentication-related functions. The vulnerability can be exploited ...

8.8CVSS7AI score0.01288EPSS
Exploits0References2
Rows per page
Query Builder