868 matches found
Recommended update for Maven
This update for Maven fixes the following issues: maven-dependency-analyzer was updated from version 1.13.2 to 1.15.1: Key changes across versions: Bug fixes and improved support of dynamic types Dependency upgrades ASM, Maven core, and notably the removal of commons-io Improved error handling by...
CVE-2024-32937
An os command injection vulnerability exists in the CWMP SelfDefinedTimeZone functionality of Grandstream GXP2135 1.0.9.129, 1.0.11.74 and 1.0.11.79. A specially crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of malicious packets to trigger this...
CVE-2024-53584
OpenPanel v0.3.4 was discovered to contain an OS command injection vulnerability via the timezone parameter...
CVE-2024-53584
OpenPanel v0.3.4 was discovered to contain an OS command injection vulnerability via the timezone parameter...
CVE-2024-53584
OpenPanel v0.3.4 was discovered to contain an OS command injection vulnerability via the timezone parameter...
CVE-2024-53584
OpenPanel v0.3.4 was discovered to contain an OS command injection vulnerability via the timezone parameter...
CVE-2024-53584
CVE-2024-53584 pertains to OpenPanel v0.3.4, which contains an OS command injection vulnerability via the timezone parameter . The vulnerability affects the endpoint that handles timezone settings (notably POST /server/timezone), enabling an attacker to inject and execute arbitrary system command...
PT-2025-2971 · Openpanel · Openpanel
Name of the Vulnerable Software and Affected Versions: OpenPanel version 0.3.4 Description: A command injection vulnerability was discovered in OpenPanel, allowing an attacker to inject system commands via the timezone parameter. This issue can potentially be exploited to execute arbitrary system...
OpenPanel 0.3.4 Command Injection Vulnerability
Exploit Title: OpenPanel 0.3.4 - OS Command Injection via The Timezone Parameter Exploit Author: Korn Chaisuwan, Punthat Siriwan, Pongtorn Angsuchotmetee Vendor Homepage: https://openpanel.com/ Software Link: https://openpanel.com/ Version: 0.3.4 Tested on: macOS CVE : CVE-2024-53584 POST...
OpenPanel 0.3.4 Command Injection
OpenPanel version 0.3.4 suffers from a remote command injection vulnerability via the timezone parameter. Exploit Title: OpenPanel 0.3.4 - OS Command Injection via The Timezone Parameter Date: Nov 25, 2024 Exploit Author: Korn Chaisuwan, Punthat Siriwan, Pongtorn Angsuchotmetee Vendor Homepage:...
SUSE-SU-2025:0235-1 Security update for java-11-openjdk
This update for java-11-openjdk fixes the following issues: Upgrade to upstream tag jdk-11.0.26+4 January 2025 CPU Security fixes: - CVE-2025-21502: Enhance array handling JDK-8330045, bsc1236278 Other changes: - JDK-8224624: Inefficiencies in CodeStrings::addcomment cause - timeouts - JDK-822504...
OSV-2025-52 Use-of-uninitialized-value in icalmemory_strdup
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=390646669 Crash type: Use-of-uninitialized-value Crash state: icalmemorystrdup icaltimezoneinitbuiltintimezones icaltimezonegetutctimezone...
PT-2025-5661 · Git +1 · Libical
Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided description. Description: The issue is related to a crash caused by the use of an uninitialized value. The crash occurs in the following sequence: icalmemory strdup, icaltimezone...
CVE-2024-6001
creationtimestamp| type| source ---|---|--- 2024-12-16 19:02:34+00:00| seen| https://t.me/cvedetector/13017...
DLA-3972-1 tzdata - new timezone database
Bulletin has no description...
The vulnerability of the FUN_0044db3c function (/goform/fast_setting_wifi_set) in the Tenda AC10 router’s microprogramming system allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.
The vulnerability of the FUN0044db3c function /goform/fastsettingwifiset of the Tenda AC10 router’s microprogramming software is related to buffer overflow in the stack when processing the timeZone parameter. Exploiting this vulnerability can allow an attacker to compromise the confidentiality,...
SUSE-SU-2024:4006-1 Security update for SUSE Manager Server 4.3
This update fixes the following issues: cobbler: - Security issues fixed: CVE-2024-47533: Prevent privilege escalation from none to admin bsc1231332 - Other bugs fixed: Increase start timeout for cobblerd unit bsc1219450 Provide syncsinglesystem for DHCP modules to improve performance bsc1219450...
CVE-2024-11061
A vulnerability classified as critical was found in Tenda AC10 16.03.10.13. Affected by this vulnerability is the function FUN0044db3c of the file /goform/fastsettingwifiset. The manipulation of the argument timeZone leads to stack-based buffer overflow. The attack can be launched remotely. The...
Tenda AC10 安全漏洞
The Tenda AC10 is an 11ac dual band router designed for homes with 200 megabit and above fiber. A stack buffer overflow vulnerability exists in the Tenda AC10. The vulnerability stems from a stack-based buffer overflow caused by the parameter timeZone in the FUN0044db3c function of the...
OPENSUSE-SU-2024:0351-1 Security update for python-mysql-connector-python
This update for python-mysql-connector-python fixes the following issues: - Update to 9.1.0 boo1231740, CVE-2024-21272 - WL16452: Bundle all installable authentication plugins when building the C-extension - WL16444: Drop build support for DEB packages - WL16442: Upgrade gssapi version to 1.8.3 -...