Lucene search
K

304 matches found

Positive Technologies
Positive Technologies
added 2024/06/14 12:0 a.m.5 views

PT-2024-27696 · Trendnet · Trendnet Tew-814Dap

Name of the Vulnerable Software and Affected Versions: TRENDnet TEW-814DAP version 1 FW1.01B01 Description: A stack overflow issue was discovered via the submit-url parameter at the "/formPasswordAuth" API endpoint. Recommendations: For TRENDnet TEW-814DAP version 1 FW1.01B01, avoid using the...

8.8CVSS7.2AI score0.00683EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2024/04/08 12:0 a.m.8 views

PT-2024-23556 · Unknown · Ros Melodic Morenia

Name of the Vulnerable Software and Affected Versions: ROS Robot Operating System Melodic Morenia versions 1 Description: The issue allows attackers to execute arbitrary code, cause a denial of service DoS, and obtain sensitive information via the file upload component. Recommendations: For ROS...

8AI score
Exploits0References3
NVD
NVD
added 2024/03/01 11:15 p.m.16 views

CVE-2024-27355

An issue was discovered in phpseclib 1.x before 1.0.23, 2.x before 2.0.47, and 3.x before 3.0.36. When processing the ASN.1 object identifier of a certificate, a sub identifier may be provided that leads to a denial of service CPU consumption for decodeOID...

7.5CVSS7.3AI score0.00569EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/01/24 12:0 a.m.7 views

Pimcore SQL Injection Vulnerability

Pimcore is Austria Pimcore company's set of open source for creating and managing Web applications Web content management platform. The platform integrates Web content management, e-commerce frameworks and product information management applications. A SQL injection vulnerability exists in Pimcor...

8.8CVSS8.1AI score0.00755EPSS
Exploits1References6
ATTACKERKB
ATTACKERKB
added 2023/12/26 6:15 p.m.2 views

CVE-2023-51100

Tenda W9 V1.0.0.74456CN was discovered to contain a command injection vulnerability via the function formGetDiagnoseInfo...

9.8CVSS5.8AI score0.01842EPSS
Exploits1References2
OSV
OSV
added 2023/11/21 9:15 a.m.5 views

CVE-2023-5776

The Post Meta Data Manager plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.2.1. This is due to missing nonce validation on the pmdmwpajaxdeletemeta, pmdmwpdeleteusermeta, and pmdmwpdeleteusermeta functions. This makes it possible for...

8.8CVSS5.8AI score0.00292EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2023/11/15 12:0 a.m.23 views

Rockwell Automation Stratix Cisco IOS and IOS XE Software Internet Key Exchange Version 1 Fragmentation Denial of Service (CVE-2016-6381)

A vulnerability in the Internet Key Exchange version 1 IKEv1 fragmentation code of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause an exhaustion of available memory or a reload of the affected system. The vulnerability is due to the improper handling of...

7.5CVSS7.1AI score0.03213EPSS
Exploits0References4
Fedora
Fedora
added 2023/09/07 1:29 a.m.24 views

[SECURITY] Fedora 38 Update: tinyexr-1.0.1-7.fc38

TinyEXR is a small library to load and save OpenEXR images. It supports the version 1 format and version 2 multi-part images, and it has partial support for version 2 deep images...

8.8CVSS6.8AI score0.01354EPSS
Exploits1
OpenVAS
OpenVAS
added 2023/08/28 12:0 a.m.26 views

Debian: Security Advisory (DSA-5332-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.9AI score0.56334EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2023/07/05 3:15 a.m.4 views

CVE-2022-42175

Insecure Direct Object Reference vulnerability in WHMCS module SolusVM 1 4.1.2 allows an attacker to change the password and hostname of other customer servers without authorization...

8.8CVSS5.8AI score0.00627EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2023/06/21 12:0 a.m.18 views

Debian: Security Advisory (DLA-3460-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.6AI score0.28661EPSS
Exploits1References4
OpenVAS
OpenVAS
added 2023/04/24 12:0 a.m.17 views

Debian: Security Advisory (DLA-3394-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS8.7AI score0.0233EPSS
Exploits1References4
OSV
OSV
added 2023/04/23 12:15 p.m.4 views

CVE-2023-23879

Cross-Site Request Forgery CSRF vulnerability in Nicolas Zeh PHP Execution plugin = 1.0.0 versions...

8.8CVSS7.4AI score0.003EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/04/06 12:0 a.m.8 views

PT-2023-11804

Name of the Vulnerable Software and Affected Versions Tailor Mangement System version 1 Description A SQL injection issue allows a remote attacker to execute arbitrary code via the title parameter. This enables the attacker to potentially access or modify sensitive data. Recommendations For Tailo...

8.8CVSS8.5AI score0.01378EPSS
Exploits1References5
0day.today
0day.today
added 2023/03/31 12:0 a.m.156 views

SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Directory Traversal File Write Vulnerability

Exploit Title: SOUND4 IMPACT/FIRST/PULSE/Eco v2.x - Directory Traversal File Write Exploit Exploit Author: LiquidWorm Vendor: SOUND4 Ltd. Product web page: https://www.sound4.com | https://www.sound4.biz Affected version: FM/HD Radio Processing: Impact/Pulse/First Version 2: 1.1/2.15...

7.4AI score
Exploits0
ALT Linux
ALT Linux
added 2023/03/17 12:0 a.m.121 views

Security fix for the ALT Linux 10 package apache2 version 1:2.4.56-alt1

1:2.4.56-alt1 built March 17, 2023 Anton Farygin in task 316447 March 9, 2023 Anton Farygin - 2.4.56 Fixes: CVE-2023-25690, CVE-2023-27522...

8.8AI score0.8377EPSS
Exploits5
F5 Networks
F5 Networks
added 2023/02/21 7:49 p.m.17 views

K5718: IKE version 1 multiple vulnerabilities CERT VU#226364

Security Advisory Description Note : Versions that are not listed in this article have not been evaluated for vulnerability to this security advisory. For information about the F5 security policy regarding evaluating older and unsupported versions of F5 products, refer to K4602: Overview of the F...

7AI score
Exploits0
OSV
OSV
added 2023/02/17 6:15 p.m.3 views

CVE-2021-33948

SQL injection vulnerability in FantasticLBP Hotels Server v1.0 allows attacker to execute arbitrary code via the username parameter...

9.8CVSS6.1AI score0.00821EPSS
Exploits1References1
ALT Linux
ALT Linux
added 2023/02/16 12:0 a.m.67 views

Security fix for the ALT Linux 9 package apache2 version 1:2.4.55-alt1

1:2.4.55-alt1 built Feb. 16, 2023 Anton Farygin in task 314497 Feb. 1, 2023 Anton Farygin - 2.4.55 Fixes: CVE-2022-37436, CVE-2006-20001, CVE-2022-36760...

7.4AI score0.57941EPSS
Exploits0
ALT Linux
ALT Linux
added 2023/02/07 12:0 a.m.66 views

Security fix for the ALT Linux 10 package apache2 version 1:2.4.55-alt1

1:2.4.55-alt1 built Feb. 7, 2023 Anton Farygin in task 314495 Feb. 1, 2023 Anton Farygin - 2.4.55 Fixes: CVE-2022-37436, CVE-2006-20001, CVE-2022-36760...

7.4AI score0.57941EPSS
Exploits0
Rows per page
Query Builder