313 matches found
ASUS RT-AX56U 缓冲区错误漏洞
ASUS RT-AX56U is a wireless router from ASUS, China.ASUS RT-AX56U Router firmware version 3.0.0.4.386.44266 has a buffer overflow vulnerability, which stems from the strcat function's lack of length checks for user input data, which can be exploited by attackers to remotely execute commands...
CVE-2019-15167
The VRRP parser in tcpdump before 4.9.3 has a buffer over-read in print-vrrp.c:vrrpprint for VRRP version 3, a different vulnerability than CVE-2018-14463...
CVE-2022-20823
Cisco NX-OS Software OSPFv3 DoS vulnerability (CVE-2022-20823) arises from incomplete input validation of OSPFv3 LSAs. An unauthenticated remote attacker sending crafted OSPFv3 LSAs can crash and restart the OSPFv3 process, causing device reloads and DoS. The feature is disabled by default and ex...
PT-2022-4455 · Cisco · Cisco Nx-Os +1
Name of the Vulnerable Software and Affected Versions: Cisco NX-OS Software affected versions not specified Description: The issue is related to the OSPF version 3 OSPFv3 feature of Cisco NX-OS Software and is due to incomplete input validation of specific OSPFv3 packets. This could allow an...
Default credentials
BF-OS version 3.x up to and including 3.83 do not enforce strong passwords which may allow a remote attacker to brute-force the device password...
CVE-2022-36301
BF-OS version 3.x up to and including 3.83 do not enforce strong passwords which may allow a remote attacker to brute-force the device password...
CVE-2022-36301
CVE-2022-36301 affects BF-OS versions 3.x up to 3.83. The vulnerability arises from not enforcing strong passwords, enabling a remote attacker to brute-force the device password. Documented impact is high for confidentiality and availability, with the base CVSS indicating network access, low comp...
PT-2022-7817 · Red Hat · Openshift Origin
Name of the Vulnerable Software and Affected Versions: Openshift Origin version 3 Description: The issue is related to insecure cookies being set in the console of Openshift Origin. Specifically, the cookies lack 'secure' and 'HttpOnly' attributes. Recommendations: For Openshift Origin version 3,...
Moodle Portfolio forum caller class allows a user to download any file
An issue was discovered in Moodle 3.x. Students who posted on forums and exported the posts to portfolios can download any stored Moodle file by changing the download URL...
CVE-2022-24858
next-auth v3 users before version 3.29.2 are impacted. next-auth version 4 users before version 4.3.2 are also impacted. Upgrading to 3.29.2 or 4.3.2 will patch this vulnerability. If you are not able to upgrade for any reason, you can add a configuration to your callbacks option. If you already...
GHSA-VP5X-3V8R-QPRW Deserialization of Untrusted Data in Dubbo
A deserialization vulnerability existed in dubbo hessian-lite 3.2.11 and its earlier versions, which could lead to malicious code execution. Most Dubbo users use Hessian2 as the default serialization/deserialization protocol, during Hessian catch unexpected exceptions, Hessian will log out some...
GHSA-Q656-G2X3-8CGH Kylin can receive user input and load any class through Class.forName(...).
Kylin can receive user input and load any class through Class.forName.... This issue affects Apache Kylin 2 version 2.6.6 and prior versions; Apache Kylin 3 version 3.1.2 and prior versions; Apache Kylin 4 version 4.0.0 and prior versions...
admin-tool-button (>=1.0.1a0 <=1.0.5a0), apis-ampel (=0.1.0) +51 more potentially affected by CVE-2021-45452 via django (>=3.2.0 <=3.2.10)
django PYPI version =3.2.0, =1.0.1a0, =0.2.0, =22.0.0.dev21, =22.0.0.dev13, =22.0.0.dev29, =22.0.0.dev30 - autoreduce-utils =0.1.0 - common-framework =2021.4.1 - directory-validators =9.0.0 - django-admin-taggit-ui =0.1.0.dev0 - django-blocklist =1.0.0 - django-brazilian-zipcode =0.1.0 -...
Siemens S7 Layer 2 - Denial of Service (DoS)
Exploit Title: Siemens S7 Layer 2 - Denial of Service DoS Date: 21/10/2021 Exploit Author: RoseSecurity Vendor Homepage: https://www.siemens.com/us/en.html Version: Firmware versions = 3 Tested on: Siemens S7-300, S7-400 PLCs !/usr/bin/python3 from scapy.all import from colorama import Fore, Back...
Sonatype Nexus Repository Manager 3.x < 3.21.2 RCE
The Sonatype Nexus Repository Manager server application running on the remote host is version 3.x prior to 3.21.2. It is, therefore, affected by a remote code execution vulnerability, which allows for an attacker with any type of account on NXRM to execute arbitrary code by crafting a malicious...
Python 'socket.recvfrom_into' Buffer Overflow Vulnerability (Mar 2014) - Linux
Python is prone to a buffer overflow vulnerability. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:python:python"; ifdescription...
Bludit 跨站脚本漏洞
Bludit is an open source lightweight blog content management system CMS. A security vulnerability exists in version 3-13-1 of bludit. No more information about this vulnerability is available at this time, please stay tuned to CNNVD or the vendor announcement...
CVE-2021-38454
A path traversal vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to create or overwrite critical files used to execute code, such as programs or libraries...
CVE-2021-38458
A path traversal vulnerability in the Moxa MXview Network Management software Versions 3.x to 3.2.2 may allow an attacker to create or overwrite critical files used to execute code, such as programs or libraries...
LimeSurvey 3.x-LTS < 3.27.19 XSS Vulnerability
LimeSurvey is prone to a cross-site scripting XSS vulnerability in assets/scripts/modaldialog.js and assets/scripts/uploader.js. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...