Lucene search
K

20 matches found

ATTACKERKB
ATTACKERKB
added 2026/02/19 8:27 a.m.2 views

CVE-2026-27094

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in GoDaddy CoBlocks coblocks allows Stored XSS.This issue affects CoBlocks: from n/a through = 3.1.16...

5.5AI score0.0013EPSS
Exploits0References2
OSV
OSV
added 2025/11/20 4:53 p.m.5 views

CVE-2025-62724 Open OnDemand allowlist bypass using symlinks in directory downloads (TOCTOU)

Open OnDemand is an open-source HPC portal. Prior to versions 4.0.8 and 3.1.16, users can craft a "Time of Check to Time of Use" TOCTOU attack when downloading zip files to access files outside of the OODALLOWLIST. This vulnerability impacts sites that use the file browser allowlists in all curre...

4.3CVSS6.8AI score0.00182EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/12/11 12:0 a.m.4 views

PT-2024-36573 · Siyuan · Siyuan

Name of the Vulnerable Software and Affected Versions: Siyuan versions prior to 3.1.16 Description: Siyuan is a personal knowledge management system. The /api/asset/upload endpoint in Siyuan is vulnerable to both arbitrary file write to the host and stored Cross-Site Scripting via the file write...

9.8CVSS6AI score0.89633EPSS
Exploits15References36
Patchstack
Patchstack
added 2024/09/30 9:38 a.m.4 views

WordPress Strong Testimonials plugin <= 3.1.16 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Joshua Chan Patchstack Alliance in WordPress Plugin Strong Testimonials versions = 3.1.16...

8.8CVSS7AI score0.00396EPSS
Exploits0Affected Software1
OSV
OSV
added 2022/10/25 5:15 p.m.6 views

CVE-2022-35265

A denial of service vulnerability exists in the webserver hashFirst functionality of Robustel R1510 3.1.16 and 3.3.0. A specially-crafted network request can lead to denial of service. An attacker can send a sequence of requests to trigger this vulnerability.This denial of service is in the...

7.5CVSS5.8AI score0.01011EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2022/10/25 12:0 a.m.10 views

PT-2022-22674 · Robustel · Robustel R1510

Name of the Vulnerable Software and Affected Versions: Robustel R1510 versions 3.1.16 through 3.3.0 Description: A denial of service issue exists in the web server hashFirst functionality. It can be triggered by a specially-crafted network request, allowing an attacker to send a sequence of...

7.5CVSS5.2AI score0.01011EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2022/10/25 12:0 a.m.9 views

PT-2022-22668 · Robustel · Robustel R1510

Name of the Vulnerable Software and Affected Versions: Robustel R1510 versions 3.1.16 through 3.3.0 Description: A denial of service issue exists in the web server hashFirst functionality. A specially-crafted network request can lead to denial of service. An attacker can send a sequence of reques...

7.5CVSS5.3AI score0.00904EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2022/10/25 12:0 a.m.4 views

PT-2022-22669 · Robustel · Robustel R1510

Name of the Vulnerable Software and Affected Versions: Robustel R1510 versions 3.1.16 through 3.3.0 Description: A denial of service issue exists in the web server hashFirst functionality. A specially-crafted network request can lead to denial of service. An attacker can send a sequence of reques...

7.5CVSS5.2AI score0.01011EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2022/10/25 12:0 a.m.5 views

PT-2022-22671 · Robustel · Robustel R1510

Name of the Vulnerable Software and Affected Versions: Robustel R1510 versions 3.1.16 through 3.3.0 Description: A denial of service issue exists in the web server hashFirst functionality. It can be triggered by a specially-crafted network request, allowing an attacker to send a sequence of...

7.5CVSS5.3AI score0.00904EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2022/10/25 12:0 a.m.10 views

PT-2022-22667 · Robustel · Robustel R1510

Name of the Vulnerable Software and Affected Versions: Robustel R1510 versions 3.1.16 through 3.3.0 Description: A denial of service issue exists in the web server hashFirst functionality. A specially-crafted network request can lead to denial of service. An attacker can send a sequence of reques...

7.5CVSS5.3AI score0.0087EPSS
Exploits1References4
CNNVD
CNNVD
added 2022/10/14 12:0 a.m.4 views

Robustel R1510 数据伪造问题漏洞

The Robustel R1510 is an industrial VPN router from the Chinese company Robustel. The Robustel R1510 version 3.1.16 and version 3.3.0 are vulnerable to a data forgery issue. An attacker can exploit this vulnerability to update arbitrary firmware...

6.7CVSS6.6AI score0.00348EPSS
Exploits1References4
CNNVD
CNNVD
added 2022/10/14 12:0 a.m.7 views

Robustel R1510 缓冲区错误漏洞

Robustel R1510 is an industrial VPN router from Robustel China. A buffer error vulnerability exists in Robustel R1510 version 3.1.16 and 3.3.0. The vulnerability stems from a denial-of-service vulnerability in the webserver hashFirst function, where a specially crafted network request could resul...

7.5CVSS6.1AI score0.01011EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/10/14 12:0 a.m.4 views

Robustel R1510 命令注入漏洞

Robustel R1510 is an industrial VPN router from Robustel China. A command injection vulnerability exists in Robustel R1510 version 3.1.16 and 3.3.0. The vulnerability stems from a denial-of-service vulnerability in the webserver hashFirst function, where a specially crafted network request could...

7.5CVSS6AI score0.00904EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/10/14 12:0 a.m.4 views

Robustel R1510 操作系统命令注入漏洞

The Robustel R1510 is an industrial VPN router from the Chinese company Robustel. An operating system command injection vulnerability exists in Robustel R1510 version 3.1.16 and version 3.3.0. An attacker can exploit this vulnerability to execute arbitrary commands...

9.1CVSS8.3AI score0.0338EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/10/14 12:0 a.m.5 views

Robustel R1510 缓冲区错误漏洞

Robustel R1510 is an industrial VPN router from Robustel China. A buffer error vulnerability exists in Robustel R1510 version 3.1.16 and 3.3.0. The vulnerability stems from a denial-of-service vulnerability in the webserver hashFirst function, where a specially crafted network request could resul...

7.5CVSS6.1AI score0.0087EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2022/10/13 12:0 a.m.4 views

PT-2022-22665 · Robustel · Robustel R1510

Name of the Vulnerable Software and Affected Versions: Robustel R1510 versions 3.1.16 through 3.3.0 Description: A denial of service issue exists in the web server hashFirst functionality. This can be triggered by a specially-crafted network request, allowing an attacker to send a sequence of...

7.5CVSS5.2AI score0.01084EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2022/10/13 12:0 a.m.9 views

PT-2022-22394 · Robustel · Robustel R1510

Name of the Vulnerable Software and Affected Versions: Robustel R1510 versions 3.1.16 through 3.3.0 Description: A command injection issue exists in the web server's /action/import authorized keys/ functionality. This allows an attacker to execute arbitrary commands by sending specially crafted...

9.1CVSS8.6AI score0.0338EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2022/10/13 12:0 a.m.9 views

PT-2022-21449 · Robustel · Robustel R1510

Name of the Vulnerable Software and Affected Versions: Robustel R1510 versions 3.1.16 through 3.3.0 Description: A command injection issue exists in the sysupgrade command injection functionality. This allows an attacker to execute arbitrary commands by sending a specially-crafted network request...

9.8CVSS9.7AI score0.03455EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2022/07/13 12:0 a.m.6 views

PT-2022-5412 · Robustel · Robustel R1510

Name of the Vulnerable Software and Affected Versions: Robustel R1510 versions 3.1.16 through 3.3.0 Description: A denial of service issue exists in the web server hashFirst functionality. This can be triggered by a specially-crafted network request, allowing an attacker to cause a denial of...

7.8CVSS5.3AI score0.01011EPSS
Exploits1References5
VulnCheck KEV
VulnCheck KEV
added 2020/12/01 12:0 a.m.2 views

VulnCheck KEV: CVE-2005-2848

Directory traversal vulnerability in img.pl in Barracuda Spam Firewall running firmware 3.1.16 and 3.1.17 allows remote attackers to read arbitrary files via a .. dot dot in the f parameter...

5CVSS5.9AI score0.0877EPSS
Exploits1References1
Rows per page
Query Builder