Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

5284 matches found

Positive Technologies
Positive Technologiesadded 2024/02/05 12:0 a.m.3 views

PT-2024-20331 · Unknown · Lotos Webserver

Name of the Vulnerable Software and Affected Versions: Lotos WebServer version 0.1.1 Description: A Use-After-Free UAF issue was discovered in the response append status line function at /lotos/src/response.c. This issue can be exploited, but details about the estimated number of potentially...

7.5CVSS7.4AI score0.00142EPSS
Exploits1References6
CNNVD
CNNVDadded 2024/02/05 12:0 a.m.3 views

Lotos WebServer Security Vulnerability

Lotos WebServer is a small but high-performance HTTP WebServer that follows the Reactor model and uses non-blocking IO and IO multiplexing epoll ET to handle concurrency. A security vulnerability exists in Lotos WebServer version v0.1.1, which was discovered to contain a memory reuse-after-freedo...

7.5CVSS7.1AI score0.00142EPSS
Exploits1References2
Tenable Nessus
Tenable Nessusadded 2024/01/17 12:0 a.m.56 views

Dell iDRAC6 Out-of-bounds Write (CVE-2019-3705)

Dell EMC iDRAC6 versions prior to 2.92, iDRAC7/iDRAC8 versions prior to 2.61.60.60, and iDRAC9 versions prior to 3.20.21.20, 3.21.24.22, 3.21.26.22 and 3.23.23.23 contain a stack-based buffer overflow vulnerability. An unauthenticated remote attacker may potentially exploit this vulnerability to...

10CVSS8.3AI score0.02104EPSS
Exploits0References2
0day.today
0day.todayadded 2024/01/15 12:0 a.m.308 views

Xitami 2.5 Denial Of Service Exploit

!/usr/bin/perl use IO::Socket::INET; Exploit Title: Xitami 2.5 - Denial of Service DoS Discovery by: Fernando Mengali Discovery Date: 14 january 2024 Vendor Homepage: https://imatix-legacy.github.io/xitami.com/ Download to demo:...

7.4AI score
Exploits0
Zero Day Initiative
Zero Day Initiativeadded 2024/01/11 12:0 a.m.22 views

D-Link DIR-X3260 prog.cgi SetIPv6PppoeSettings Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Authentication is required to exploit this vulnerability. The specific flaw exists within the prog.cgi binary, which handles HNAP requests made to the lighttpd...

6.8CVSS7.5AI score0.01749EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiativeadded 2024/01/11 12:0 a.m.22 views

D-Link DIR-X3260 prog.cgi SetWanSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Authentication is required to exploit this vulnerability. The specific flaw exists within the prog.cgi binary, which handles HNAP requests made to the lighttpd...

6.8CVSS7.5AI score0.01749EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiativeadded 2024/01/11 12:0 a.m.29 views

D-Link DIR-X3260 prog.cgi SetMyDLinkRegistration Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Authentication is required to exploit this vulnerability. The specific flaw exists within the prog.cgi binary, which handles HNAP requests made to the lighttpd...

6.8CVSS7.5AI score0.01749EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiativeadded 2024/01/11 12:0 a.m.22 views

D-Link DIR-X3260 prog.cgi SetWLanRadioSecurity Stack-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Authentication is required to exploit this vulnerability. The specific flaw exists within the prog.cgi binary, which handles HNAP requests made to the lighttpd...

6.8CVSS7.5AI score0.01749EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiativeadded 2024/01/11 12:0 a.m.20 views

D-Link DIR-X3260 prog.cgi SetUsersSettings Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Authentication is required to exploit this vulnerability. The specific flaw exists within the prog.cgi binary, which handles HNAP requests made to the lighttpd...

6.8CVSS7.5AI score0.01372EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiativeadded 2024/01/11 12:0 a.m.26 views

D-Link DIR-X3260 prog.cgi SetDeviceSettings Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Authentication is required to exploit this vulnerability. The specific flaw exists within the prog.cgi binary, which handles HNAP requests made to the lighttpd...

6.8CVSS7.5AI score0.01044EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiativeadded 2024/01/11 12:0 a.m.19 views

D-Link DIR-X3260 prog.cgi SetTriggerPPPoEValidate Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Authentication is required to exploit this vulnerability. The specific flaw exists within the prog.cgi binary, which handles HNAP requests made to the lighttpd...

6.8CVSS7.5AI score0.01044EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiativeadded 2024/01/11 12:0 a.m.21 views

D-Link DIR-X3260 prog.cgi SetSysEmailSettings Stack-Based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. Authentication is required to exploit this vulnerability. The specific flaw exists within the prog.cgi binary, which handles HNAP requests made to the lighttpd...

6.8CVSS7.5AI score0.01749EPSS
Exploits0References1
Fedora
Fedoraadded 2024/01/08 1:24 a.m.56 views

[SECURITY] Fedora 39 Update: python-aiohttp-3.9.1-1.fc39

Python HTTP client/server for asyncio which supports both the client and the server side of the HTTP protocol, client and server websocket, and webservers with middlewares and pluggable routing...

7.2CVSS6.3AI score0.00457EPSS
Exploits2
CNNVD
CNNVDadded 2024/01/07 12:0 a.m.4 views

TOTOLINK X2000R 安全漏洞

TOTOLINK X2000R is a wireless router from China's Gion Electronics TOTOLINK. A buffer overflow vulnerability exists in TOTOLINK X2000R X2000RV2 version 2.0.0-B20230727.10434. The vulnerability stems from the formTmultiAP function in file /bin/boa failing to properly validate the length size of th...

9.8CVSS8.1AI score0.00422EPSS
Exploits1References4
OSV
OSVadded 2024/01/05 4:15 a.m.11 views

CVE-2024-22088

Lotos WebServer through 0.1.1 commit 3eb36cc has a use-after-free in bufferavail at buffer.h via a long URI, because realloc is mishandled...

9.8CVSS6.9AI score
Exploits0References1
NVD
NVDadded 2024/01/05 4:15 a.m.11 views

CVE-2024-22088

Lotos WebServer through 0.1.1 commit 3eb36cc has a use-after-free in bufferavail at buffer.h via a long URI, because realloc is mishandled...

9.8CVSS9.4AI score0.00222EPSS
Exploits1References1
Prion
Prionadded 2024/01/05 4:15 a.m.15 views

Design/Logic Flaw

Lotos WebServer through 0.1.1 commit 3eb36cc has a use-after-free in bufferavail at buffer.h via a long URI, because realloc is mishandled...

7.5CVSS7.2AI score0.00222EPSS
Exploits1References1Affected Software1
CNNVD
CNNVDadded 2024/01/05 12:0 a.m.2 views

Lotos WebServer Security Vulnerability

Lotos WebServer is a small but high-performance HTTP WebServer that follows the Reactor model and uses non-blocking IO and IO multiplexing epoll ET to handle concurrency. A security vulnerability exists in Lotos WebServer version 0.1.1 and earlier, which stems from improper realloc handling, the...

9.8CVSS6.8AI score0.00222EPSS
Exploits1References2
Cvelist
Cvelistadded 2024/01/05 12:0 a.m.15 views

CVE-2024-22088

Lotos WebServer through 0.1.1 commit 3eb36cc has a use-after-free in bufferavail at buffer.h via a long URI, because realloc is mishandled...

9.7AI score0.00222EPSS
Exploits1References1
Positive Technologies
Positive Technologiesadded 2024/01/05 12:0 a.m.2 views

PT-2024-19199 · Unknown · Lotos Webserver

Name of the Vulnerable Software and Affected Versions: Lotos WebServer versions through 0.1.1 Description: The issue is related to a use-after-free in the buffer avail function at buffer.h, which occurs when handling a long URI. This is due to the mishandling of realloc. Recommendations: For...

9.8CVSS7.2AI score0.00222EPSS
Exploits1References7
Rows per page
Query Builder