Lucene search
K

348 matches found

Positive Technologies
Positive Technologies
added 2024/12/09 12:0 a.m.4 views

PT-2024-36447 · Unknown · Kashipara E-Learning Management System

Name of the Vulnerable Software and Affected Versions: KASHIPARA E-learning Management System version 1.0 Description: The issue concerns a SQL Injection vulnerability in the /admin/delete subject.php endpoint. This vulnerability allows for potential exploitation by injecting malicious SQL code...

7.2CVSS7.6AI score0.00493EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2024/12/09 12:0 a.m.5 views

PT-2024-9970

Name of the Vulnerable Software and Affected Versions: Apache Superset versions 2.0.0 through 4.1.0 Description: The issue is related to an improper authorization procedure in the FAB ADD SECURITY API component of Apache Superset, allowing lower privilege users to use this API. This can potential...

7.6CVSS6.7AI score0.00653EPSS
Exploits0References19
Positive Technologies
Positive Technologies
added 2024/12/08 12:0 a.m.10 views

PT-2024-36975

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.74 Description The issue is related to an invalid access to prog array in perf event detach bpf prog. A crash occurs when a tracepoint perf event with attr.inherit=1 is created, attached to a process, and a b...

5.5CVSS5.5AI score0.00214EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2024/11/25 12:0 a.m.6 views

PT-2024-9998 · NetGear · Netgear R6900P

Name of the Vulnerable Software and Affected Versions: Netgear R6900 version 1.0.1.26 1.0.20 Description: A critical vulnerability has been found in the Netgear R6900 router, affecting an unknown functionality of the file upgrade check.cgi in the HTTP Header Handler component. The manipulation of...

7.1CVSS8.4AI score0.00776EPSS
Exploits0References11
Positive Technologies
Positive Technologies
added 2024/11/12 12:0 a.m.7 views

PT-2024-8973 · Citrix · Citrix Netscaler Application Delivery Controller +1

Name of the Vulnerable Software and Affected Versions: Citrix NetScaler Application Delivery Controller ADC and Citrix NetScaler Gateway affected versions not specified Description: The issue is related to a memory safety vulnerability that can lead to memory corruption and Denial of Service in...

8.4CVSS7.6AI score0.00562EPSS
Exploits0References31
Positive Technologies
Positive Technologies
added 2024/11/08 12:0 a.m.4 views

PT-2024-8230 · Tenda · Tenda Ac10

Name of the Vulnerable Software and Affected Versions: Tenda AC10 version 16.03.10.13 Description: A critical vulnerability was found in the function FUN 0046AC38 of the file /goform/WifiExtraSet. The manipulation of the argument wpapsk crypto leads to a stack-based buffer overflow. It is possibl...

9CVSS8.9AI score0.01043EPSS
Exploits1References14
Positive Technologies
Positive Technologies
added 2024/11/01 12:0 a.m.4 views

PT-2024-16407 · Safenet · Esafenet Cdg

Name of the Vulnerable Software and Affected Versions: ESAFENET CDG version 5 Description: A critical issue affects the delProtocol function of the file /com/esafenet/servlet/system/PrintScreenListService.java. The manipulation of the id argument leads to SQL injection. The attack may be initiate...

8.8CVSS7.1AI score0.00543EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2024/10/31 12:0 a.m.8 views

PT-2024-34578 · Draytek · Draytek Vigor3900

Name of the Vulnerable Software and Affected Versions: DrayTek Vigor3900 version 1.5.1.3 Description: The issue allows attackers to inject malicious commands into mainfunction.cgi and execute arbitrary commands by calling the ruequest certificate function. Recommendations: For DrayTek Vigor3900...

9.8CVSS7.8AI score0.00375EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/10/28 12:0 a.m.5 views

PT-2024-8854 · D Link · D-Link Dir-820L

Name of the Vulnerable Software and Affected Versions: D-Link DIR-820L version 1.05b03 Description: The issue is related to the ping v4 and ping v6 functions in the D-Link DIR-820L router's firmware, which fails to properly sanitize data when handling the ping addr parameter. This can allow a...

8CVSS8AI score0.00835EPSS
Exploits1References10
Positive Technologies
Positive Technologies
added 2024/10/27 12:0 a.m.4 views

PT-2024-16273 · Wavlink · Wavlink Wn572Hp3 +1

Name of the Vulnerable Software and Affected Versions: WAVLINK WN530H4 versions up to 20221028 WAVLINK WN530HG4 versions up to 20221028 WAVLINK WN572HG3 versions up to 20221028 Description: A critical issue affects the set ipv6 function of the firewall.cgi file, where manipulation of the...

8.6CVSS7.7AI score0.1413EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2024/10/25 12:0 a.m.7 views

PT-2024-11558 · Ovaledge · Ovaledge

Name of the Vulnerable Software and Affected Versions: OvalEdge versions 5.2.8.0 and earlier Description: The issue is related to multiple Stored XSS also known as Persistent or Type II vulnerabilities. These vulnerabilities can be exploited via a POST request to the "/profile/updateProfile" API...

6.4CVSS6.2AI score0.00274EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2024/10/15 12:0 a.m.8 views

PT-2024-36895

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A vulnerability has been resolved in the Linux kernel related to the scsi: hisi sas driver. The issue occurs when the dump is triggered while the driver is unbind, causing a hang due to ...

5.5CVSS5.4AI score0.0023EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2024/10/06 12:0 a.m.5 views

PT-2024-7098 · D Link · Dir-605L

Name of the Vulnerable Software and Affected Versions: D-Link DIR-605L version 2.13B01 BETA Description: A critical issue has been found in the function formWlanSetup Wizard of the file /goform/formWlanSetup Wizard. The manipulation of the argument webpage leads to buffer overflow. This issue...

9CVSS9.1AI score0.01374EPSS
Exploits1References12
Positive Technologies
Positive Technologies
added 2024/10/05 12:0 a.m.7 views

PT-2024-7468 · D Link · Dir-605L

Name of the Vulnerable Software and Affected Versions: D-Link DIR-605L version 2.13B01 BETA Description: A critical vulnerability has been found in the function formAdvanceSetup of the file /goform/formAdvanceSetup. The manipulation of the argument webpage leads to buffer overflow. The attack can...

9CVSS9.1AI score0.0145EPSS
Exploits1References16
Positive Technologies
Positive Technologies
added 2024/10/03 12:0 a.m.4 views

PT-2024-31823 · Bandisoft · Bandiview

Name of the Vulnerable Software and Affected Versions: Bandisoft BandiView version 7.05 Description: The issue is related to incorrect access control via the sub 0x232bd8 function, resulting in a denial of service DOS. Recommendations: For Bandisoft BandiView version 7.05, consider disabling the...

6.3CVSS7AI score0.00425EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2024/10/01 12:0 a.m.6 views

PT-2024-31900 · Unknown · Scriptcase

Name of the Vulnerable Software and Affected Versions: Scriptcase versions 9.10.023 and earlier Description: The issue is a Remote Code Execution RCE vulnerability caused by the nm zip function. This allows for remote code execution, potentially leading to unauthorized access and control of the...

8CVSS8.3AI score0.00731EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2024/09/30 12:0 a.m.6 views

PT-2024-9599 · Tenda · Tenda G3

Name of the Vulnerable Software and Affected Versions: Tenda G3 version 3.0 v15.11.0.20 Description: The issue is related to the formSetDebugCfg function in the Tenda G3 wireless access point firmware, which is associated with incorrect filtering of the enable, level, and module parameter values...

8.8CVSS8AI score0.01642EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2024/09/25 12:0 a.m.11 views

PT-2024-32396 · Django +1 · Django +1

Name of the Vulnerable Software and Affected Versions: Strawberry GraphQL versions prior to 0.243.0 Description: The issue concerns Strawberry GraphQL, a library for creating GraphQL APIs. Prior to version 0.243.0, multipart file upload support was enabled by default in all Strawberry HTTP view...

8CVSS7.6AI score0.0023EPSS
Exploits0References13
Positive Technologies
Positive Technologies
added 2024/09/18 12:0 a.m.5 views

PT-2024-32054 · Draytek · Draytek Vigor 3910

Name of the Vulnerable Software and Affected Versions: Draytek Vigor 3910 version 4.3.2.6 Description: A buffer overflow issue was discovered in the extRadSrv2 parameter at the "cgiapp.cgi" endpoint. This issue allows attackers to cause a Denial of Service DoS via a crafted input. Recommendations...

7.5CVSS7.6AI score0.0045EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/09/16 12:0 a.m.7 views

PT-2024-31993 · Totolink · Totolink Ac1200 T8

Name of the Vulnerable Software and Affected Versions: TOTOLINK AC1200 T8 version 4.1.5cu.861 B20230220 Description: The issue is a buffer overflow vulnerability in the setWiFiAclRules function via the desc parameter. This vulnerability can be exploited, but details about the estimated number of...

9.8CVSS7.5AI score0.01247EPSS
Exploits1References9
Rows per page
Query Builder