Lucene search
+L

208 matches found

Positive Technologies
Positive Technologies
added 2024/09/27 12:0 a.m.6 views

PT-2024-31819 · Facebook · Facebook Thrift

Name of the Vulnerable Software and Affected Versions: Facebook Thrift versions v2024.09.09.00 through v2024.09.23.00 Description: A null-dereference vulnerability involving parsing requests specifying invalid protocols can cause the application to crash or potentially result in other undesirable...

5.3CVSS7.1AI score0.00351EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/09/16 12:0 a.m.8 views

PT-2024-7673 · Intel · Intel Raid Web Console

Name of the Vulnerable Software and Affected Versions: IntelR RAID Web Console software all versions Description: The issue is related to improper access control in the IntelR RAID Web Console software, which may allow an authenticated user to potentially enable denial of service via adjacent...

5.7CVSS6.8AI score0.00224EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2024/09/10 12:0 a.m.9 views

PT-2024-6586 · Ivanti · Ivanti Workspace Control

Name of the Vulnerable Software and Affected Versions: Ivanti Workspace Control versions 10.18.0.0 and below Description: The issue is related to insufficient server-side controls in the management console of Ivanti Workspace Control, which can be exploited by a local authenticated attacker to...

8.8CVSS7.2AI score0.00245EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2024/09/03 12:0 a.m.7 views

PT-2024-38813 · WordPress · Wp Extended

Name of the Vulnerable Software and Affected Versions: The Ultimate WordPress Toolkit – WP Extended plugin for WordPress version 3.0.8 and earlier Description: The issue allows authenticated attackers with Subscriber-level access and above to change an admin's username to a username of their...

5.4CVSS7.1AI score0.00323EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2024/09/03 12:0 a.m.5 views

PT-2024-26082 · Samsung · Samsung Assistant

Name of the Vulnerable Software and Affected Versions: Samsung Assistant versions prior to 9.1.00.7 Description: The issue is related to the improper handling of insufficient permissions in Samsung Assistant, allowing remote attackers to access location data. User interaction is required for...

4.3CVSS7.2AI score0.00323EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/09/02 12:0 a.m.8 views

PT-2024-6139 · Zyxel · Wax655E +4

Name of the Vulnerable Software and Affected Versions: Zyxel NWA1123ACv3 versions 6.70ABVT.4 and earlier Zyxel WAC500 versions 6.70ABVS.4 and earlier Zyxel WAX655E versions 7.00ACDO.1 and earlier Zyxel WBE530 versions 7.00ACLE.1 and earlier Zyxel USG LITE 60AX version V2.00ACIP.2 Description: The...

10CVSS8.3AI score0.11269EPSS
Exploits0References57
Positive Technologies
Positive Technologies
added 2024/08/30 12:0 a.m.4 views

PT-2024-7592

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.58 Description The issue is related to a race condition between timeout and normal completion in the nbd module of the Linux kernel. This can lead to a use-after-free condition, potentially allowing an attack...

7CVSS5.4AI score0.00201EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2024/08/26 12:0 a.m.9 views

PT-2024-31184 · Tenda · Tenda Ax1806

Name of the Vulnerable Software and Affected Versions: Tenda AX1806 version 1.0.0.1 Description: The issue is a stack overflow that occurs via the serverName parameter in the form fast setting internet set function. Recommendations: For Tenda AX1806 version 1.0.0.1, as a temporary workaround,...

9.8CVSS7.4AI score0.00612EPSS
Exploits1References9
Positive Technologies
Positive Technologies
added 2024/08/22 12:0 a.m.13 views

PT-2024-5978 · Microsoft · Edge

Name of the Vulnerable Software and Affected Versions: Microsoft Edge Chromium-based versions prior to 128.0.2739.42 Description: The issue is related to insufficient input validation in Microsoft Edge, allowing an attacker to execute arbitrary code. There is no information provided about the...

7.8CVSS7.1AI score0.00653EPSS
Exploits0References12
Positive Technologies
Positive Technologies
added 2024/08/19 12:0 a.m.6 views

PT-2024-38693 · Zzcms · Zzcms

Name of the Vulnerable Software and Affected Versions: ZZCMS version 2023 Description: A critical vulnerability was found in ZZCMS, affecting an unknown functionality of the file "/admin/class.php?dowhat=modifyclass". The manipulation of the argument skin leads to path traversal. The attack can b...

7.5CVSS7.4AI score0.00932EPSS
Exploits1References10
Positive Technologies
Positive Technologies
added 2024/08/14 12:0 a.m.11 views

PT-2024-38595 · Unknown · Code-Projects Job Portal

Name of the Vulnerable Software and Affected Versions: code-projects Job Portal version 1.0 Description: A critical issue was found in the logindbc.php file, where an unknown function is affected. The manipulation of the email argument leads to SQL injection. It is possible to launch the attack...

9.8CVSS8AI score0.01235EPSS
Exploits2References10
Positive Technologies
Positive Technologies
added 2024/08/12 12:0 a.m.5 views

PT-2024-30007 · Totolink · Totolink A3700R

Name of the Vulnerable Software and Affected Versions: TOTOLINK A3700R version 9.1.2u.5822 B20200513 Description: The issue is a buffer overflow vulnerability in the ssid parameter within the setWizardCfg function. This vulnerability can be exploited, potentially allowing unauthorized access or...

9.8CVSS7.4AI score0.00663EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2024/08/07 12:0 a.m.5 views

PT-2024-10350 · Unknown · Opigno Learning Path

Name of the Vulnerable Software and Affected Versions: Opigno Learning path versions 0.0.0 through 3.1.2 Description: The issue is related to improper neutralization of directives in statically saved code, also known as 'static code injection', which allows for PHP Local File Inclusion. This can...

7.5CVSS8AI score0.00547EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2024/07/29 12:0 a.m.14 views

PT-2024-38155 · Mp3Tag · Mp3Tag

Name of the Vulnerable Software and Affected Versions: Mp3tag versions up to 3.26d Description: A vulnerability has been found in the library tak deco lib.dll of the component DLL Handler, leading to an uncontrolled search path. The manipulation can be launched on the local host. It is possible t...

7.8CVSS7AI score0.00353EPSS
Exploits1References10
Positive Technologies
Positive Technologies
added 2024/07/28 12:0 a.m.5 views

PT-2024-38128 · Unknown · Sourcecodester School Fees Payment System

Name of the Vulnerable Software and Affected Versions: SourceCodester School Fees Payment System version 1.0 Description: A critical issue has been found in the system, affecting an unknown function of the file /receipt.php. The manipulation of the ef id argument leads to SQL injection. This issu...

8.8CVSS8.1AI score0.00532EPSS
Exploits1References8
Positive Technologies
Positive Technologies
added 2024/07/08 12:0 a.m.8 views

PT-2024-37734 · /N · Ipworks Ssh

Name of the Vulnerable Software and Affected Versions: /n software IPWorks SSH versions prior to 22.0.8945 /n software IPWorks SSH versions prior to 24.0.8945 Description: The /n software IPWorks SSH library SFTPServer component can be induced to make unintended filesystem or network path request...

9.8CVSS9.5AI score0.75812EPSS
Exploits3References6
Positive Technologies
Positive Technologies
added 2024/07/01 12:0 a.m.6 views

PT-2024-26988

Name of the Vulnerable Software and Affected Versions Flowise version 1.4.3 Description The issue concerns a lack of sanitization of the fileName body parameter in the "/api/v1/openai-assistants-file" endpoint, which is located in the index.ts file. This lack of sanitization leads to an arbitrary...

8.7CVSS7.2AI score0.01776EPSS
Exploits3References10
Positive Technologies
Positive Technologies
added 2024/06/14 12:0 a.m.6 views

PT-2024-27698 · Trendnet · Trendnet Tew-814Dap

Name of the Vulnerable Software and Affected Versions: TRENDnet TEW-814DAP version v1 FW1.01B01 Description: A stack overflow issue was discovered via the submit-url parameter at the "/formSysLog" API endpoint. Recommendations: For TRENDnet TEW-814DAP version v1 FW1.01B01, as a temporary...

8.8CVSS7.4AI score0.00683EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2024/06/13 12:0 a.m.6 views

PT-2024-27689 · Totolink · Totolink A3700R

Name of the Vulnerable Software and Affected Versions: TOTOLINK A3700R version 9.1.2u.6165 20211012 Description: A stack overflow issue was discovered in the setWiFiBasicCfg function via the ssid parameter. This issue can potentially be exploited. Recommendations: For TOTOLINK A3700R version...

9.8CVSS7.4AI score0.00663EPSS
Exploits1References7
Positive Technologies
Positive Technologies
added 2024/06/08 12:0 a.m.9 views

PT-2024-37139 · Netentsec · Netentsec Ns-Asg Application Security Gateway

Name of the Vulnerable Software and Affected Versions: Netentsec NS-ASG Application Security Gateway version 6.3 Description: A critical issue was found in the Netentsec NS-ASG Application Security Gateway. The problem is related to an unknown function of the file...

9.8CVSS7.1AI score0.00651EPSS
Exploits1References9
Rows per page
Query Builder