Lucene search
K

419 matches found

Patchstack
Patchstack
added 2025/07/30 3:2 p.m.7 views

WordPress Button Block Plugin plugin <= 1.2.0 - Cross Site Request Forgery (CSRF) Vulnerability

Cross Site Request Forgery CSRF Vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin Button Block versions = 1.2.0...

4.3CVSS6.6AI score0.00135EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/07/22 11:10 a.m.14 views

WordPress AI Tools <= 4.0.7 - Arbitrary Content Deletion Vulnerability

Arbitrary Content Deletion Vulnerability discovered by theviper17 in WordPress Plugin AI Tools versions = 4.0.7...

6.5CVSS6.6AI score0.00299EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/06/06 1:26 p.m.6 views

WordPress Min Max Step Quantity Limits Manager for WooCommerce plugin <= 5.1.0 - Cross Site Request Forgery (CSRF) vulnerability

Cross Site Request Forgery CSRF vulnerability discovered by Mika Patchstack Alliance in WordPress Plugin Min Max Step Quantity Limits Manager for WooCommerce versions = 5.1.0...

4.3CVSS6.8AI score0.0015EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/06/05 12:5 a.m.9 views

WordPress POEditor plugin <= 0.9.10 - CSRF to Arbitrary File Deletion vulnerability

CSRF to Arbitrary File Deletion vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin POEditor versions = 0.9.10...

7.4CVSS6.8AI score0.00166EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/23 7:2 a.m.8 views

CVE-2024-44415

A vulnerability was discovered in DI8200-16.07.26A1, There is a buffer overflow in the dbsrvasp function; The strcpy function is executed without checking the length of the string, leading to a buffer overflow...

6.5CVSS7.4AI score0.00348EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:53 p.m.7 views

CVE-2022-46476

D-Link DIR-859 A1 1.05 was discovered to contain a command injection vulnerability via the service= variable in the soapcgimain function...

9.8CVSS7.9AI score0.41055EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:50 p.m.7 views

CVE-2020-8090

The Username field in the Storage Service settings of A1 WLAN Box ADB VV2220v2 devices allows stored XSS after a successful Administrator login...

4.8CVSS5.9AI score0.00625EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 12:56 p.m.14 views

CVE-2018-4025

An exploitable denial-of-service vulnerability exists in the XMLGetRawEncJpg Wi-Fi command of the NT9665X Chipset firmware, running on the Anker Roav A1 Dashcam, version RoavA1SWV1.9. A specially crafted packet can cause an invalid memory dereference, resulting in a device reboot...

7.8CVSS7AI score0.0164EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:55 a.m.6 views

CVE-2018-4018

An exploitable firmware update vulnerability exists in the NT9665X Chipset firmware, running on Anker Roav A1 Dashcam version RoavA1SWV1.9. The HTTP server allows for arbitrary firmware binaries to be uploaded which will be flashed upon next reboot. An attacker can send an HTTP PUT request or...

10CVSS7AI score0.02332EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:48 a.m.12 views

CVE-2018-4017

An exploitable vulnerability exists in the Wi-Fi Access Point feature of the Roav A1 Dashcam running version RoavA1SWV1.9. A set of default credentials can potentially be used to connect to the device. An attacker can connect to the AP to trigger this vulnerability...

8.8CVSS6.8AI score0.00494EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:47 a.m.9 views

CVE-2018-4026

An exploitable denial-of-service vulnerability exists in the XMLGetScreen Wi-Fi command of the NT9665X Chipset firmware, running on the Anker Roav A1 Dashcam, version RoavA1SWV1.9. A specially crafted set of packets can cause an invalid memory dereference, resulting in a device reboot...

7.8CVSS7AI score0.01469EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2025/05/12 12:0 a.m.8 views

The vulnerability of the SetVirtualServerSettings module in D-Link DIR-853 A1 router microprogramming software allows a hacker to execute arbitrary commands.

The vulnerability of the SetVirtualServerSettings module in D-Link DIR-853 A1 router microprogramming software is related to the lack of measures taken to clean data at the management level. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

9CVSS7AI score0.01671EPSS
Exploits1References4Affected Software1
Patchstack
Patchstack
added 2025/05/05 12:14 p.m.6 views

WordPress External image replace plugin <= 1.0.8 - Authenticated (Contributor+) Arbitrary File Upload vulnerability

Authenticated Contributor+ Arbitrary File Upload vulnerability discovered by István Márton in WordPress Plugin External image replace versions = 1.0.8...

8.8CVSS8.4AI score0.00618EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2025/05/02 1:52 p.m.12 views

WordPress Web3Press – Decentralize Publishing with Writing NFT plugin <= 3.2.0 - Arbitrary File Read vulnerability

Arbitrary File Read vulnerability discovered by ch4r0n in WordPress Plugin Web3Press versions = 3.2.0...

6.5CVSS8.9AI score0.00416EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/04/16 2:2 p.m.7 views

WordPress WP Tools plugin <= 5.18 - CSRF to Arbitrary File Deletion vulnerability

CSRF to Arbitrary File Deletion vulnerability discovered by chuck in WordPress Plugin WP Tools versions = 5.18...

7.4CVSS8.4AI score0.00234EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/04/16 1:54 p.m.8 views

WordPress Administrator Z plugin <= 2025.03.28 - Directory Traversal Vulnerability

Directory Traversal Vulnerability discovered by Nguyen Xuan Chien in WordPress Plugin Administrator Z versions = 2025.03.28...

4.9CVSS8.1AI score0.00618EPSS
Exploits0Affected Software1
BDU FSTEC
BDU FSTEC
added 2025/04/09 12:0 a.m.7 views

The vulnerability of the SetDynamicDNSSettings module in D-Link DIR-853 A1 router microprogramming software allows a hacker to execute arbitrary code.

The vulnerability of the SetDynamicDNSSettings module in D-Link DIR-853 A1 router microprogramming software is related to buffer overflow when processing the Password parameter. Exploiting this vulnerability allows an attacker operating remotely to execute arbitrary code...

10CVSS7.3AI score0.00572EPSS
Exploits1References4Affected Software1
Patchstack
Patchstack
added 2025/04/04 1:39 p.m.8 views

WordPress StaffList plugin <= 3.2.7 - Sensitive Data Exposure vulnerability

Sensitive Data Exposure vulnerability discovered by Anhchangmutrang in WordPress Plugin StaffList versions = 3.2.7...

5.3CVSS8.4AI score0.00514EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/03/14 9:2 a.m.9 views

CVE-2025-2191

A vulnerability, which was classified as problematic, has been found in Claro A7600-A1 RNR4-A72T-2x16v2110403CLA32160817. Affected by this issue is some unknown functionality of the file /form2pingv6.cgi of the component Ping6 Diagnóstico. The manipulation of the argument ip6addr with the input...

4.8CVSS3.4AI score0.00285EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/03/11 12:0 p.m.5 views

CVE-2025-2191 Claro A7600-A1 Ping6 Diagnóstico form2pingv6.cgi cross site scripting

A vulnerability, which was classified as problematic, has been found in Claro A7600-A1 RNR4-A72T-2x16v2110403CLA32160817. Affected by this issue is some unknown functionality of the file /form2pingv6.cgi of the component Ping6 Diagnóstico. The manipulation of the argument ip6addr with the input...

4.8CVSS3.4AI score0.00285EPSS
Exploits0References3
Rows per page
Query Builder