CVE-2023-43534

Memory corruption while validating the TID to Link Mapping action request frame, when a station connects to an access point...

EUVD-2015-9100

Malware in sbrugna...

CVE-2015-9257

BMC Remedy Action Request AR System 9.0 before 9.0.00 Service Pack 2 hot fix 1 has persistent XSS...

CVE-2023-43534

Memory corruption while validating the TID to Link Mapping action request frame, when a station connects to an access point...

CVE-2023-43534

CVE-2023-43534 describes a memory corruption vulnerability in Qualcomm WLAN chipsets when validating the TID to Link Mapping action request frame during station association to an access point. The attribute scores indicate a network-exposed, high-severity issue with low attack complexity and no u...

CVE-2021-45912

An unauthenticated Named Pipe channel in Controlup Real-Time Agent cuAgent.exe before 8.5 potentially allows an attacker to run OS commands via the ProcessActionRequest WCF method...

Controlup Real-Time Agent操作系统命令注入漏洞

Controlup Real-Time Agent is a real-time agent from Controlup USA. The Controlup Real-Time Agent suffers from a command injection vulnerability that originates from an unauthenticated named pipe channel in the Controlup Real-Time Agent, which can be exploited by an attacker to run operating syste...

Buffer overflow

Buffer Overflow in Tenda G1 and G3 routers with firmware v15.11.0.179502CN allows remote attackers to execute arbitrary code via a crafted action/"portMappingIndex "request. This occurs because the "formDelPortMapping" function directly passes the parameter "portMappingIndex" to strcpy without...

Design/Logic Flaw

The ACF-Frontend-Display plugin through 2015-07-03 for WordPress has arbitrary file upload via an action=upload request to js/blueimp-jQuery-File-Upload-d45deb1/server/php/index.php...

BMC Remedy Action Request System Cross-Site Scripting Vulnerability

BMC Remedy Action Request AR System is a suite of mobile digital enterprise management platforms for IT departments from BMC Software, USA. A cross-site scripting vulnerability exists in version 9.0 of the BMC Remedy Action Request AR System prior to 9.0.00 Service Pack 2 hot fix 1. A remote...

CVE-2018-6654

The Grammarly extension before 2018-02-02 for Chrome allows remote attackers to discover authentication tokens via an 'action: "user"' request to iframe.gr-ifr, because the exposure of these tokens is not restricted to any specific web site...

CVE-2016-10206

Cross-site request forgery CSRF vulnerability in Zoneminder 1.30 and earlier allows remote attackers to hijack the authentication of users for requests that change passwords and possibly have unspecified other impact as demonstrated by a crafted user action request to index.php...

CVE-2016-10206

Cross-site request forgery CSRF vulnerability in Zoneminder 1.30 and earlier allows remote attackers to hijack the authentication of users for requests that change passwords and possibly have unspecified other impact as demonstrated by a crafted user action request to index.php...

CVE-2007-0310

The CVE-2007-0310 entry concerns BMC Remedy Action Request System 5.01.02 Patch 1267. The vulnerability arises because login error messages differ between valid‑username and invalid‑username attempts, allowing remote attackers to enumerate valid account names. Impact stated: attacker can determin...

Remedy Action Request System 5.01.02 - User Enumeration

======================================================= Remedy Action Request System User Enumeration ======================================================= Davide Del Vecchio Adv11 Discovered in: 08/01/2007 Version affected: Remedy Action Request System 5.01.02 Patch 1267. The same vulnerable...