7632 matches found
TOTOLINK A6000R apcli_do_enr_pbc_wps function command injection vulnerability
TOTOLINK A6000R is a wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK A6000R suffers from a command injection vulnerability that stems from the ifname parameter in the apclidoenrpbcwps function failing to correctly filter constructed command special characters, commands, and s...
TOTOLINK A6000R Command Injection Vulnerability
TOTOLINK A6000R is a wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK A6000R suffers from a command injection vulnerability that stems from the ifname parameter in the apclicancelwps function failing to properly filter construct command special characters, commands, and so on...
Tenda FH1201 安全漏洞
The Tenda FH1201 is a wireless router from Tenda China. The Tenda FH1201 suffers from a command injection vulnerability, which originates from the cmdinput parameter at /goform/exeCommand failing to correctly filter constructed command special characters, commands, etc. This vulnerability can be...
Tenda FH1201 安全漏洞
The Tenda FH1201 is a wireless router from Tenda China. The Tenda FH1201 suffers from a command injection vulnerability, which originates from the mac parameter of ip/goform/WriteFacMac failing to correctly filter constructed command special characters, commands, etc. The vulnerability can be...
Hewlett Packard Enterprise EdgeConnect SD-WAN 安全漏洞
Hewlett Packard Enterprise EdgeConnect SD-WAN is Hewlett Packard Enterprise's secure network foundation for Zero Trust and SASE. It includes best-in-class SD-WAN and next-generation firewalls that deliver unrivaled quality of experience and advanced security. A security vulnerability exists in...
PT-2024-25292 · Hewlett Packard · Hpe Aruba Networking Edgeconnect Sd-Wan Gateway
Name of the Vulnerable Software and Affected Versions: HPE Aruba Networking EdgeConnect SD-WAN gateway affected versions not specified Description: A vulnerability in the web-based management interface could allow an authenticated remote attacker to conduct a server-side prototype pollution attac...
The vulnerability of the SINEMA Remote Connect VPN service, related to the lack of data cleansing at the management level, allows a perpetrator to execute arbitrary codes.
The vulnerability of the SINEMA Remote Connect VPN service lies in the lack of measures taken at the administrative level for data cleansing. Exploiting this vulnerability could allow an attacker to execute arbitrary commands with system privileges...
CVE-2024-39686
Bert-VITS2 is the VITS2 Backbone with multilingual bert. User input supplied to the datadir variable is used directly in a command executed with subprocess.runcmd, shell=True in the bertgen function, which leads to arbitrary command execution. This affects fishaudio/Bert-VITS2 2.3 and earlier...
CVE-2024-39686 fishaudio/Bert-VITS2 Command Injection in webui_preprocess.py bert_gen function
Bert-VITS2 is the VITS2 Backbone with multilingual bert. User input supplied to the datadir variable is used directly in a command executed with subprocess.runcmd, shell=True in the bertgen function, which leads to arbitrary command execution. This affects fishaudio/Bert-VITS2 2.3 and earlier...
CVE-2024-39686 fishaudio/Bert-VITS2 Command Injection in webui_preprocess.py bert_gen function
Bert-VITS2 is the VITS2 Backbone with multilingual bert. User input supplied to the datadir variable is used directly in a command executed with subprocess.runcmd, shell=True in the bertgen function, which leads to arbitrary command execution. This affects fishaudio/Bert-VITS2 2.3 and earlier...
CVE-2024-39686 fishaudio/Bert-VITS2 Command Injection in webui_preprocess.py bert_gen function
Bert-VITS2 is the VITS2 Backbone with multilingual bert. User input supplied to the datadir variable is used directly in a command executed with subprocess.runcmd, shell=True in the bertgen function, which leads to arbitrary command execution. This affects fishaudio/Bert-VITS2 2.3 and earlier...
CVE-2024-39685 fishaudio/Bert-VITS2 Command Injection in webui_preprocess.py resample function
Bert-VITS2 is the VITS2 Backbone with multilingual bert. User input supplied to the datadir variable is used directly in a command executed with subprocess.runcmd, shell=True in the resample function, which leads to arbitrary command execution. This affects fishaudio/Bert-VITS2 2.3 and earlier...
CVE-2024-39685 fishaudio/Bert-VITS2 Command Injection in webui_preprocess.py resample function
Bert-VITS2 is the VITS2 Backbone with multilingual bert. User input supplied to the datadir variable is used directly in a command executed with subprocess.runcmd, shell=True in the resample function, which leads to arbitrary command execution. This affects fishaudio/Bert-VITS2 2.3 and earlier...
CVE-2024-39685 fishaudio/Bert-VITS2 Command Injection in webui_preprocess.py resample function
Bert-VITS2 is the VITS2 Backbone with multilingual bert. User input supplied to the datadir variable is used directly in a command executed with subprocess.runcmd, shell=True in the resample function, which leads to arbitrary command execution. This affects fishaudio/Bert-VITS2 2.3 and earlier...
CVE-2024-6542
Improper neutralization of livestatus command delimiters in mknotifyd in Checkmk = 2.0.0p39, 2.1.0p47, 2.2.0p32 and 2.3.0p11 allows arbitrary livestatus command execution...
UBUNTU-CVE-2024-6542
Improper neutralization of livestatus command delimiters in mknotifyd in Checkmk = 2.0.0p39, 2.1.0p47, 2.2.0p32 and 2.3.0p11 allows arbitrary livestatus command execution...
PT-2024-8098 · Totolink · Totolink X6000R
Name of the Vulnerable Software and Affected Versions: TOTOLINK A6000R version V1.0.1-B20201211.2000 Description: The issue is related to the apcli wps gen pincode function in the TOTOLINK A6000R router's firmware, which fails to neutralize special elements used in a command when processing the...
TOTOLINK A6000R 安全漏洞
TOTOLINK A6000R is a wireless router from China's Gion Electronics TOTOLINK. The TOTOLINK A6000R suffers from a command injection vulnerability that stems from the ifname parameter in the apclicancelwps function failing to properly filter construct command special characters, commands, and so on...
PT-2024-28624 · Unknown · Bert-Vits2
Name of the Vulnerable Software and Affected Versions: Bert-VITS2 versions 2.3 and earlier Description: The issue arises from user input being directly used in a command executed with subprocess.runcmd, shell=True in the resample function, leading to arbitrary command execution. This is due to th...
PT-2024-28959 · Nuclei · Nuclei
Name of the Vulnerable Software and Affected Versions: Nuclei versions prior to 3.3.0 Description: A way to execute code templates without the -code option and signature has been discovered in Nuclei. This issue affects some web applications that inherit from Nuclei and allow users to edit and...