CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

7643 matches found

CNVD•added 2023/02/01 12:0 a.m.•19 views

Siretta QUARTZ-GOLD Buffer Overflow Vulnerability (CNVD-2023-17067)

Siretta QUARTZ-GOLD is an industrial router with multiple features and services.A buffer overflow vulnerability exists in Siretta QUARTZ-GOLD, which can be exploited by attackers to cause arbitrary command execution by sending specially crafted network packets...

9.8CVSS6.9AI score0.01666EPSS

Exploits1References1

CNVD•added 2023/02/01 12:0 a.m.•29 views

Siretta QUARTZ-GOLD Buffer Overflow Vulnerability (CNVD-2023-17066)

9.8CVSS6.9AI score0.01666EPSS

Exploits1References1

VulnCheck KEV•added 2023/02/01 12:0 a.m.•2 views

VulnCheck KEV: CVE-2023-26802

An issue in the component /networkconfig/nsgmasq.cgi of DCN Digital China Networks DCBI-Netlog-LAB v1.0 allows attackers to bypass authentication and execute arbitrary commands via a crafted request...

9.8CVSS7.5AI score0.4871EPSS

Exploits1References1

CNNVD•added 2023/02/01 12:0 a.m.•4 views

Dell PowerScale OneFS 命令注入漏洞

Dell PowerScale OneFS is an operating system from Dell USA Inc. Dell PowerScale OneFS is a command injection vulnerability that can be exploited by attackers to cause arbitrary command execution, denial of service, information disclosure, and data deletion...

6.7CVSS7.5AI score0.00637EPSS

Exploits0References2

CNVD•added 2023/02/01 12:0 a.m.•22 views

Siretta QUARTZ-GOLD Buffer Overflow Vulnerability (CNVD-2023-17070)

7.2CVSS6.9AI score0.02351EPSS

Exploits1References1

Veracode•added 2023/01/31 10:52 a.m.•16 views

Arbitrary Command Execution

openmage/magento-lts is vulnerable to Arbitrary Command Execution. The vulnerability is due to the validateAgainstBlockMethodBlacklist function in Security.php which doesn't prevent custom layout enabled admin users from executing malicious commands via block methods...

7.2CVSS7AI score0.01319EPSS

Exploits0References6Affected Software1

BDU FSTEC•added 2023/01/31 12:0 a.m.•5 views

The vulnerability of the UI Desktop software lies in its lack of access control mechanisms, allowing a perpetrator to execute arbitrary commands.

The vulnerability of the UI Desktop software is related to deficiencies in access control. Exploiting this vulnerability can allow an attacker to execute arbitrary commands...

7.8CVSS7.5AI score0.00166EPSS

Exploits0References3Affected Software1

NVD•added 2023/01/30 11:15 a.m.•23 views

CVE-2022-42484

An OS command injection vulnerability exists in the httpd logs/view.cgi functionality of FreshTomato 2022.5. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can send an HTTP request to trigger this vulnerability...

9.8CVSS9.6AI score0.06013EPSS

Exploits1References2

Vulnrichment•added 2023/01/30 10:12 a.m.•18 views

CVE-2022-42484

9.1CVSS9.7AI score0.06013EPSS

Exploits1References1

Cvelist•added 2023/01/30 10:12 a.m.•26 views

CVE-2022-42484

9.1CVSS9.9AI score0.06013EPSS

Exploits1References1

CVE•added 2023/01/30 10:12 a.m.•62 views

CVE-2022-42484

CVE-2022-42484 affects FreshTomato 2022.5 in the httpd logs/view.cgi OS command injection. TALOS reports confirm an OS command injection vulnerability (and related directory traversal) that can trigger arbitrary code execution via crafted HTTP requests. Impact is remote command execution with web...

9.8CVSS9.7AI score0.06013EPSS

Exploits1References2Affected Software1

CNVD•added 2023/01/30 12:0 a.m.•21 views

Siretta QUARTZ-GOLD Buffer Overflow Vulnerability (CNVD-2023-17073)

Siretta QUARTZ-GOLD is a high-speed dual-port Gigabit Ethernet industrial router from Siretta.The Siretta QUARTZ-GOLD is vulnerable to a buffer overflow vulnerability that can be exploited by attackers to cause arbitrary command execution via specially crafted network packets...

9.8CVSS6.9AI score0.02692EPSS

Exploits1References1

CNVD•added 2023/01/30 12:0 a.m.•22 views

Siretta QUARTZ-GOLD OS Command Injection Vulnerability (CNVD-2023-17081)

Siretta QUARTZ-GOLD is a high-speed dual-port Gigabit Ethernet industrial router from Siretta.The Siretta QUARTZ-GOLD is vulnerable to an operating system command injection vulnerability that could be exploited by an attacker to cause arbitrary command execution by sending a crafted network reque...

9.8CVSS5AI score0.03233EPSS

Exploits0References1

CNVD•added 2023/01/30 12:0 a.m.•22 views

Siretta QUARTZ-GOLD Buffer Overflow Vulnerability (CNVD-2023-17085)

Siretta QUARTZ-GOLD is a high-speed dual-port Gigabit Ethernet industrial router from Siretta.The Siretta QUARTZ-GOLD is vulnerable to a buffer overflow vulnerability that could be exploited by an attacker to cause arbitrary command execution by sending a specially crafted network packet...

9.8CVSS5.2AI score0.01666EPSS

Exploits1References1

CNVD•added 2023/01/30 12:0 a.m.•29 views

Siretta QUARTZ-GOLD OS Command Injection Vulnerability (CNVD-2023-17093)

9.8CVSS5AI score0.03499EPSS

Exploits0References1

CNNVD•added 2023/01/30 12:0 a.m.•10 views

FreshTomato 操作系统命令注入漏洞

FreshTomato is a Linux-based open source firmware from FreshTomato Open Source. The firmware provides a variety of features for Broadcom-based routers. A security vulnerability exists in FreshTomato version 2022.5 that stems from the presence of operating system command injection, which can be...

9.8CVSS8.5AI score0.06013EPSS

Exploits1References3

CNVD•added 2023/01/30 12:0 a.m.•22 views

Siretta QUARTZ-GOLD Buffer Overflow Vulnerability (CNVD-2023-17091)

7.2CVSS6.8AI score0.01665EPSS

Exploits1References1

CNVD•added 2023/01/30 12:0 a.m.•26 views

Siretta QUARTZ-GOLD Buffer Overflow Vulnerability (CNVD-2023-17090)

7.2CVSS6.8AI score0.01716EPSS

Exploits1References1

CNVD•added 2023/01/30 12:0 a.m.•21 views

Siretta QUARTZ-GOLD Buffer Overflow Vulnerability (CNVD-2023-17088)