1440 matches found
Stack overflow
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...
CVE-2022-41028
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...
CVE-2022-41024
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...
CVE-2022-41012
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...
CVE-2022-40986
Several stack-based buffer overflow vulnerabilities exist in the DetranCLI command parsing functionality of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network packet can lead to arbitrary command execution. An attacker can send a sequence of requests to trigger these...
CVE-2022-42493
Several OS command injection vulnerabilities exist in the m2m binary of Siretta QUARTZ-GOLD G5.0.1.5-210720-141020. A specially-crafted network request can lead to arbitrary command execution. An attacker can send a network request to trigger these vulnerabilities.This command injection is...
Siretta QUARTZ-GOLD 安全漏洞
The Siretta QUARTZ-GOLD is a high-speed industrial router from Siretta. A buffer overflow vulnerability exists in the Siretta QUARTZ-GOLD G5.0.1.5-210720-141020 version that can be exploited by an attacker to execute arbitrary commands...
PT-2023-13929 · Siretta · Siretta Quartz-Gold
Name of the Vulnerable Software and Affected Versions: Siretta QUARTZ-GOLD version G5.0.1.5-210720-141020 Description: The issue concerns stack-based buffer overflow vulnerabilities in the DetranCLI command parsing functionality. These vulnerabilities can be triggered by a specially-crafted netwo...
PT-2023-13920 · Siretta · Siretta Quartz-Gold
Name of the Vulnerable Software and Affected Versions: Siretta QUARTZ-GOLD version G5.0.1.5-210720-141020 Description: The issue is related to stack-based buffer overflow vulnerabilities in the DetranCLI command parsing functionality. A specially-crafted network packet can lead to arbitrary comma...
PT-2023-13915 · Siretta · Siretta Quartz-Gold
Name of the Vulnerable Software and Affected Versions: Siretta QUARTZ-GOLD version G5.0.1.5-210720-141020 Description: The issue is related to stack-based buffer overflow vulnerabilities in the DetranCLI command parsing functionality. A specially-crafted network packet can lead to arbitrary comma...
PT-2023-13912 · Siretta · Siretta Quartz-Gold
Name of the Vulnerable Software and Affected Versions: Siretta QUARTZ-GOLD version G5.0.1.5-210720-141020 Description: The issue is related to stack-based buffer overflow vulnerabilities in the DetranCLI command parsing functionality. A specially-crafted network packet can lead to arbitrary comma...
GHSA-X73W-G8HX-V7RP electerm allows unauthorized users to execute arbitrary commands
An issue was discovered in Electerm 1.3.22, allows attackers to execute arbitrary commands via unverified request to electerms service...
PT-2023-13985 · Re Logic · Reqlogic
Name of the Vulnerable Software and Affected Versions: ReQlogic version 11.3 Description: The issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the POBatch and WaitDuration parameters. This enables the execution of malicious code on the web...
libXpm 代码问题漏洞
libXpm is a lib open source image file format library. A code issue vulnerability exists in libXpm. An attacker could exploit this vulnerability to execute other programs by manipulating the PATH environment variable...
CVE-2022-46438
A cross-site scripting XSS vulnerability in the /admin/articlecategory.php component of DouPHP v1.7 20221118 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the description parameter...
CVE-2022-46438
A cross-site scripting XSS vulnerability in the /admin/articlecategory.php component of DouPHP v1.7 20221118 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the description parameter...
CVE-2022-44870
A reflected cross-site scripting XSS vulnerability in maccms10 v2022.1000.3032 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter under the AD Management module...
CVE-2022-43524
A vulnerability in the web-based management interface of Aruba EdgeConnect Enterprise Orchestrator could allow an authenticated remote attacker to conduct a stored cross-site scripting XSS attack against an administrative user of the interface. A successful exploit allows an attacker to execute...
CVE-2022-43436 HWA JIUH DIGITAL TECHNOLOGY LTD. EasyTest - Arbitrary File Upload
The File Upload function of EasyTest has insufficient filtering for special characters and file type. A remote attacker authenticated as a general user can upload and execute arbitrary files, to manipulate system or disrupt service...
Rocket.Chat Command Injection Vulnerability
Rocket.Chat is an open source team chat software. A command injection vulnerability exists in versions of Rocket.Chat prior to 3.8.14. The vulnerability stems from a failure of a network system or product to properly filter special characters, commands, etc. during user input to construct and...