428 matches found
PT-2026-3241
Name of the Vulnerable Software and Affected Versions Mattermost versions 10.11.0 through 10.11.8 Description Mattermost versions 10.11.x up to and including 10.11.8 do not properly validate the size of input before processing hashtags. This allows an authenticated attacker to consume excessive C...
CVE-2023-49909
A stack-based buffer overflow vulnerability exists in the web interface Radio Scheduling functionality of Tp-Link AC1350 Wireless MU-MIMO Gigabit Access Point EAP225 V3 v5.1.0 Build 20220926. A specially crafted series of HTTP requests can lead to remote code execution. An attacker can make an...
CVE-2024-34544
A command injection vulnerability exists in the wireless.cgi AddMac functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability...
CVE-2024-39360
An os command injection vulnerability exists in the nas.cgi removedir functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary code execution. An attacker can make an authenticated HTTP request to trigger this vulnerability...
CVE-2024-39359
A stack-based buffer overflow vulnerability exists in the wireless.cgi DeleteMac functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger this vulnerability...
CVE-2024-39764
Multiple OS command injection vulnerabilities exist in the internet.cgi setaddrouting functionality of Wavlink AC3000 M33A8.V5030.210505. A specially crafted HTTP request can lead to arbitrary command execution. An attacker can make an authenticated HTTP request to trigger these vulnerabilities.A...
Sierra Wireless AirLink ALEOS Unrestricted Upload of File with Dangerous Type Vulnerability
Sierra Wireless AirLink ALEOS contains an unrestricted upload of file with dangerous type vulnerability. A specially crafted HTTP request can upload a file, resulting in executable code being uploaded, and routable, to the webserver. An attacker can make an authenticated HTTP request to trigger...
CVE-2025-34133
Wimi Teamwork versions prior to 7.38.17 contains a cross-site request forgery CSRF vulnerability in its API. The API accepts any authenticated request that contains a JSON field named 'csrftoken' without validating the field’s value; only the presence of the field is checked. An attacker can craf...
EUVD-2017-7539
Malware in sbrugna...
EUVD-2020-5773
Malware in sbrugna...
EUVD-2017-7535
Malware in sbrugna...
EUVD-2020-19747
Malware in sbrugna...
EUVD-2020-27289
Malware in sbrugna...
EUVD-2017-7517
Malware in sbrugna...
EUVD-2020-19749
Malware in sbrugna...
EUVD-2020-27288
Malware in sbrugna...
EUVD-2017-7527
Malware in sbrugna...
EUVD-2017-7460
Malware in sbrugna...
EUVD-2020-19757
Malware in sbrugna...
EUVD-2017-7540
Malware in sbrugna...