2392 matches found
Cisco IOS XE SNMP GET-NEXT cilmCurrentImageLevel Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Cisco IOS XE. Authentication is required to exploit this vulnerability. The specific flaw exists within the SNMP service, which listens on UDP port 161 by default. The issue results from the lack of...
Cisco IOS XE SNMP SET cewEventTime Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Cisco IOS XE. Authentication is required to exploit this vulnerability. The specific flaw exists within the SNMP service, which listens on UDP port 161 by default. The issue results from the lack of...
Cisco IOS XE SNMP GET-NEXT ctspIpSgtValue Stack-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Cisco IOS XE. Authentication is required to exploit this vulnerability. The specific flaw exists within the SNMP service, which listens on UDP port 161 by default. The issue results from the lack of...
CVE-2024-6029 Tesla Model S Iris Modem Race Condition Firewall Bypass Vulnerability
Tesla Model S Iris Modem Race Condition Firewall Bypass Vulnerability. This vulnerability allows network-adjacent attackers to bypass the firewall on the Iris modem in affected Tesla Model S vehicles. Authentication is not required to exploit this vulnerability. The specific flaw exists within th...
WordPress NewsBlogger Theme <= 0.2.5.4 is vulnerable to Cross Site Request Forgery (CSRF)
Software NewsBlogger Type Theme Vulnerable versions = 0.2.5.4 Fixed in 0.2.5.5 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2025-1305 Patch priority Low CVSS severity Low 8.8 Developer Claim ownership PSID 0ec134d8edb7 Credits Gibran Abdillah...
PT-2025-18208 · Red Hat · Keycloak
Name of the Vulnerable Software and Affected Versions: Keycloak affected versions not specified Description: A flaw was found in Keycloak, specifically in the org.keycloak.authorization package, which may be vulnerable to circumventing required actions. This allows users to bypass requirements su...
CVE-2025-1050
Sonos Era 300 Out-of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected Sonos Era 300 speakers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of...
CVE-2025-1522
PostHog databaseschema Server-Side Request Forgery Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PostHog. Authentication is required to exploit this vulnerability. The specific flaw exists within the...
CVE-2025-1521
PostHog slackincomingwebhook Server-Side Request Forgery Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PostHog. Authentication is required to exploit this vulnerability. The specific flaw exists with...
Allegra extractFileFromZip Directory Traversal Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Authentication is required to exploit this vulnerability. The specific flaw exists within the implementation of the extractFileFromZip method. The issue results from the lack of proper...
PT-2025-17875 · Allegra +1 · Allegra
Name of the Vulnerable Software and Affected Versions: Allegra affected versions not specified Description: This issue allows remote attackers to execute arbitrary code on affected installations of Allegra. The specific flaw exists within the implementation of the isZipEntryValide method, which...
Allegra isZipEntryValide Directory Traversal Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Allegra. Authentication is required to exploit this vulnerability. The specific flaw exists within the implementation of the isZipEntryValide method. The issue results from the lack of proper...
GHSA-V64V-FQ96-C5WV PostHog Plugin Server SQL Injection Vulnerability
PostHog ClickHouse Table Functions SQL Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of PostHog. Authentication is required to exploit this vulnerability. The specific flaw exists within the...
PostHog Plugin Server SQL Injection Vulnerability
PostHog ClickHouse Table Functions SQL Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of PostHog. Authentication is required to exploit this vulnerability. The specific flaw exists within the...
CVE-2025-1520
PostHog ClickHouse Table Functions SQL Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of PostHog. Authentication is required to exploit this vulnerability. The specific flaw exists within the...
CVE-2025-1522
PostHog databaseschema Server-Side Request Forgery Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PostHog. Authentication is required to exploit this vulnerability. The specific flaw exists within the...
CVE-2025-1521
PostHog slackincomingwebhook Server-Side Request Forgery Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PostHog. Authentication is required to exploit this vulnerability. The specific flaw exists with...
CVE-2025-1520
PostHog ClickHouse Table Functions SQL Injection Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of PostHog. Authentication is required to exploit this vulnerability. The specific flaw exists within the...
CVE-2025-1522
PostHog databaseschema Server-Side Request Forgery Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PostHog. Authentication is required to exploit this vulnerability. The specific flaw exists within the...
CVE-2025-1521
PostHog slackincomingwebhook Server-Side Request Forgery Information Disclosure Vulnerability. This vulnerability allows remote attackers to disclose sensitive information on affected installations of PostHog. Authentication is required to exploit this vulnerability. The specific flaw exists with...