2391 matches found
PT-2023-7976 · Tp Link · Tp-Link Tl-Wr902Ac
Name of the Vulnerable Software and Affected Versions: TP-Link TL-WR902AC affected versions not specified Description: This issue allows network-adjacent attackers to execute arbitrary code on affected installations of TP-Link TL-WR902AC routers. Authentication is required to exploit this issue...
PT-2023-19551 · Unknown · Wesecur Security Plugin
Name of the Vulnerable Software and Affected Versions: WeSecur Security plugin versions 1.2.1 and earlier Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability that requires authentication with admin+ privileges. Recommendations: For WeSecur Security plugin versions...
PT-2023-8299 · D Link · D-Link Dir-X3260
Name of the Vulnerable Software and Affected Versions: D-Link DIR-X3260 affected versions not specified Description: This issue allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. The specific flaw exists within the prog.cgi binary,...
PT-2023-8298 · D Link · D-Link Dir-X3260
Name of the Vulnerable Software and Affected Versions: D-Link DIR-X3260 affected versions not specified Description: This issue allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. The specific flaw exists within the prog.cgi binary,...
PT-2023-8300 · D Link · D-Link Dir-X3260
Name of the Vulnerable Software and Affected Versions: D-Link DIR-X3260 affected versions not specified Description: This issue allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. The specific flaw exists within the prog.cgi binary,...
PT-2023-5824 · D Link · D-Link Dir-3040
Name of the Vulnerable Software and Affected Versions: D-Link DIR-3040 affected versions not specified Description: This issue allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. The specific flaw exists within the prog.cgi binary, whi...
PT-2023-5830 · D Link · D-Link Dir-3040
Name of the Vulnerable Software and Affected Versions: D-Link DIR-3040 affected versions not specified Description: This issue allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. The specific flaw exists within the prog.cgi binary, whi...
PT-2023-5826 · D Link · D-Link Dir-3040
Name of the Vulnerable Software and Affected Versions: D-Link DIR-3040 affected versions not specified Description: This issue allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. The flaw exists within the prog.cgi binary, which handle...
PT-2023-5821 · D Link · D-Link Dir-3040
Name of the Vulnerable Software and Affected Versions: D-Link DIR-3040 versions affected versions not specified Description: The issue is related to a stack-based buffer overflow vulnerability in the SetMyDLinkRegistration function of the D-Link DIR-3040 router's prog.cgi binary. This vulnerabili...
PT-2023-5829 · D Link · D-Link Dir-3040
Name of the Vulnerable Software and Affected Versions: D-Link DIR-3040 affected versions not specified Description: This issue allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. The specific flaw exists within the prog.cgi binary, whi...
PT-2023-5822 · D Link · D-Link Dir-3040
Name of the Vulnerable Software and Affected Versions: D-Link DIR-3040 affected versions not specified Description: This issue allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. The specific flaw exists within the prog.cgi binary, whi...
Part 1: An In-Depth Look at the Latest Vulnerability Threat Landscape
The number of vulnerabilities is steadily increasing over the years, as evidenced by the 206,000 vulnerabilities reported and still counting in the National Vulnerability Database NVD. With each subsequent year, this trend has persisted since 2016, surpassing the previous vulnerability count. In...
PT-2023-8307 · D Link · D-Link Dir-X3260
Name of the Vulnerable Software and Affected Versions: D-Link DIR-X3260 affected versions not specified Description: This issue allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-X3260 routers. The specific flaw exists within the prog.cgi binary,...
PT-2023-4998 · D Link · D-Link Dir-3040
Name of the Vulnerable Software and Affected Versions: D-Link DIR-3040 affected versions not specified Description: This issue allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DIR-3040 routers. The specific flaw exists within the prog.cgi binary, whi...
CVE-2023-20116
A vulnerability in the Administrative XML Web Service AXL API of Cisco Unified Communications Manager Unified CM and Cisco Unified Communications Manager Session Management Edition Unified CM SME could allow an authenticated, remote attacker to cause a denial of service DoS condition on an affect...
CVE-2023-32537
Affected versions Trend Micro Apex Central on-premise are vulnerable to potential authenticated reflected cross-site scripting XSS attacks due to user input validation and sanitization issues. Please note: an attacker must first obtain authentication to Apex Central on the target system in order ...
CVE-2023-31213
Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in WPBakery Page Builder plugin = 6.13.0 versions...
PT-2023-24293 · Repute Infosystems · Armember
Name of the Vulnerable Software and Affected Versions: Repute InfoSystems ARMember plugin versions prior to 4.0.3 Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability that requires authentication with admin+ privileges. Recommendations: For versions prior to 4.0.3,...
PT-2023-19221 · Qumos · Qumos Mojoplug Slide Panel Plugin
Name of the Vulnerable Software and Affected Versions: Qumos MojoPlug Slide Panel plugin versions prior to 1.1.3 Description: The issue is related to a Stored Cross-Site Scripting XSS vulnerability that requires authentication with admin or higher privileges. Recommendations: For Qumos MojoPlug...
CVE-2023-24261
A vulnerability in GL.iNET GL-E750 Mudi before firmware v3.216 allows authenticated attackers to execute arbitrary code via a crafted POST request...