Lucene search
+L

253 matches found

OSV
OSV
added 2024/10/06 7:15 p.m.4 views

CVE-2024-9559

A vulnerability was found in D-Link DIR-605L 2.13B01 BETA. It has been classified as critical. Affected is the function formWlanSetup of the file /goform/formWlanSetup. The manipulation of the argument webpage leads to buffer overflow. It is possible to launch the attack remotely. The exploit has...

8.8CVSS6.2AI score0.01414EPSS
Exploits1References5
OSV
OSV
added 2024/10/06 9:15 a.m.2 views

CVE-2024-9550

A vulnerability was found in D-Link DIR-605L 2.13B01 BETA. It has been classified as critical. Affected is the function formLogDnsquery of the file /goform/formLogDnsquery. The manipulation of the argument curTime leads to buffer overflow. It is possible to launch the attack remotely. The exploit...

8.8CVSS7.5AI score0.01505EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2024/09/26 12:0 a.m.4 views

PT-2024-7242 · D Link · Dir-605L

Name of the Vulnerable Software and Affected Versions: D-Link DIR-605L version 2.13B01 BETA Description: A critical issue affects the function formSetWanNonLogin of the file /goform/formSetWanNonLogin. The manipulation of the argument webpage leads to buffer overflow. This can be exploited...

9CVSS8.9AI score0.01414EPSS
Exploits1References14
Positive Technologies
Positive Technologies
added 2024/09/26 12:0 a.m.8 views

PT-2024-7235 · D Link · D-Link Dir-605L

Name of the Vulnerable Software and Affected Versions: D-Link DIR-605L version 2.13B01 BETA Description: The issue is related to a buffer overflow vulnerability in the formSetWanL2TP function of the /goform/formSetWanL2TP file. This vulnerability can be exploited by sending a specially crafted PO...

9CVSS8.9AI score0.01414EPSS
Exploits1References15
Positive Technologies
Positive Technologies
added 2024/09/26 12:0 a.m.6 views

PT-2024-7246 · D Link · D-Link Dir-605L

Name of the Vulnerable Software and Affected Versions: D-Link DIR-605L version 2.13B01 BETA Description: A critical issue has been found in the function formSetEasy Wizard of the file /goform/formSetEasy Wizard. The manipulation of the argument curTime leads to buffer overflow. This can be...

9CVSS8.9AI score0.01376EPSS
Exploits1References13
vulnersOsv
vulnersOsv
added 2024/09/11 7:20 p.m.4 views

actix-session-surrealdb (>=0.1.0 <=0.1.5) potentially affected by unknown CVE via surrealdb (=1.0.0-beta.9)

surrealdb CARGO version =1.0.0-beta.9 is affected by a known vulnerability. The following packages have a transitive dependency on surrealdb and may be impacted: - actix-session-surrealdb =0.1.0, =0.1.5 Source cves: unknown CVE Source advisory: OSV:GHSA-64F8-PJGR-9WMR...

5.8AI score
Exploits0
CNNVD
CNNVD
added 2024/05/18 12:0 a.m.5 views

MSI Afterburner 安全漏洞

Micro-Star International Afterburner is a graphics card overclocking utility program from Micro-Star International Taiwan, China. A security vulnerability exists in MSI Afterburner v4.6.6.16381 Beta 3, which stems from the presence of an ACL bypass...

7.8CVSS6.8AI score0.00221EPSS
Exploits0References4
OSV
OSV
added 2024/03/06 11:9 a.m.43 views

BIT-DISCOURSE-2021-39161 Cross-site scripting via category name in Discourse

Discourse is an open source platform for community discussion. In affected versions category names can be used for Cross-site scriptingXSS attacks. This is mitigated by Discourse's default Content Security Policy and this vulnerability only affects sites which have modified or disabled or changed...

5.4CVSS5.4AI score0.00413EPSS
Exploits0References2
OSV
OSV
added 2024/03/06 10:59 a.m.67 views

BIT-DISCOURSE-2023-25819 Discourse tags with no visibility are leaking into og:article:tag

Discourse is an open source platform for community discussion. Tags that are normally private are showing in metadata. This affects any site running the tests-passed or beta branches = 3.1.0.beta2. The issue is patched in the latest beta and tests-passed version of Discourse...

5.3CVSS5.5AI score0.00495EPSS
Exploits0References3
GithubExploit
GithubExploit
added 2024/02/16 5:14 p.m.143 views

Exploit for Use of Hard-coded Credentials in Gog Galaxy

GOG Galaxy - Research Artifacts Repository Structure This...

8.8CVSS7.3AI score0.03778EPSS
Exploits6
CNNVD
CNNVD
added 2023/12/12 12:0 a.m.3 views

Laf Information Disclosure Vulnerability

Laf is a cloud development platform from labring labs. An information disclosure vulnerability exists in versions prior to Laf 1.0.0-beta.13. The vulnerability stems from lax control of the LAF application enV, which leads to the disclosure of sensitive information in the configmap...

9.1CVSS6.2AI score0.00796EPSS
Exploits1References4
Kitploit
Kitploit
added 2023/11/04 11:30 a.m.42 views

TEx - Telegram Monitor

TEx is a Telegram Explorer tool created to help Researchers, Investigators and Law Enforcement Agents to Collect and Process the Huge Amount of Data Generated from Criminal, Fraud, Security and Others Telegram Groups. BETA VERSION Please note that this project has been in beta for a few weeks, so...

7.2AI score
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2023/09/21 10:15 p.m.7 views

CVE-2023-42261

Mobile Security Framework MobSF =v3.7.8 Beta is vulnerable to Insecure Permissions. NOTE: the vendor's position is that authentication is intentionally not implemented because the product is not intended for an untrusted network environment. Use cases requiring authentication could, for example,...

7.5CVSS5.8AI score0.00691EPSS
Exploits1References5
CNNVD
CNNVD
added 2023/05/31 12:0 a.m.6 views

Dcat Admin 跨站脚本漏洞

Dcat Admin is a backend system builder based on the secondary development of laravel-admin by Jiang Qinghua, an individual developer. A security vulnerability exists in Dcat Admin v2.1.3-beta that could allow an attacker to execute arbitrary web script or HTML via URL parameter injection with a...

5.4CVSS6.1AI score0.00398EPSS
Exploits1References2
Cvelist
Cvelist
added 2023/05/30 5:24 a.m.36 views

CVE-2023-33193 Emby Server Proxy Header Spoofing Vulnerability

Emby Server is a user-installable home media server which stores and organizes a user's media files of virtually any format and makes them available for viewing at home and abroad on a broad range of client devices. This vulnerability may allow administrative access to an Emby Server system,...

9.1CVSS9.5AI score0.01699EPSS
Exploits0References1
OSV
OSV
added 2023/05/16 2:15 p.m.3 views

CVE-2023-31576

An arbitrary file upload vulnerability in Serendipity 2.4-beta1 allows attackers to execute arbitrary code via a crafted HTML or Javascript file...

8.8CVSS7.6AI score0.01062EPSS
Exploits1References1
CNNVD
CNNVD
added 2023/05/16 12:0 a.m.5 views

Serendipity 代码问题漏洞

Serendipity is a PHP-based blogging system from the Serendipity team. The system supports the creation of online journals, blogs, web pages and more. A security vulnerability exists in Serendipity version 2.4-beta1. An attacker can exploit the vulnerability to execute arbitrary code via specially...

8.8CVSS8.5AI score0.01062EPSS
Exploits1References2
VulnCheck KEV
VulnCheck KEV
added 2023/03/21 12:0 a.m.4 views

VulnCheck KEV: CVE-2019-18818

strapi before 3.0.0-beta.17.5 mishandles password resets within packages/strapi-admin/controllers/Auth.js and packages/strapi-plugin-users-permissions/controllers/Auth.js...

9.8CVSS7.3AI score0.97639EPSS
Exploits13References1
SUSE CVE
SUSE CVE
added 2023/02/15 4:52 a.m.5 views

SUSE CVE-2017-2839

An exploitable denial of service vulnerability exists within the handling of challenge packets in FreeRDP 2.0.0-beta1+android11. A specially crafted challenge packet can cause the program termination leading to a denial of service condition. An attacker can compromise the server or use man in the...

6.5CVSS8.6AI score0.01722EPSS
Exploits1References7
SUSE CVE
SUSE CVE
added 2023/02/15 4:16 a.m.3 views

SUSE CVE-2019-6472

A packet containing a malformed DUID can cause the Kea DHCPv6 server process kea-dhcp6 to exit due to an assertion failure. Versions affected: 1.4.0 to 1.5.0, 1.6.0-beta1, and 1.6.0-beta2...

6.5CVSS6.4AI score0.00796EPSS
Exploits0References3
Rows per page
Query Builder