54 matches found
EUVD-2023-30383
Malicious code in bioql PyPI...
EUVD-2023-28560
Malicious code in bioql PyPI...
EUVD-2021-8131
Malicious code in bioql PyPI...
EUVD-2023-28482
Malicious code in bioql PyPI...
EUVD-2022-46485
Malicious code in bioql PyPI...
EUVD-2022-37746
Malicious code in bioql PyPI...
CVE-2023-24544
Improper access control vulnerability in Buffalo network devices allows a network-adjacent attacker to obtain specific files of the product. As a result, the product settings may be altered. The affected products and versions are as follows: BS-GSL2024 firmware Ver. 1.10-0.03 and earlier,...
CVE-2022-34840
Use of hard-coded credentials vulnerability in multiple Buffalo network devices allows a network-adjacent attacker to alter?configuration settings of the device. The affected products/versions are as follows: WZR-300HP firmware Ver. 2.00 and earlier, WZR-450HP firmware Ver. 2.00 and earlier,...
CVE-2022-43486
Hidden functionality vulnerability in Buffalo network devices allows a network-adjacent attacker with an administrative privilege to enable the debug functionalities and execute an arbitrary command on the affected devices...
CVE-2022-43466
OS command injection vulnerability in Buffalo network devices allows a network-adjacent attacker with an administrative privilege to execute an arbitrary OS command if a specially crafted request is sent to a specific CGI program...
CVE-2022-43443
OS command injection vulnerability in Buffalo network devices allows an network-adjacent attacker to execute an arbitrary OS command if a specially crafted request is sent to the management page...
CVE-2022-40966
Authentication bypass vulnerability in multiple Buffalo network devices allows a network-adjacent attacker to bypass authentication and access the device. The affected products/versions are as follows: WCR-300 firmware Ver. 1.87 and earlier, WHR-HP-G300N firmware Ver. 2.00 and earlier, WHR-HP-GN...
CVE-2023-26588
Use of hard-coded credentials vulnerability in Buffalo network devices allows an attacker to access the debug function of the product. The affected products and versions are as follows: BS-GSL2024 firmware Ver. 1.10-0.03 and earlier, BS-GSL2016P firmware Ver. 1.10-0.03 and earlier, BS-GSL2016...
CVE-2023-24544
Improper access control vulnerability in Buffalo network devices allows a network-adjacent attacker to obtain specific files of the product. As a result, the product settings may be altered. The affected products and versions are as follows: BS-GSL2024 firmware Ver. 1.10-0.03 and earlier,...
CVE-2023-24464
Stored-cross-site scripting vulnerability in Buffalo network devices allows an attacker with access to the web management console of the product to execute arbitrary JavaScript on a legitimate user's web browser. The affected products and versions are as follows: BS-GS2008 firmware Ver. 1.0.10.01...
Improper access control
Improper access control vulnerability in Buffalo network devices allows a network-adjacent attacker to obtain specific files of the product. As a result, the product settings may be altered. The affected products and versions are as follows: BS-GSL2024 firmware Ver. 1.10-0.03 and earlier,...
Hardcoded credentials
Use of hard-coded credentials vulnerability in Buffalo network devices allows an attacker to access the debug function of the product. The affected products and versions are as follows: BS-GSL2024 firmware Ver. 1.10-0.03 and earlier, BS-GSL2016P firmware Ver. 1.10-0.03 and earlier, BS-GSL2016...
Cross site scripting
Stored-cross-site scripting vulnerability in Buffalo network devices allows an attacker with access to the web management console of the product to execute arbitrary JavaScript on a legitimate user's web browser. The affected products and versions are as follows: BS-GS2008 firmware Ver. 1.0.10.01...
CVE-2023-24544
Improper access control vulnerability in Buffalo network devices allows a network-adjacent attacker to obtain specific files of the product. As a result, the product settings may be altered. The affected products and versions are as follows: BS-GSL2024 firmware Ver. 1.10-0.03 and earlier,...
CVE-2023-26588
Use of hard-coded credentials vulnerability in Buffalo network devices allows an attacker to access the debug function of the product. The affected products and versions are as follows: BS-GSL2024 firmware Ver. 1.10-0.03 and earlier, BS-GSL2016P firmware Ver. 1.10-0.03 and earlier, BS-GSL2016...