CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

11 matches found

OSV•added 2024/10/03 7:15 p.m.•2 views

CVE-2024-41595

DrayTek Vigor310 devices through 4.3.2.6 allow a remote attacker to change settings or cause a denial of service via .cgi pages because of missing bounds checks on read and write operations...

8CVSS5.8AI score

Exploits0References2

CVE•added 2024/10/03 12:0 a.m.•55 views

CVE-2024-41595

CVE-2024-41595 affects DrayTek Vigor310 devices up to firmware 4.3.2.6, with a flaw in CGI handling (read/write operations) due to missing bounds checks. This enables a remote attacker to change settings or cause a denial of service via the web UI. Red Hat and NVD corroborate the vulnerability de...

8CVSS6.9AI score0.00424EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2024/10/03 12:0 a.m.•17 views

CVE-2024-41595

DrayTek Vigor310 devices through 4.3.2.6 allow a remote attacker to change settings or cause a denial of service via .cgi pages because of missing bounds checks on read and write operations...

7.2AI score0.00424EPSS

Exploits0References2

Cvelist•added 2024/10/03 12:0 a.m.•16 views

CVE-2024-41595

DrayTek Vigor310 devices through 4.3.2.6 allow a remote attacker to change settings or cause a denial of service via .cgi pages because of missing bounds checks on read and write operations...

0.00424EPSS

Exploits0References2

OSV•added 2020/12/31 8:15 a.m.•0 views

CVE-2020-35743

HGiga MailSherlock contains a SQL injection flaw. Attackers can inject and launch SQL commands in a URL parameter of specific cgi pages...

7.6CVSS7.2AI score0.00255EPSS

Exploits0References1

Prion•added 2020/12/31 8:15 a.m.•10 views

Sql injection

HGiga MailSherlock contains a SQL injection flaw. Attackers can inject and launch SQL commands in a URL parameter of specific cgi pages...

6.5CVSS7.9AI score0.00255EPSS

Exploits0References1Affected Software4

Cvelist•added 2020/12/31 7:45 a.m.•15 views

CVE-2020-35743 HGiga MailSherlock - SQL Injection -3

HGiga MailSherlock contains a SQL injection flaw. Attackers can inject and launch SQL commands in a URL parameter of specific cgi pages...

7CVSS8AI score0.00255EPSS

Exploits0References1

NVD•added 2017/12/19 2:29 a.m.•16 views

CVE-2017-17106

Credentials for Zivif PR115-204-P-RS V2.3.4.2103 Webcams can be obtained by an unauthenticated remote attacker using a standard web /cgi-bin/hi3510/param.cgi?cmd=getuser HTTP request. This vulnerability exists because of a lack of authentication checks in requests to CGI pages...

10CVSS9.6AI score0.25054EPSS

Exploits5References3

Prion•added 2017/12/19 2:29 a.m.•16 views

Design/Logic Flaw

10CVSS9.5AI score0.25054EPSS

Exploits5References3Affected Software1

Cvelist•added 2017/12/18 5:0 p.m.•19 views

CVE-2017-17106

9.6AI score0.25054EPSS

Exploits5References3

seebug.org•added 2014/07/01 12:0 a.m.•26 views

Samsung DVR Firmware 1.10 - Authentication Bypass

No description provided by source. Title: Samsung DVR authentication bypass Version affected: firmware version = 1.10 Vendor: Samsung - www.samsung-security.com Discovered by: Andrea Fabrizi Email: [email protected] Web: http://www.andreafabrizi.it Twitter: @andreaf83 Status: unpatched...

7.1AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by