Lucene search
K

9794 matches found

0day.today
0day.today
added 2021/06/18 12:0 a.m.57 views

Dlink DSL2750U - (Reboot) Command Injection Exploit

Exploit Title: Dlink DSL2750U - 'Reboot' Command Injection Exploit Author: Mohammed Hadi HadiMed Vendor Homepage: https://me.dlink.com/consumer Software Link: https://dlinkmea.com/index.php/product/details?det=c0lvN0JoeVVhSXh4TVhjTnd1OUpUUT09 Version: ME1.16 Tested on: firmware...

7.4AI score
Exploits0
OPENSUSE Linux
OPENSUSE Linux
added 2021/06/18 12:0 a.m.31 views

Security update for htmldoc (important)

openSUSE Security Update: Security update for htmldoc Announcement ID: openSUSE-SU-2021:0895-1 Rating: important References: 1184424 Cross-References: CVE-2021-20308 CVSS scores: CVE-2021-20308 NVD : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2021-20308 SUSE: 3.3...

3.3CVSS7.5AI score0.02477EPSS
Exploits1References1
CNNVD
CNNVD
added 2021/06/17 12:0 a.m.3 views

Synology Media Server 代码问题漏洞

Synology Media Server provides multimedia services for browsing and playing multimedia contents in Synology NAS via DLNA/UPnP home devices. A server-side request forgery vulnerability exists in the cgi component of Synology Media Server versions prior to 1.8.3-2881. A remote attacker can exploit...

5.8CVSS5.6AI score0.01016EPSS
Exploits0References2
OPENSUSE Linux
OPENSUSE Linux
added 2021/06/17 12:0 a.m.34 views

Security update for htmldoc (important)

openSUSE Security Update: Security update for htmldoc Announcement ID: openSUSE-SU-2021:0893-1 Rating: important References: 1184424 Cross-References: CVE-2021-20308 CVSS scores: CVE-2021-20308 NVD : 9.8 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVE-2021-20308 SUSE: 3.3...

3.3CVSS7.5AI score0.02477EPSS
Exploits1References1
Metasploit
Metasploit
added 2021/06/15 5:50 p.m.46 views

IPFire 2.25 Core Update 156 and Prior pakfire.cgi Authenticated RCE

This module exploits an authenticated command injection vulnerability in the /cgi-bin/pakfire.cgi web page of IPFire devices running versions 2.25 Core Update 156 and prior to execute arbitrary code as the root user. Module Options msf use exploit/linux/http/ipfirepakfireexec msf...

9CVSS9.1AI score0.58725EPSS
Exploits6
Cvelist
Cvelist
added 2021/06/04 8:29 p.m.22 views

CVE-2021-31249

A CRLF injection vulnerability was found on BF-430, BF-431, and BF-450M TCP/IP Converter devices from CHIYU Technology Inc due to a lack of validation on the parameter redirect= available on multiple CGI components...

6.8AI score0.18003EPSS
Exploits4References3
CNNVD
CNNVD
added 2021/06/04 12:0 a.m.7 views

多款Chiyu产品注入漏洞

The Chiyu CHIYU BF-430, etc. are all networking servers that provide communication for access control, time and attendance systems, and other devices from Chiyu Technology Chiyu Inc. of Taiwan, China. A security vulnerability exists in CHIYU Technology Inc's BF-430, BF-431, and BF-450M TCP/IP...

6.5CVSS6.5AI score0.18003EPSS
Exploits4References3
VulnCheck KEV
VulnCheck KEV
added 2021/06/03 12:0 a.m.3 views

VulnCheck KEV: CVE-2020-25494

Xinuos formerly SCO Openserver v5 and v6 allows attackers to execute arbitrary commands via shell metacharacters in outputform or toclevels parameter to cgi-bin/printbook...

9.8CVSS7.5AI score0.39193EPSS
Exploits3References1
Exploit DB
Exploit DB
added 2021/06/03 12:0 a.m.704 views

CHIYU IoT Devices - Denial of Service (DoS)

Exploit Title: CHIYU IoT Devices - Denial of Service DoS Date: 01/06/2021 Exploit Author: sirpedrotavares Vendor Homepage: https://www.chiyu-tech.com/msg/msg88.html Software Link: https://www.chiyu-tech.com/category-hardware.html Version: BIOSENSE, Webpass, and BF-630, BF-631, and SEMAC - all...

6.8CVSS6.6AI score0.4367EPSS
Exploits4
Prion
Prion
added 2021/06/01 2:15 p.m.12 views

Path traversal

Improper limitation of a pathname to a restricted directory 'Path Traversal' in cgi component in Synology DiskStation Manager DSM before 6.2.4-25553 allows local users to execute arbitrary code via unspecified vectors...

4.6CVSS7.7AI score0.00318EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2021/06/01 9:45 a.m.37 views

CVE-2021-33180

Synology Media Server, in the cgi component, is affected by CVE-2021-33180 (pre-1.8.1-2876) due to improper neutralization of input in an SQL command, allowing remote attackers to execute arbitrary SQL via unspecified vectors. Public details consistently cite a SQL injection vulnerability with re...

9.8CVSS9.8AI score0.00992EPSS
Exploits0References1Affected Software1
0day.today
0day.today
added 2021/06/01 12:0 a.m.71 views

CHIYU TCP/IP Converter devices - CRLF injection Vulnerability

Exploit Title: CHIYU TCP/IP Converter devices - CRLF injection Exploit Author: sirpedrotavares Vendor Homepage: https://www.chiyu-tech.com/msg/msg88.html Software Link: https://www.chiyu-tech.com/category-hardware.html Version: BF-430, BF-431, and BF-450M TCP/IP Converter devices - all firmware...

6.5CVSS0.2AI score0.18003EPSS
Exploits4
Packet Storm
Packet Storm
added 2021/06/01 12:0 a.m.299 views

CHIYU TCP/IP Converter CRLF Injection

Exploit Title: CHIYU TCP/IP Converter devices - CRLF injection Date: May 31 2021 Exploit Author: sirpedrotavares Vendor Homepage: https://www.chiyu-tech.com/msg/msg88.html Software Link: https://www.chiyu-tech.com/category-hardware.html Version: BF-430, BF-431, and BF-450M TCP/IP Converter device...

0.1AI score0.18003EPSS
Exploits4
Exploit DB
Exploit DB
added 2021/06/01 12:0 a.m.372 views

CHIYU TCP/IP Converter devices - CRLF injection

Exploit Title: CHIYU TCP/IP Converter devices - CRLF injection Date: May 31 2021 Exploit Author: sirpedrotavares Vendor Homepage: https://www.chiyu-tech.com/msg/msg88.html Software Link: https://www.chiyu-tech.com/category-hardware.html Version: BF-430, BF-431, and BF-450M TCP/IP Converter device...

6.5CVSS6.5AI score0.18003EPSS
Exploits4
OSV
OSV
added 2021/05/25 8:15 p.m.7 views

CVE-2021-20209

A memory leak vulnerability was found in Privoxy before 3.0.29 in the show-status CGI handler when no action files are configured...

7.5CVSS7.4AI score
Exploits0References4
NVD
NVD
added 2021/05/25 8:15 p.m.15 views

CVE-2021-20209

A memory leak vulnerability was found in Privoxy before 3.0.29 in the show-status CGI handler when no action files are configured...

7.5CVSS0.01897EPSS
Exploits0References4
Prion
Prion
added 2021/05/25 8:15 p.m.22 views

Memory corruption

A memory leak vulnerability was found in Privoxy before 3.0.29 in the show-status CGI handler when no action files are configured...

5CVSS7.3AI score0.01897EPSS
Exploits0References4Affected Software1
AlpineLinux
AlpineLinux
added 2021/05/25 8:15 p.m.22 views

CVE-2021-20209

A memory leak vulnerability was found in Privoxy before 3.0.29 in the show-status CGI handler when no action files are configured...

7.5CVSS1.6AI score0.01897EPSS
Exploits0
Cvelist
Cvelist
added 2021/05/25 7:34 p.m.23 views

CVE-2021-20209

A memory leak vulnerability was found in Privoxy before 3.0.29 in the show-status CGI handler when no action files are configured...

7.6AI score0.01897EPSS
Exploits0References4
Debian CVE
Debian CVE
added 2021/05/25 7:34 p.m.21 views

CVE-2021-20209

A memory leak vulnerability was found in Privoxy before 3.0.29 in the show-status CGI handler when no action files are configured...

7.5CVSS7.4AI score0.01897EPSS
Exploits0
Rows per page
Query Builder