Lucene search
K

9795 matches found

Cvelist
Cvelist
added 2021/03/01 9:1 p.m.23 views

CVE-2021-26475

EPrints 3.4.2 exposes a reflected XSS opportunity in the via a cgi/cal URI...

6.1AI score0.06115EPSS
Exploits1References2
Cvelist
Cvelist
added 2021/03/01 9:1 p.m.14 views

CVE-2021-26476

EPrints 3.4.2 allows remote attackers to execute OS commands via crafted LaTeX input to a cgi/cal?year= URI...

9.8AI score0.03057EPSS
Exploits1References2
Cvelist
Cvelist
added 2021/03/01 9:1 p.m.18 views

CVE-2021-26702

EPrints 3.4.2 exposes a reflected XSS opportunity in the dataset parameter to the cgi/datasetdictionary URI...

6.1AI score0.02663EPSS
Exploits1References2
CNNVD
CNNVD
added 2021/03/01 12:0 a.m.5 views

EPrints 跨站脚本漏洞

EPrints is a free open source software package for building open access repositories compliant with the OAI-PMH protocol. A reflected cross-site scripting vulnerability exists in the year parameter of the cgi/cal URI in EPrints 3.4.2. No detailed vulnerability details are provided at this time...

6.1CVSS5.1AI score0.06115EPSS
Exploits1References3
CNNVD
CNNVD
added 2021/03/01 12:0 a.m.5 views

EPrints 安全漏洞

EPrints is a free open source software package for building open access repositories compliant with the OAI-PMH protocol. EPrints 3.4.2 suffers from a command injection vulnerability. A remote attacker can exploit this vulnerability by entering specially crafted data into cgi/cal?year= URI to...

9.8CVSS6AI score0.03057EPSS
Exploits1References3
Zero Day Initiative
Zero Day Initiative
added 2021/02/24 12:0 a.m.41 views

D-Link DAP-2020 webproc getpage Stack-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2020 Wi-Fi access points. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of CGI scripts. When parsing the getpage...

8.8CVSS5AI score0.026EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2021/02/24 12:0 a.m.40 views

D-Link DAP-2020 WEB_CmdFileList Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-2020 Wi-Fi access points. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of CGI scripts. The issue results from the...

8.8CVSS2.3AI score0.05089EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2021/02/24 12:0 a.m.46 views

D-Link DAP-2020 errorpage External Control of File Name Information Disclosure Vulnerability

This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of D-Link DAP-2020 Wi-Fi access points. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of CGI scripts. When parsing the...

6.5CVSS1.6AI score0.66045EPSS
Exploits0References1
Mageia
Mageia
added 2021/02/19 10:27 a.m.30 views

Updated privoxy package fixes security vulnerabilities

Fixed a memory leak when decompression fails "unexpectedly". CVE-2021-20216 Prevent an assertion from getting triggered by a crafted CGI request. CVE-2021-20217...

7.8CVSS2.4AI score0.02276EPSS
Exploits0References4
NVD
NVD
added 2021/02/19 4:15 a.m.12 views

CVE-2021-27403

Askey RTF8115VW BRSVg11.11RTFTEF001V6.54V014 devices allow cgi-bin/teaccesorouter.cgi curWebPage XSS...

6.1CVSS0.01229EPSS
Exploits1References1
OSV
OSV
added 2021/02/19 4:15 a.m.3 views

CVE-2021-27403

Askey RTF8115VW BRSVg11.11RTFTEF001V6.54V014 devices allow cgi-bin/teaccesorouter.cgi curWebPage XSS...

6.1CVSS6.4AI score0.01229EPSS
Exploits1References1
CVE
CVE
added 2021/02/19 3:53 a.m.99 views

CVE-2021-27403

CVE-2021-27403 affects Asus Askey routers: specifically the RTF8115VW BR_SV_g11.11_RTF_TEF001_V6.54_V014 family. The vulnerability is a cross-site scripting (XSS) in the web interface, exposed via cgi-bin/te_acceso_router.cgi with curWebPage context. Public descriptions consistently state that th...

6.1CVSS6.3AI score0.01229EPSS
Exploits1References1Affected Software1
Tenable Nessus
Tenable Nessus
added 2021/02/16 12:0 a.m.287 views

Webmin < 1.970 Multiple Vulnerabilities

According to its self-reported version, the version of Webmin running on the remote host may be affected by multiple vulnerabilities, including the following: - Arbitrary command execution can occur in Webmin through 1.962. Any user authorized for the Package Updates module can execute arbitrary...

9.8CVSS8.4AI score0.28048EPSS
Exploits2References4
OSV
OSV
added 2021/02/12 5:6 a.m.8 views

OPENSUSE-SU-2021:0279-1 Security update for privoxy

This update for privoxy fixes the following issues: - Update to version 3.0.31: - Security/Reliability boo1181650 - Prevent an assertion from getting triggered by a crafted CGI request. Commit 5bba5b89193fa. OVE-20210130-0001. CVE-2021-20217 Reported by: Joshua Rogers Opera - Fixed a memory leak...

7.8CVSS7.6AI score0.02276EPSS
Exploits0References4
OPENSUSE Linux
OPENSUSE Linux
added 2021/02/12 12:0 a.m.18 views

Security update for privoxy (moderate)

openSUSE Security Update: Security update for privoxy Announcement ID: openSUSE-SU-2021:0279-1 Rating: moderate References: 1181650 Cross-References: CVE-2021-20216 CVE-2021-20217 Affected Products: openSUSE Backports SLE-15-SP2 An update that fixes two vulnerabilities is now available...

7.8CVSS7.9AI score0.02276EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2021/02/10 12:0 a.m.24 views

Fedora 32 : privoxy (2021-f08e89a0d5)

The remote Fedora 32 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-f08e89a0d5 advisory. - A flaw was found in Privoxy in versions before 3.0.31. A memory leak that occurs when decompression fails unexpectedly may lead to a denial of...

7.8CVSS7.1AI score0.02276EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2021/02/10 12:0 a.m.22 views

Fedora 33 : privoxy (2021-6fe9346693)

The remote Fedora 33 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2021-6fe9346693 advisory. - A flaw was found in Privoxy in versions before 3.0.31. A memory leak that occurs when decompression fails unexpectedly may lead to a denial of...

7.8CVSS7.1AI score0.02276EPSS
Exploits0References3
NVD
NVD
added 2021/02/09 5:15 p.m.14 views

CVE-2021-25139

A potential security vulnerability has been identified in the HPE Moonshot Provisioning Manager v1.20. The HPE Moonshot Provisioning Manager is an application that is installed in a VMWare or Microsoft Hyper-V environment that is used to setup and configure an HPE Moonshot 1500 chassis. This...

10CVSS0.07876EPSS
Exploits0References1
OSV
OSV
added 2021/02/08 5:5 p.m.4 views

OPENSUSE-SU-2021:0265-1 Security update for privoxy

This update for privoxy fixes the following issues: - Update to version 3.0.31: - Security/Reliability boo1181650 - Prevent an assertion from getting triggered by a crafted CGI request. Commit 5bba5b89193fa. OVE-20210130-0001. CVE-2021-20217 Reported by: Joshua Rogers Opera - Fixed a memory leak...

7.8CVSS7.6AI score0.02276EPSS
Exploits0References4
CNNVD
CNNVD
added 2021/02/08 12:0 a.m.7 views

Privoxy Security Vulnerability

Privoxy is a proxy server from the Privoxy team in the USA that does not cache web pages and comes with its own filtering features. It has advanced filtering features to enhance privacy, modify web data and HTTP headers, control access and remove advertisements and other annoying Internet...

7.8CVSS7.1AI score0.01371EPSS
Exploits0References7
Rows per page
Query Builder