31 matches found
CVE-2021-20140
An unauthenticated command injection vulnerability exists in the parameters of operation 10 in the controllerserver service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted malicious packet t...
CVE-2021-20139
An unauthenticated command injection vulnerability exists in the parameters of operation 3 in the controllerserver service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted malicious packet to...
CVE-2021-20142
An unauthenticated command injection vulnerability exists in the parameters of operation 41 in the controllerserver service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted malicious packet t...
CVE-2021-20141
An unauthenticated command injection vulnerability exists in the parameters of operation 32 in the controllerserver service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted malicious packet t...
CVE-2024-10044
A Server-Side Request Forgery SSRF vulnerability exists in the POST /workergeneratestream API endpoint of the Controller API Server in lm-sys/fastchat, as of commit e208d5677c6837d590b81cb03847c0b9de100765. This vulnerability allows attackers to exploit the victim controller API server's...
GO-2022-0501 CloudCore CSI Driver: Malicious response from KubeEdge can crash CSI Driver controller server in github.com/kubeedge/kubeedge
CloudCore CSI Driver: Malicious response from KubeEdge can crash CSI Driver controller server in github.com/kubeedge/kubeedge...
SUSE CVE-2023-45919
Mesa 23.0.4 was discovered to contain a buffer over-read in glXQueryServerString. NOTE: this is disputed because there are no common situations in which users require uninterrupted operation with an attacker-controller server...
CVE-2023-45924
libglxproto.c in OpenGL libglvnd bb06db5a was discovered to contain a segmentation violation via the function glXGetDrawableScreen. NOTE: this is disputed because there are no common situations in which users require uninterrupted operation with an attacker-controller server...
CVE-2023-45919
Mesa 23.0.4 was discovered to contain a buffer over-read in glXQueryServerString. NOTE: this is disputed because there are no common situations in which users require uninterrupted operation with an attacker-controller server...
CVE-2023-45919
Mesa 23.0.4 was discovered to contain a buffer over-read in glXQueryServerString. NOTE: this is disputed because there are no common situations in which users require uninterrupted operation with an attacker-controller server...
KubeEdge Denial of Service Vulnerability
KubeEdge is an open source edge computing framework built on Kubernetes and extends containerized application orchestration and device management to hosts on the end. A denial-of-service vulnerability exists in KubeEdge versions prior to 1.11.0, prior to 1.10.1, and prior to 1.9.3, which can be...
Denial Of Service (DoS)
github.com/kubeedge/kubeedge is vulnerable to denial of service. The vulnerability exists in ExtractMessage function because of a message response causing a nil-pointer dereference in CSI Driver controller server which allows an attacker to send malicious messages causing an application crash...
KubeEdge 代码问题漏洞
KubeEdge is an open source edge computing framework built on Kubernetes and extends containerized application orchestration and device management to hosts on the end. A denial-of-service vulnerability exists in KubeEdge versions prior to 1.11.0, prior to 1.10.1, and prior to 1.9.3, which can be...
Gryphon Tower Command Injection Vulnerability
A command injection vulnerability exists in Gryphon Tower, a wireless router from Gryphon. The vulnerability stems from a failure to properly filter user input for special characters, commands, etc. in the parameters of operation 49 in the controllerserver service on the router. An unauthenticate...
Gryphon Tower Command Injection Vulnerability (CNVD-2021-100345)
A command injection vulnerability exists in Gryphon Tower, a wireless router from Gryphon, which stems from a failure to properly filter user input for special characters, commands, etc. in the parameters of operation 10 in the controllerserver service on the router. An unauthenticated, remote...
CVE-2021-20143
An unauthenticated command injection vulnerability exists in the parameters of operation 48 in the controllerserver service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted malicious packet t...
CVE-2021-20144
An unauthenticated command injection vulnerability exists in the parameters of operation 49 in the controllerserver service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted malicious packet t...
CVE-2021-20140
An unauthenticated command injection vulnerability exists in the parameters of operation 10 in the controllerserver service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted malicious packet t...
CVE-2021-20142
An unauthenticated command injection vulnerability exists in the parameters of operation 41 in the controllerserver service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted malicious packet t...
CVE-2021-20139
An unauthenticated command injection vulnerability exists in the parameters of operation 3 in the controllerserver service on Gryphon Tower routers. An unauthenticated remote attacker on the same network can execute commands as root on the device by sending a specially crafted malicious packet to...