Lucene search
K

1125 matches found

CVE
CVE
added 2024/11/12 12:0 a.m.67 views

CVE-2024-28728

CVE-2024-28728 describes a Cross Site Scripting vulnerability in D-Link DWR-2000M 5G CPE with Wi-Fi 6 Ax1800 and D-Link DWR-2000M_1.34ME. The issue arises from handling of the WiFi SSID Name field, allowing a local attacker to obtain sensitive information via a crafted payload. Affected product/v...

6.6CVSS5.9AI score0.005EPSS
Exploits0References2
CNVD
CNVD
added 2024/10/28 12:0 a.m.6 views

Tianyu CPE Router CommonCPExCPETS Command Execution Vulnerability

Tianyu CPE Router is a wireless router from China Tianyu Tianyu. A command execution vulnerability exists in the Tianyu CPE Router CommonCPExCPETS, which can be exploited by an attacker to execute arbitrary commands on the system...

8.8CVSS7.8AI score0.01626EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2024/10/25 12:0 a.m.29 views

AlmaLinux 9 : python3.12 (ALSA-2024:8447)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2024:8447 advisory. python: cpython: tarfile: ReDos via excessive backtracking while parsing header values CVE-2024-6232 Tenable has extracted the preceding description block directly...

7.5CVSS6.9AI score0.02203EPSS
Exploits2References3
Tenable Nessus
Tenable Nessus
added 2024/10/25 12:0 a.m.7 views

NuGet Package 'Betalgo.OpenAI' Detection

The remote host has a 'Betalgo.OpenAI' with a Verified NuGet package status and is installed on the remote host. Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C Tenable, Inc. include'compat.inc'; if...

5.8AI score
Exploits0References1
NVD
NVD
added 2024/10/24 6:15 p.m.12 views

CVE-2024-48440

Shenzhen Tuoshi Network Communications Co.,Ltd 5G CPE Router NR500-EA RG500UEAABxCOMSLICv3.2.2543.12.18 was discovered to contain a command injection vulnerability via the component atcommand.asp...

8.8CVSS0.01632EPSS
Exploits0References1
NVD
NVD
added 2024/10/24 6:15 p.m.20 views

CVE-2024-48441

Wuhan Tianyu Information Industry Co., Ltd Tianyu CPE Router CommonCPExCPETSv3.2.468.11.04P4 was discovered to contain a command injection vulnerability via the component atcommand.asp...

8.8CVSS0.01626EPSS
Exploits0References1
NVD
NVD
added 2024/10/24 6:15 p.m.19 views

CVE-2024-48442

Incorrect access control in Shenzhen Tuoshi Network Communications Co.,Ltd 5G CPE Router NR500-EA RG500UEAABxCOMSLICv3.2.2543.12.18 allows attackers to access the SSH protocol without authentication...

6.5CVSS0.00253EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/10/24 12:0 a.m.20 views

CVE-2024-48442

Incorrect access control in Shenzhen Tuoshi Network Communications Co.,Ltd 5G CPE Router NR500-EA RG500UEAABxCOMSLICv3.2.2543.12.18 allows attackers to access the SSH protocol without authentication...

7.1AI score0.00253EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/10/24 12:0 a.m.25 views

CVE-2024-48440

Shenzhen Tuoshi Network Communications Co.,Ltd 5G CPE Router NR500-EA RG500UEAABxCOMSLICv3.2.2543.12.18 was discovered to contain a command injection vulnerability via the component atcommand.asp...

0.01632EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/10/24 12:0 a.m.9 views

CVE-2024-48441

Wuhan Tianyu Information Industry Co., Ltd Tianyu CPE Router CommonCPExCPETSv3.2.468.11.04P4 was discovered to contain a command injection vulnerability via the component atcommand.asp...

8.2AI score0.01626EPSS
Exploits0References1
CVE
CVE
added 2024/10/24 12:0 a.m.54 views

CVE-2024-48442

CVE-2024-48442 affects Shenzhen Tuoshi Network Communications Co.,Ltd 5G CPE Router NR500-EA RG500UEAABxCOMSLIC, version 3.2.2543.12.18. Root cause is an incorrect access control that allows unauthenticated SSH access. Reported impact is confidentiality exposure via SSH without authentication; no...

6.5CVSS6.5AI score0.00253EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/10/24 12:0 a.m.26 views

CVE-2024-48442

Incorrect access control in Shenzhen Tuoshi Network Communications Co.,Ltd 5G CPE Router NR500-EA RG500UEAABxCOMSLICv3.2.2543.12.18 allows attackers to access the SSH protocol without authentication...

0.00253EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/10/24 12:0 a.m.12 views

CVE-2024-48440

Shenzhen Tuoshi Network Communications Co.,Ltd 5G CPE Router NR500-EA RG500UEAABxCOMSLICv3.2.2543.12.18 was discovered to contain a command injection vulnerability via the component atcommand.asp...

8.2AI score0.01632EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/10/24 12:0 a.m.17 views

PT-2024-33112 · Tianyu · Tianyu Cpe Router

Name of the Vulnerable Software and Affected Versions: Tianyu CPE Router version CommonCPExCPETS v3.2.468.11.04 P4 Description: A command injection issue was discovered in the Tianyu CPE Router, specifically via the component at command.asp. Recommendations: For version CommonCPExCPETS...

8.8CVSS7.5AI score0.01626EPSS
Exploits0References3
CVE
CVE
added 2024/10/24 12:0 a.m.60 views

CVE-2024-48440

The CVE-2024-48440 entry affects Shenzhen Tuoshi Network Communications Co.,Ltd 5G CPE Router NR500-EA (RG500UEAABxCOMSLICv3.2.2543.12.18) and is caused by a command injection vulnerability in the at_command.asp component. Public data lists CVSSv3.1 metrics: AV Adjacent, AC Low, PR None, UI None,...

8.8CVSS7.6AI score0.01632EPSS
Exploits0References1
CVE
CVE
added 2024/10/24 12:0 a.m.62 views

CVE-2024-48441

The CVE-2024-48441 issue affects the Tianyu CPE Router CommonCPExCPETS version v3.2.468.11.04_P4, specifically the at_command.asp component, where a command-injection vulnerability exists. The root cause is input handling in at_command.asp that allows arbitrary commands to be executed with high i...

8.8CVSS7.6AI score0.01626EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2024/10/22 12:0 a.m.15 views

Eclipse Jetty DoS Vulnerability (GHSA-r7m4-f9h5-gr79) - Windows

Eclipse Jetty is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:eclipse:jetty";...

6.5CVSS6.4AI score0.00949EPSS
Exploits0References2
CVE
CVE
added 2024/10/11 3:20 p.m.50 views

CVE-2024-39547

The CVE describes an Improper Handling of Exceptional Conditions vulnerability in the rpd-server of Juniper Networks Junos OS and Junos OS Evolved within cRPD. An unauthenticated network attacker can trigger a CPU-based DoS by sending crafted TCP traffic to the control plane, or when a TCP sessio...

8.7CVSS7.6AI score0.00927EPSS
Exploits0References1Affected Software1
OpenVAS
OpenVAS
added 2024/09/27 12:0 a.m.26 views

CUPS Multiple Vulnerabilities (Sep/Oct 2024)

Various components of CUPS are prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

9.8CVSS7.8AI score0.76959EPSS
Exploits17References13
Tenable Nessus
Tenable Nessus
added 2024/09/26 12:0 a.m.11 views

Fedora 40 : chisel (2024-5aad2fda6a)

The remote Fedora 40 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-5aad2fda6a advisory. Update to new upstream version closes rhbz2303131 Tenable has extracted the preceding description block directly from the Fedora security advisory...

8.6CVSS7.5AI score0.0045EPSS
Exploits0References2
Rows per page
Query Builder