Lucene search
+L

202 matches found

BDU FSTEC
BDU FSTEC
added 2023/06/16 12:0 a.m.10 views

The vulnerability of D-Link DIR-842V2 router’s microprogramming software, related to the lack of measures taken to clean data at the control level, allows attackers to execute arbitrary commands.

The vulnerability of D-Link DIR-842V2 router microprogramming software is related to the lack of measures taken to clean data at the control level. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands by importing a specially created binary file...

9CVSS8AI score0.32032EPSS
Exploits2References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/05/29 12:0 a.m.8 views

The vulnerability of the _httpRpmPlcDeviceAdd and _httpRpmPlcDeviceRemove functions in the microprogramming software of the TP-Link TL-WPA4530 V2 adapter allows a hacker to execute arbitrary code.

The vulnerability of the httpRpmPlcDeviceAdd and httpRpmPlcDeviceRemove functions in the TP-Link TL-WPA4530 V2 adapter’s microprogramming software is related to the lack of measures taken at the control level to clean data. Exploiting this vulnerability can allow a remote attacker to execute...

8.5CVSS8AI score0.02478EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/04/07 12:0 a.m.6 views

The vulnerability of the QTS, QuTS hero, and QuTScloud operating systems lies in the lack of measures taken to clean data at the management level, allowing attackers to execute arbitrary commands.

The vulnerability of the QTS, QuTS hero, and QuTScloud operating systems is related to the lack of measures taken to clean data at the management level. Exploiting this vulnerability allows a malicious actor, operating remotely, to execute arbitrary commands using specially created data...

6.6CVSS7.4AI score0.01226EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/04/05 12:0 a.m.7 views

PT-2023-3268 · Glpi +2 · Glpi +2

Name of the Vulnerable Software and Affected Versions: GLPI versions 9.5.0 through 9.5.12 GLPI versions 10.0.0 through 10.0.6 Description: The issue is related to insufficient cleaning of user data in the administration panel, allowing a user to inject and execute arbitrary HTML and script code i...

10CVSS6.7AI score0.99628EPSS
Exploits40References206
BDU FSTEC
BDU FSTEC
added 2023/03/29 12:0 a.m.6 views

The vulnerability of the Grafana data visualization web tool, related to insufficient cleaning of user data, allows attackers to execute cross-site scripting (XSS) attacks.

The vulnerability of the Grafana data visualization web tool is related to insufficient cleaning of user data. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting XSS attacks remotely...

6.6CVSS6.6AI score0.01562EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2023/03/28 12:0 a.m.5 views

The vulnerability of TP-Link MR3020 router’s microprogramming software, related to the lack of measures taken to clean data at the control level, allows attackers to execute arbitrary commands.

The vulnerability of TP-Link MR3020 router’s microprogramming software is related to the lack of measures taken to clean data at the control level. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands by sending a specially crafted tftp request to the destination...

10CVSS8.2AI score0.0249EPSS
Exploits1References2
BDU FSTEC
BDU FSTEC
added 2023/03/24 12:0 a.m.5 views

The vulnerability in the implementation of the PAPI network protocol for ArubaOS operating systems allows a hacker to execute arbitrary code.

The vulnerability of the PAPI network protocol implementation in ArubaOS operating systems is related to the lack of measures taken to clean data at the management level. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS8.4AI score0.0174EPSS
Exploits0References2Affected Software2
BDU FSTEC
BDU FSTEC
added 2023/03/24 12:0 a.m.6 views

The vulnerability of the application software interface of the software platform for managing security in industrial networks, MXSecurity, allows a perpetrator to execute arbitrary commands.

The vulnerability of the application software interface of the MXSecurity software platform for managing security in industrial networks is related to the lack of measures taken to clean data at the management level. Exploiting this vulnerability allows a remote attacker to execute arbitrary...

10CVSS7.6AI score0.01456EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/03/15 12:0 a.m.7 views

The vulnerability of the command-line interface of ArubaOS systems allows a hacker to execute arbitrary commands.

The vulnerability of the command-line interface of ArubaOS systems is related to the lack of measures for cleaning input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...

9CVSS7.5AI score0.01481EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2023/03/06 12:0 a.m.7 views

The vulnerability of the PowerScale OneFS operating system, related to the lack of measures for cleaning input data, allows a perpetrator to execute arbitrary commands, expose sensitive information, or cause service failures.

The vulnerability of the PowerScale OneFS operating system is related to the lack of measures for cleaning input data. Exploiting this vulnerability allows an attacker to execute arbitrary commands, expose protected information, or cause service failures...

6.8CVSS7AI score0.00637EPSS
Exploits0References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/02/15 12:0 a.m.7 views

The vulnerability of Sonatype Nexus Repository Manager lies in the lack of measures to clean input data, allowing a perpetrator to execute arbitrary code.

The vulnerability of Sonatype Nexus Repository Manager is related to the lack of measures for cleaning input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

9CVSS7.7AI score0.05602EPSS
Exploits3References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/12/24 12:0 a.m.9 views

The vulnerability of the Moodle course management system lies in the insufficient cleaning of user data in several “social” fields of the user profile. This allows attackers to carry out attacks using cross-site scripting (XSS).

The vulnerability of the Moodle course management system is related to insufficient cleaning of user data in several “social” fields of the user’s profile. Exploiting this vulnerability allows a malicious actor to carry out attacks using cross-site scripting XSS...

6.4CVSS5.6AI score0.00655EPSS
Exploits0References7Affected Software3
BDU FSTEC
BDU FSTEC
added 2022/11/30 12:0 a.m.8 views

The vulnerability of the Atlassian Bitbucket Data Center and Bitbucket Server software lies in the lack of measures taken at the management level to clean data, allowing attackers to execute arbitrary code.

The vulnerability of the Atlassian Bitbucket Data Center and Bitbucket Server software-related data processing lies in the lack of measures taken at the management level to clean up data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

10CVSS8.5AI score0.98076EPSS
Exploits3References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/11/22 12:0 a.m.8 views

The vulnerability of the implementation of the SetNetworkTomographySettings() function in the microprogrammed software for D-link DIR-823G routers allows a hacker to execute arbitrary commands.

The vulnerability of the SetNetworkTomographySettings function implementation in D-link DIR-823G router microprogramming software is related to insufficient cleaning of input data used in commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands by sending...

10CVSS8.1AI score0.03735EPSS
Exploits1References4Affected Software1
NCSC
NCSC
added 2022/11/15 12:0 a.m.6 views

Vulnerability fixed in Zoom

A vulnerability has been fixed in Zoom. The vulnerability allows a local malicious party to gain access to sensitive data, such as meeting data and chat messages sent during meetings. This is caused by a combination of insufficient cleaning of the data after the meeting is closed and the use of a...

3.3CVSS6.8AI score0.00268EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2022/11/03 12:0 a.m.7 views

The vulnerability of NETGEAR R6220 Wi-Fi routers’ microprogramming software, related to the lack of measures taken to clean data at the control level, allows attackers to execute arbitrary commands.

The vulnerability of NETGEAR R6220 Wi-Fi routers’ microprogramming software is related to the lack of measures taken to clean data at the control level. Exploiting this vulnerability could allow a remote attacker to execute arbitrary commands...

9CVSS8AI score0.01834EPSS
Exploits1References3
BDU FSTEC
BDU FSTEC
added 2022/11/02 12:0 a.m.8 views

The vulnerability of Microprogrammed Software in Serial Interface Controllers Moxa NPort W2150A/W2250A arises from insufficient data cleaning at the control level, allowing attackers to execute arbitrary code.

The vulnerability of the microprogrammed software of Moxa NPort W2150A/W2250A serial interface converters lies in the lack of data cleaning measures at the control level. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

8.5CVSS5.9AI score
Exploits0References1Affected Software2
BDU FSTEC
BDU FSTEC
added 2022/11/02 12:0 a.m.9 views

The vulnerability of the D-Link DSL-2750B router’s microprogramming software lies in the lack of measures taken to clean data at the control level, allowing attackers to execute arbitrary commands.

The vulnerability of the D-Link DSL-2750B router’s microprogramming software is related to the lack of measures taken to clean data at the control level. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands through the login.cgi parameter...

10CVSS8.3AI score0.6043EPSS
Exploits1References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/10/31 12:0 a.m.10 views

The vulnerability of the D-Link DIR-816 A2 router’s microprogramming software, related to the lack of measures taken to clean data at the management level, allows a hacker to trigger a service failure.

The vulnerability of the D-Link DIR-816 A2 router’s microprogramming software is related to the lack of measures taken to clean data at the control level. Exploiting this vulnerability can allow a malicious actor to cause service failure remotely...

7.8CVSS7.1AI score0.02682EPSS
Exploits1References3
BDU FSTEC
BDU FSTEC
added 2022/10/20 12:0 a.m.11 views

The vulnerability of the Wi-Fi Aruba Instant deployment application, related to the lack of data cleaning at the management level, allows a perpetrator to execute arbitrary commands.

The vulnerability of the Wi-Fi Aruba Instant deployment application is related to the lack of measures taken to clean data at the management level. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands by sending specially crafted data...

10CVSS8.1AI score0.03295EPSS
Exploits0References5Affected Software2
Rows per page
Query Builder