202 matches found
The vulnerability of D-Link DIR-842V2 router’s microprogramming software, related to the lack of measures taken to clean data at the control level, allows attackers to execute arbitrary commands.
The vulnerability of D-Link DIR-842V2 router microprogramming software is related to the lack of measures taken to clean data at the control level. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands by importing a specially created binary file...
The vulnerability of the _httpRpmPlcDeviceAdd and _httpRpmPlcDeviceRemove functions in the microprogramming software of the TP-Link TL-WPA4530 V2 adapter allows a hacker to execute arbitrary code.
The vulnerability of the httpRpmPlcDeviceAdd and httpRpmPlcDeviceRemove functions in the TP-Link TL-WPA4530 V2 adapter’s microprogramming software is related to the lack of measures taken at the control level to clean data. Exploiting this vulnerability can allow a remote attacker to execute...
The vulnerability of the QTS, QuTS hero, and QuTScloud operating systems lies in the lack of measures taken to clean data at the management level, allowing attackers to execute arbitrary commands.
The vulnerability of the QTS, QuTS hero, and QuTScloud operating systems is related to the lack of measures taken to clean data at the management level. Exploiting this vulnerability allows a malicious actor, operating remotely, to execute arbitrary commands using specially created data...
PT-2023-3268 · Glpi +2 · Glpi +2
Name of the Vulnerable Software and Affected Versions: GLPI versions 9.5.0 through 9.5.12 GLPI versions 10.0.0 through 10.0.6 Description: The issue is related to insufficient cleaning of user data in the administration panel, allowing a user to inject and execute arbitrary HTML and script code i...
The vulnerability of the Grafana data visualization web tool, related to insufficient cleaning of user data, allows attackers to execute cross-site scripting (XSS) attacks.
The vulnerability of the Grafana data visualization web tool is related to insufficient cleaning of user data. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting XSS attacks remotely...
The vulnerability of TP-Link MR3020 router’s microprogramming software, related to the lack of measures taken to clean data at the control level, allows attackers to execute arbitrary commands.
The vulnerability of TP-Link MR3020 router’s microprogramming software is related to the lack of measures taken to clean data at the control level. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands by sending a specially crafted tftp request to the destination...
The vulnerability in the implementation of the PAPI network protocol for ArubaOS operating systems allows a hacker to execute arbitrary code.
The vulnerability of the PAPI network protocol implementation in ArubaOS operating systems is related to the lack of measures taken to clean data at the management level. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the application software interface of the software platform for managing security in industrial networks, MXSecurity, allows a perpetrator to execute arbitrary commands.
The vulnerability of the application software interface of the MXSecurity software platform for managing security in industrial networks is related to the lack of measures taken to clean data at the management level. Exploiting this vulnerability allows a remote attacker to execute arbitrary...
The vulnerability of the command-line interface of ArubaOS systems allows a hacker to execute arbitrary commands.
The vulnerability of the command-line interface of ArubaOS systems is related to the lack of measures for cleaning input data. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands...
The vulnerability of the PowerScale OneFS operating system, related to the lack of measures for cleaning input data, allows a perpetrator to execute arbitrary commands, expose sensitive information, or cause service failures.
The vulnerability of the PowerScale OneFS operating system is related to the lack of measures for cleaning input data. Exploiting this vulnerability allows an attacker to execute arbitrary commands, expose protected information, or cause service failures...
The vulnerability of Sonatype Nexus Repository Manager lies in the lack of measures to clean input data, allowing a perpetrator to execute arbitrary code.
The vulnerability of Sonatype Nexus Repository Manager is related to the lack of measures for cleaning input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...
The vulnerability of the Moodle course management system lies in the insufficient cleaning of user data in several “social” fields of the user profile. This allows attackers to carry out attacks using cross-site scripting (XSS).
The vulnerability of the Moodle course management system is related to insufficient cleaning of user data in several “social” fields of the user’s profile. Exploiting this vulnerability allows a malicious actor to carry out attacks using cross-site scripting XSS...
The vulnerability of the Atlassian Bitbucket Data Center and Bitbucket Server software lies in the lack of measures taken at the management level to clean data, allowing attackers to execute arbitrary code.
The vulnerability of the Atlassian Bitbucket Data Center and Bitbucket Server software-related data processing lies in the lack of measures taken at the management level to clean up data. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the implementation of the SetNetworkTomographySettings() function in the microprogrammed software for D-link DIR-823G routers allows a hacker to execute arbitrary commands.
The vulnerability of the SetNetworkTomographySettings function implementation in D-link DIR-823G router microprogramming software is related to insufficient cleaning of input data used in commands. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands by sending...
Vulnerability fixed in Zoom
A vulnerability has been fixed in Zoom. The vulnerability allows a local malicious party to gain access to sensitive data, such as meeting data and chat messages sent during meetings. This is caused by a combination of insufficient cleaning of the data after the meeting is closed and the use of a...
The vulnerability of NETGEAR R6220 Wi-Fi routers’ microprogramming software, related to the lack of measures taken to clean data at the control level, allows attackers to execute arbitrary commands.
The vulnerability of NETGEAR R6220 Wi-Fi routers’ microprogramming software is related to the lack of measures taken to clean data at the control level. Exploiting this vulnerability could allow a remote attacker to execute arbitrary commands...
The vulnerability of Microprogrammed Software in Serial Interface Controllers Moxa NPort W2150A/W2250A arises from insufficient data cleaning at the control level, allowing attackers to execute arbitrary code.
The vulnerability of the microprogrammed software of Moxa NPort W2150A/W2250A serial interface converters lies in the lack of data cleaning measures at the control level. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...
The vulnerability of the D-Link DSL-2750B router’s microprogramming software lies in the lack of measures taken to clean data at the control level, allowing attackers to execute arbitrary commands.
The vulnerability of the D-Link DSL-2750B router’s microprogramming software is related to the lack of measures taken to clean data at the control level. Exploiting this vulnerability allows a malicious actor to execute arbitrary commands through the login.cgi parameter...
The vulnerability of the D-Link DIR-816 A2 router’s microprogramming software, related to the lack of measures taken to clean data at the management level, allows a hacker to trigger a service failure.
The vulnerability of the D-Link DIR-816 A2 router’s microprogramming software is related to the lack of measures taken to clean data at the control level. Exploiting this vulnerability can allow a malicious actor to cause service failure remotely...
The vulnerability of the Wi-Fi Aruba Instant deployment application, related to the lack of data cleaning at the management level, allows a perpetrator to execute arbitrary commands.
The vulnerability of the Wi-Fi Aruba Instant deployment application is related to the lack of measures taken to clean data at the management level. Exploiting this vulnerability allows a remote attacker to execute arbitrary commands by sending specially crafted data...