Lucene search
K

32 matches found

Citrix
Citrix
added 2024/07/13 12:0 a.m.17 views

How to Find Maximum Size of IP Data Payload that can Traverse WAN Environment Without Fragmentation

Citrix SD-WAN, formerly NetScaler SD-WAN This article describes how to find out the maximum size of IP data payload that can traverse a WAN environment without fragmentation. Background The CloudBridge acceleration parameters are sent through TCP options, which use the space in the IP data payloa...

7.1AI score
Exploits0
ATTACKERKB
ATTACKERKB
added 2023/05/26 3:15 p.m.4 views

CVE-2023-33394

skycaiji v2.5.4 is vulnerable to Cross Site Scripting XSS. Attackers can achieve backend XSS by deploying malicious JSON data...

5.4CVSS5.7AI score0.004EPSS
Exploits1References2
OSV
OSV
added 2023/05/26 3:15 p.m.5 views

CVE-2023-33394

skycaiji v2.5.4 is vulnerable to Cross Site Scripting XSS. Attackers can achieve backend XSS by deploying malicious JSON data...

5.4CVSS5.8AI score0.004EPSS
Exploits1References1
CNNVD
CNNVD
added 2023/05/26 12:0 a.m.7 views

skycaiji 跨站脚本漏洞

Skycaiji Blue Sky Collector is a free data collection and publishing crawler software from China Nanchang Zhuolan Technology Co., Ltd, developed with php+mysql and can be deployed on cloud servers. skycaiji v2.5.4 version of a security vulnerability, the vulnerability stems from the existence of...

5.4CVSS5.4AI score0.004EPSS
Exploits1References2
OSV
OSV
added 2022/02/01 1:15 p.m.2 views

CVE-2022-0220

The checkprivacysettings AJAX action of the WordPress GDPR WordPress plugin before 1.9.27, available to both unauthenticated and authenticated users, responds with JSON data without an "application/json" content-type. Since an HTML payload isn't properly escaped, it may be interpreted by a web...

6.1CVSS6.4AI score0.0231EPSS
Exploits2References1
Gitee
Gitee
added 2021/11/22 10:46 a.m.14 views

Exploit for Improper Authentication in Dahuasecurity Ipc-Hum7Xxx_Firmware

This is a PoC exploit for CVE-2021-33044, an authentication bypass vulnerability in Dahua IPC, VTH, and VTO devices. The exploit targets the login process of these devices, allowing attackers to bypass device identity authentication by constructing malicious data packets. The exploit is implement...

10CVSS8.4AI score0.99871EPSS
Exploits12
Prion
Prion
added 2020/06/02 3:15 p.m.23 views

Buffer overflow

Buffer over-read in ADSP parse function due to lack of check for availability of sufficient data payload received in command response in Snapdragon Auto, Snapdragon Compute, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon IoT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon...

3.6CVSS7.6AI score0.00186EPSS
Exploits0References1
CNVD
CNVD
added 2018/09/14 12:0 a.m.1 views

TP-Link TL-WR886N Denial of Service Vulnerability (CNVD-2019-07039)

The TP-Link TL-WR886N is a wireless router product from China P&L TP-LINK. A security vulnerability exists in TP-Link TL-WR886N version 6.0 2.3.4 and 7.0 1.1.0. An attacker can exploit the vulnerability by sending a request with long JSON data to cause the router service to crash...

6.5CVSS6.5AI score0.0104EPSS
Exploits1References1
Citrix
Citrix
added 2017/10/30 12:0 a.m.7 views

Calculate MSS Value for NetScaler SD-WAN Appliances

By default, the MSS value is defined as 1380 bytes in aNetScaler SD-WANappliance, assuming the WAN infrastructure allows a standard IP packet maximum transmission unit MTU size of 1,500 bytes. Some WAN infrastructures might not provide enough space for MSS of 1380 bytes because additional protoco...

7AI score
Exploits0
Hacker One
Hacker One
added 2017/05/12 12:41 a.m.42 views

Instacart: XSS at in instacart.com/store/partner_recipe

Summary Hi team, i found that this endpoint - https://www.instacart.com/store/partnerrecipe? at param imageurl is vulnerable to XSS Reproduction Steps & PoC 1Go to...

7AI score
Exploits0
BDU FSTEC
BDU FSTEC
added 2016/03/25 12:0 a.m.10 views

The vulnerabilities of Adobe Integrated Runtime and Flash Player software allow a perpetrator to execute arbitrary code.

The vulnerability of Adobe Integrated Runtime and Flash Player programs relates to the use of memory after it is freed. Exploiting this vulnerability allows a malicious actor to execute arbitrary code using specially crafted MPEG-4 data...

9.3CVSS8.1AI score0.07659EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2015/11/05 12:0 a.m.6 views

The vulnerability of the Radia Client Automation program allows a hacker to execute arbitrary code.

The vulnerability of the Radia Client Automation user automation program arises due to buffer overflow in the stack. Exploiting this vulnerability allows a malicious actor to execute arbitrary code by sending a large amount of data...

10CVSS6.4AI score0.06081EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder