2428 matches found
object-deep-assign Prototype Pollution
alexbinary object-deep-assign 1.0.11 is vulnerable to Prototype Pollution via the extend method of Module.deepAssign /src/index.js...
object-deep-assign security vulnerability
object-deep-assign is a library by Alex Binary Personal Developer. A security vulnerability exists in object-deep-assign version 1.0.11, which stems from easy prototype contamination via extend in Module.deepAssign /src/index.js...
PT-2024-28005 · Unknown · The Algorithms
Name of the Vulnerable Software and Affected Versions: The Algorithms - C versions through e5dad3f Description: The issue is related to a segmentation fault caused by deep recursion in the binary insertion sort.c file. This may impact common use cases, such as sorting an array of 50 elements...
CVE-2024-5951
Deep Sea Electronics DSE855 Factory Reset Missing Authentication Denial-of-Service Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to exploit this...
CVE-2024-5952
Deep Sea Electronics DSE855 Restart Missing Authentication Denial-of-Service Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to exploit this vulnerability...
CVE-2024-5951
Deep Sea Electronics DSE855 Factory Reset Missing Authentication Denial-of-Service Vulnerability. This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to exploit this...
CVE-2024-5948
Deep Sea Electronics DSE855 Multipart Boundary Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to exploi...
CVE-2024-5948
Deep Sea Electronics DSE855 Multipart Boundary Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to exploi...
CVE-2024-5947
Deep Sea Electronics DSE855 Configuration Backup Missing Authentication Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to...
CVE-2024-5949
Deep Sea Electronics DSE855 Multipart Boundary Infinite Loop Denial-of-Service Vulnerability. This vulnerability allows network-adjacent attackers to create a denial-of-service condition on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to exploit th...
CVE-2024-5949
Deep Sea Electronics DSE855 Multipart Boundary Infinite Loop Denial-of-Service Vulnerability. This vulnerability allows network-adjacent attackers to create a denial-of-service condition on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to exploit th...
CVE-2024-5947 Deep Sea Electronics DSE855 Configuration Backup Missing Authentication Information Disclosure Vulnerability
Deep Sea Electronics DSE855 Configuration Backup Missing Authentication Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to...
CVE-2024-5947 Deep Sea Electronics DSE855 Configuration Backup Missing Authentication Information Disclosure Vulnerability
Deep Sea Electronics DSE855 Configuration Backup Missing Authentication Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to...
CVE-2024-5947
The CVE-2024-5947 issue affects Deep Sea Electronics DSE855. It arises from a missing authentication flow in the web UI that allows access to the configuration backup (Backup.bin), enabling network-adjacent attackers to disclose stored credentials. The flaw is exploitable without authentication v...
CVE-2024-5948
CVE-2024-5948 affects the Deep Sea Electronics DSE855 device. The vulnerability is a multipart boundary handling issue where the length of user-supplied data is not properly validated before copying to a fixed-length stack-based buffer, causing a stack-based buffer overflow that can lead to remot...
CVE-2024-5948 Deep Sea Electronics DSE855 Multipart Boundary Stack-Based Buffer Overflow Remote Code Execution Vulnerability
Deep Sea Electronics DSE855 Multipart Boundary Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to exploi...
CVE-2024-5948 Deep Sea Electronics DSE855 Multipart Boundary Stack-Based Buffer Overflow Remote Code Execution Vulnerability
Deep Sea Electronics DSE855 Multipart Boundary Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to exploi...
CVE-2024-5949 Deep Sea Electronics DSE855 Multipart Boundary Infinite Loop Denial-of-Service Vulnerability
Deep Sea Electronics DSE855 Multipart Boundary Infinite Loop Denial-of-Service Vulnerability. This vulnerability allows network-adjacent attackers to create a denial-of-service condition on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to exploit th...
CVE-2024-5949
CVE-2024-5949 affects Deep Sea Electronics DSE855 devices. The flaw is in the handling of multipart boundaries, caused by a logic error that can trigger an infinite loop, enabling network-adjacent attackers to perform a denial-of-service. Authentication is not required. The available connected so...
CVE-2024-5950 Deep Sea Electronics DSE855 Multipart Value Handling Stack-Based Buffer Overflow Remote Code Execution Vulnerability
Deep Sea Electronics DSE855 Multipart Value Handling Stack-Based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to...