138 matches found
Google Tensorflow 安全漏洞
Google TensorFlow is an end-to-end open source platform for machine learning from Google, Inc. A security vulnerability exists in Google TensorFlow, which stems from the er optimizer in TensorFlow that can cause a denial of service by modifying the SavedModel so that issimplifiableshape will...
er-journal.com Cross Site Scripting vulnerability OBB-2120742
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
Command Execution Vulnerability in H3C ER G2 Series Routers
H3C ER G2 series is a new generation of enterprise-grade Gigabit high-performance routers launched by Hangzhou Huasan Communication Technology Co. It is targeted at the SMB market of Ethernet/fiber/xDSL access, which mainly includes network environments of government agencies, small and...
Binary Vulnerability in H3C ER G2 Series Routers
H3C ER G2 series is a new generation of enterprise-class Gigabit high-performance routers launched by Hangzhou Huasan Communication Technology Co. A binary vulnerability exists in the H3C ER G2 series routers, which can be exploited by attackers to cause a denial of service...
CVE-2020-22275
The CVE describes a CSV injection in WordPress Easy Registration Forms (ER Forms) plugin v2.0.6, where attacker-supplied entries with malicious CSV commands are not sanitized, enabling code execution when an admin exports CSV data. Affected component: ER Forms plugin for WordPress; root cause: in...
er-teknikservis.com Cross Site Scripting vulnerability OBB-1445424
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
IQrouter 3.3.1 Firmware - Remote Code Execution
Exploit Title: IQrouter 3.3.1 Firmware - Remote Code Execution Date: 2020-04-21 Exploit Author: drakylar Vendor Homepage: https://evenroute.com/ Software Link: https://evenroute.com/iqrouter Version: IQrouter firmware up to 3.3.1 Tested on: IQrouter firmware 3.3.1 CVE : N/A !/usr/bin/env python3...
Changsha Tian Er Network Technology Co., Ltd. website building system suffers from SQL injection vulnerabilities
Changsha Tian Er Network Technology Co., Ltd. is a technology-based development company. Changsha Tian Er Network Technology Co., Ltd. has a SQL injection vulnerability in its website builder system, which can be exploited by attackers to obtain sensitive information from the database...
er-go.it Cross Site Scripting vulnerability OBB-1115510
Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has:       a. verified the vulnerability and confirmed its existence;       b. notified the website operator about its existence...
CVE-2013-0725
ERDAS ER Viewer 13.0 has dwmapi.dll and irml.dll libraries arbitrary code execution vulnerabilities...
Design/Logic Flaw
ERDAS ER Viewer 13.0 has dwmapi.dll and irml.dll libraries arbitrary code execution vulnerabilities...
CVE-2013-0725
ERDAS ER Viewer 13.0 has dwmapi.dll and irml.dll libraries arbitrary code execution vulnerabilities...
CVE-2013-0725
CVE-2013-0725 affects ERDAS ER Viewer 13.0. The vulnerability involves the libraries dwmapi.dll and irml.dll , enabling arbitrary code execution. The CVE is referenced across NVD/Red Hat entries with the same description. Documented impact indicates potential code execution with local access; CVS...
Ajenti 2.1.31 - Remote Code Exection Exploit
Exploit for jsp platform in category web applications Exploit Title: Ajenti 2.1.31 - Remote Code Exection Metasploit Exploit Author: Onur ER Vendor Homepage: http://ajenti.org/ Software Link: https://github.com/ajenti/ajenti Version: 2.1.31 Tested on: Ubuntu 19.10 This module requires Metasploit:...
The vulnerability of the setsystemparams procedure of the Ghostscript file conversion program allows a attacker to execute arbitrary commands or gain access to the file system.
The vulnerability of the setsystemparams procedure in the Ghostscript program for converting PostScript format files is related to deficiencies in access control. Exploiting this vulnerability allows an attacker, operating remotely, to execute arbitrary commands or gain access to the file system ...
CVE-2019-9019
The British Airways Entertainment System, as installed on Boeing 777-36NER and possibly other aircraft, does not prevent the USB charging/data-transfer feature from interacting with USB keyboard and mouse devices, which allows physically proximate attackers to conduct unanticipated attacks agains...
Buffer overflow
The British Airways Entertainment System, as installed on Boeing 777-36NER and possibly other aircraft, does not prevent the USB charging/data-transfer feature from interacting with USB keyboard and mouse devices, which allows physically proximate attackers to conduct unanticipated attacks agains...
CVE-2019-9019
CVE-2019-9019 relates to the British Airways Entertainment System (installed on Boeing 777-36N(ER) and possibly others). The issue arises because the USB charging/data-transfer feature does not prevent interaction with connected USB keyboard/mouse devices, enabling physically proximate attackers ...
ubiquiti-discovery NSE Script
Extracts information from Ubiquiti networking devices. This script leverages Ubiquiti's Discovery Service which is enabled by default on many products. It will attempt to leverage version 1 of the protocol first and, if that fails, attempt version 2. Example Usage nmap -sU -p 10001 --script...
CVE-2017-15629
TP-Link WVR, WAR and ER devices allow remote authenticated administrators to execute arbitrary commands via command injection in the new-tunnelname variable in the pptpclient.lua file...