CVE-2022-31845

A vulnerability in livecheck.shtml of WAVLINK WN535 G3 M35G3R.V5030.180927 allows attackers to obtain sensitive router information via execution of the exec cmd function...

CVE-2022-31309

A vulnerability in livecheck.shtml of WAVLINK AERIAL X 1200M M79X3.V5030.180719 allows attackers to obtain sensitive router information via execution of the exec cmd function...

CVE-2022-31846

A vulnerability in livemfg.shtml of WAVLINK WN535 G3 M35G3R.V5030.180927 allows attackers to obtain sensitive router information via execution of the exec cmd function...

CVE-2022-31845

A vulnerability in livecheck.shtml of WAVLINK WN535 G3 M35G3R.V5030.180927 allows attackers to obtain sensitive router information via execution of the exec cmd function...

Information disclosure

A vulnerability in livemfg.shtml of WAVLINK WN535 G3 M35G3R.V5030.180927 allows attackers to obtain sensitive router information via execution of the exec cmd function...

Information disclosure

A vulnerability in livemfg.shtml of WAVLINK AERIAL X 1200M M79X3.V5030.191012 allows attackers to obtain sensitive router information via execution of the exec cmd function...

Design/Logic Flaw

A vulnerability in livecheck.shtml of WAVLINK WN535 G3 M35G3R.V5030.180927 allows attackers to obtain sensitive router information via execution of the exec cmd function...

CVE-2022-31846

WAVLINK WN535 G3 M35G3R.V5030.180927 is affected by CVE-2022-31846 in the live_mfg.shtml page. Nuclei templates document a information-disclosure vulnerability where an attacker can obtain sensitive router information by triggering the exec cmd function, potentially exposing configuration details...

CVE-2022-31846

A vulnerability in livemfg.shtml of WAVLINK WN535 G3 M35G3R.V5030.180927 allows attackers to obtain sensitive router information via execution of the exec cmd function...

CVE-2022-31845

A vulnerability in livecheck.shtml of WAVLINK WN535 G3 M35G3R.V5030.180927 allows attackers to obtain sensitive router information via execution of the exec cmd function...

CVE-2022-31308

A vulnerability in livemfg.shtml of WAVLINK AERIAL X 1200M M79X3.V5030.191012 allows attackers to obtain sensitive router information via execution of the exec cmd function...

WAVLINK WN535 G3 安全漏洞

The WAVLINK WN535 G3 is a wireless router from the Chinese company WAVLINK. A security vulnerability exists in the WAVLINK WN535 G3 M35G3R.V5030.180927 version, which originates from a vulnerability in livecheck.shtml. An attacker can exploit this vulnerability to obtain sensitive router...

PT-2022-20680 · Wavlink · Wavlink Aerial X 1200M

Name of the Vulnerable Software and Affected Versions: WAVLINK AERIAL X 1200M version M79X3.V5030.191012 Description: A vulnerability in the live mfg.shtml file allows attackers to obtain sensitive router information via execution of the exec cmd function. Recommendations: For version...

cri-o: memory exhaustion on the node when access to the kube api

A vulnerability was found in CRI-O that causes memory or disk space exhaustion on the node for anyone with access to the Kube API. The ExecSync request runs commands in a container and logs the output of the command. This output is then read by CRI-O after command execution, and it is read in a...

DEBIAN-CVE-2022-31030

containerd is an open source container runtime. A bug was found in the containerd's CRI implementation where programs inside a container can cause the containerd daemon to consume memory without bound during invocation of the ExecSync API. This can cause containerd to consume all available memory...

AZL-9918 CVE-2022-31030 affecting package moby-containerd for versions less than 1.6.6-1

containerd is an open source container runtime. A bug was found in the containerd's CRI implementation where programs inside a container can cause the containerd daemon to consume memory without bound during invocation of the ExecSync API. This can cause containerd to consume all available memory...

Medium: containerd

Issue Overview: A bug was found in containerd's CRI implementation where programs inside a container can cause the containerd daemon to consume memory without bound during invocation of the ExecSync API. This can cause containerd to consume all available memory on the computer, denying service to...

CVE-2022-31212

A stack-based buffer over-read flaw was found in the dbus-broker package. Dbus-Broker depends on c-uitl/c-shquote to parse the DBus service's Exec line, and if a malicious Exec line is supplied, this can lead to a crash or other undefined behaviors...

AZL-37071 CVE-2022-1708 affecting package cri-o for versions less than 1.21.7-1

A vulnerability was found in CRI-O that causes memory or disk space exhaustion on the node for anyone with access to the Kube API. The ExecSync request runs commands in a container and logs the output of the command. This output is then read by CRI-O after command execution, and it is read in a...

FreeBSD : go -- multiple vulnerabilities (15888c7e-e659-11ec-b7fe-10c37b4ac2ea)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the 15888c7e-e659-11ec-b7fe-10c37b4ac2ea advisory. - The Go project reports: crypto/rand: rand.Read hangs with extremely large buffers On Windows...