Lucene search
K

41 matches found

CNNVD
CNNVD
added 2024/03/22 12:0 a.m.6 views

Tenda AC15 操作系统命令注入漏洞

Tenda AC15 is a dual-band wireless router launched by Shenzhen Jixiang Tenda Technology Co. in October 2015, which supports 802.11ac protocol with a theoretical transmission rate of 1900Mbps 600Mbps in 2.4GHz band and 1300Mbps in 5GHz band. Tenda AC15 suffers from a command injection vulnerabilit...

8.8CVSS7.7AI score0.0405EPSS
Exploits1References4
Positive Technologies
Positive Technologies
added 2024/03/18 12:0 a.m.6 views

PT-2024-2496 · Tenda · Tenda Ac7

Name of the Vulnerable Software and Affected Versions: Tenda AC7 version 15.03.06.44 Description: A critical issue is present in the Tenda AC7 router's software, related to the function formWriteFacMac of the file /goform/WriteFacMac. The manipulation of the mac argument leads to os command...

9CVSS7.3AI score0.07893EPSS
Exploits2References7
SUSE CVE
SUSE CVE
added 2023/02/15 5:53 a.m.6 views

SUSE CVE-2011-1493

Array index error in the roseparsenational function in net/rose/rosesubr.c in the Linux kernel before 2.6.39 allows remote attackers to cause a denial of service heap memory corruption or possibly have unspecified other impact by composing FACNATIONALDIGIS data that specifies a large number of...

7.5CVSS7.2AI score0.03358EPSS
Exploits2References12
vulnersOsv
vulnersOsv
added 2021/08/25 8:52 p.m.7 views

fac (>=0.5.2 <=0.5.3) potentially affected by CVE-2021-28037 via internment (=0.3.13)

internment CARGO version =0.3.13 is affected by a known vulnerability. The following packages have a transitive dependency on internment and may be impacted: - fac =0.5.2, =0.5.3 Source cves: CVE-2021-28037 Source advisory: OSV:GHSA-GPPW-3H6H-V6Q2...

9.8CVSS7.2AI score0.01167EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2021/08/25 8:46 p.m.4 views

fac (>=0.5.2 <=0.5.3) potentially affected by CVE-2020-35874 via internment (=0.3.13)

internment CARGO version =0.3.13 is affected by a known vulnerability. The following packages have a transitive dependency on internment and may be impacted: - fac =0.5.2, =0.5.3 Source cves: CVE-2020-35874 Source advisory: OSV:GHSA-96W3-P368-4H8C...

8.1CVSS7.2AI score0.00957EPSS
Exploits1
CNVD
CNVD
added 2021/05/18 12:0 a.m.2 views

Binary Vulnerability in FWB, FAC Series Routers of Shenzhen Xunjie Communication Technology Co.

FWB, FAC series is a router from Shenzhen Xunjie Communication Technology Co., Ltd, including FWB201S, FWB505, FAC1203R, FWB201, FAC1900R, FWB200, FAC1200R and so on. A binary vulnerability exists in the FWB, FAC series routers of Shenzhen Xunjie Communication Technology Co. Ltd, which can be...

7.3AI score
Exploits0
vulnersOsv
vulnersOsv
added 2021/03/03 12:0 p.m.5 views

fac (>=0.5.2 <=0.5.3) potentially affected by CVE-2021-28037 via internment (=0.3.13)

internment CARGO version =0.3.13 is affected by a known vulnerability. The following packages have a transitive dependency on internment and may be impacted: - fac =0.5.2, =0.5.3 Source cves: CVE-2021-28037 Source advisory: OSV:RUSTSEC-2021-0036...

9.8CVSS7.2AI score0.01167EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2020/05/28 12:0 p.m.3 views

fac (>=0.5.2 <=0.5.3) potentially affected by CVE-2020-35874 via internment (=0.3.13)

internment CARGO version =0.3.13 is affected by a known vulnerability. The following packages have a transitive dependency on internment and may be impacted: - fac =0.5.2, =0.5.3 Source cves: CVE-2020-35874 Source advisory: OSV:RUSTSEC-2020-0017...

8.1CVSS7.2AI score0.00957EPSS
Exploits1
Openbugbounty
Openbugbounty
added 2019/11/26 4:55 p.m.8 views

h-fac-novar.hsgwhs.usu.edu Improper Access Control vulnerability

Open Bug Bounty ID: OBB-1024106 Following coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website...

0.7AI score
Exploits0
CVE
CVE
added 2019/09/24 6:14 p.m.77 views

CVE-2019-14239

CVE-2019-14239 affects NXP Kinetis KV1x, KV3x, and K8x devices where Flash Access Controls (FAC) can be defeated by a load instruction inside an execute-only region, exposing protected code into a CPU register. The core issue is a software IP protection bypass in FAC, enabling information exposur...

6.6CVSS6.6AI score0.00401EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2019/09/12 6:15 p.m.12 views

Design/Logic Flaw

On NXP Kinetis KV1x, Kinetis KV3x, and Kinetis K8x devices, Flash Access Controls FAC a software IP protection method for execute-only access can be defeated by observing CPU registers and the effect of code/instruction execution...

7.5CVSS9.5AI score0.02923EPSS
Exploits1References1
CVE
CVE
added 2019/09/12 5:56 p.m.137 views

CVE-2019-14237

The CVE concerns NXP Kinetis KV1x, KV3x, and K8x devices where Flash Access Controls (FAC) execute-only protection can be defeated by observing CPU registers and the effects of code execution. The impact is the circumvention of execute-only protection as described; no specific remediation or patc...

9.8CVSS9.5AI score0.02923EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2007/04/18 10:19 a.m.13 views

Improper access control

FAC Guestbook 2.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/Gdb.mdb...

10CVSS6.9AI score0.02239EPSS
Exploits0References5Affected Software1
NVD
NVD
added 2007/04/18 10:19 a.m.16 views

CVE-2007-2100

FAC Guestbook 2.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/Gdb.mdb...

10CVSS6.3AI score0.02239EPSS
Exploits0References5
NVD
NVD
added 2007/04/18 10:19 a.m.28 views

CVE-2007-2101

FAC Guestbook 3.01 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/gbdb.mdb. NOTE: the provenance of this information is unknown; the details are obtained solely from third party...

10CVSS6.3AI score0.02146EPSS
Exploits0References3
Cvelist
Cvelist
added 2007/04/18 10:0 a.m.28 views

CVE-2007-2101

FAC Guestbook 3.01 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/gbdb.mdb. NOTE: the provenance of this information is unknown; the details are obtained solely from third party...

6.3AI score0.02146EPSS
Exploits0References3
Cvelist
Cvelist
added 2007/04/18 10:0 a.m.21 views

CVE-2007-2100

FAC Guestbook 2.0 stores sensitive information under the web root with insufficient access control, which allows remote attackers to download a database via a direct request for db/Gdb.mdb...

6.3AI score0.02239EPSS
Exploits0References5
CVE
CVE
added 2007/04/18 10:0 a.m.45 views

CVE-2007-2101

FAC Guestbook 3.01 has an improper access control flaw exposing data under the web root. The vulnerability allows remote attackers to download the database via a direct request to db/gbdb.mdb, enabling access to sensitive information. The issue is described as affecting FAC Guestbook 3.01 and ste...

10CVSS6.3AI score0.02146EPSS
Exploits0References3Affected Software1
CVE
CVE
added 2007/04/18 10:0 a.m.51 views

CVE-2007-2100

CVE-2007-2100 affects FAC Guestbook 2.0. The vulnerability arises from insufficient access control, allowing remote attackers to directly access and download the database file db/Gdb.mdb from the web root. The published description indicates this could compromise confidentiality (complete impact)...

10CVSS6.3AI score0.02239EPSS
Exploits0References5Affected Software1
securityvulns
securityvulns
added 2007/04/13 12:0 a.m.49 views

FAC GuestBook v2.0 remote database disclosure vulnerability

""""""""""""""""""""""""""""""""""""""""""""""" """ :: :: ::::: :::: """ """ :: :: :: : :: """ """ :::: :: :: ::::: ::::: :::: """ """ :: :: ::: ::: :: :: :: :: :: """ """ :: :: :: : : ::::: :: :: :::: """ """ """ """"""""""""""""""""""""""""""""""""""""""""""" Xmor$ Security Vulnerability Resear...

0.6AI score
Exploits0
Rows per page
Query Builder