Lucene search
K

8 matches found

CNVD
CNVD
added 2025/06/27 12:0 a.m.4 views

TOTOLINK CA300-PoE Command Injection Vulnerability

The TOTOLINK CA300-PoE is a wireless access point device manufactured by China's Gion Electronics TOTOLINK. TOTOLINK CA300-PoE suffers from a command injection vulnerability that stems from the improper handling of the parameter FileName in the file upgrade.so, no details of the vulnerability are...

9.8CVSS6.5AI score0.02695EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:10 p.m.14 views

CVE-2022-3969

A vulnerability was found in OpenKM up to 6.3.11 and classified as problematic. Affected by this issue is the function getFileExtension of the file src/main/java/com/openkm/util/FileUtils.java. The manipulation leads to insecure temporary file. Upgrading to version 6.3.12 is able to address this...

5.5CVSS6.9AI score0.00526EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/11/08 12:0 a.m.6 views

PT-2024-9413

Name of the Vulnerable Software and Affected Versions: curl versions 6.5 through 8.11.0 Description: The issue arises when curl is used with a .netrc file for credentials and follows HTTP redirects. Under certain circumstances, curl could leak the password used for the first host to the followed-...

9.4CVSS8AI score0.16212EPSS
Exploits4References237
Cvelist
Cvelist
added 2023/01/15 7:58 p.m.17 views

CVE-2018-25075 karsany OBridge ProcedureDao.java getAllStandaloneProcedureAndFunction sql injection

A vulnerability classified as critical has been found in karsany OBridge up to 1.3. Affected is the function getAllStandaloneProcedureAndFunction of the file obridge-main/src/main/java/org/obridge/dao/ProcedureDao.java. The manipulation leads to sql injection. The complexity of an attack is rathe...

4.6CVSS10AI score0.0095EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2018/05/14 12:0 a.m.46 views

Debian DLA-1378-1 : tiff3 security update

A heap-based buffer overflow was discovered in the LZWDecodeCompat function in tiflzw.c LibTIFF 4.0.9 and earlier. This vulnerability might be leveraged by remote attackers to crash the client via a crafted TIFF LZW file. For Debian 7 'Wheezy', these problems have been fixed in version...

8.8CVSS6.9AI score0.03097EPSS
Exploits1References3
Saint
Saint
added 2009/09/11 12:0 a.m.28 views

VideoLAN VLC Media Player SMB Module Win32AddConnection Buffer Overflow

Added: 09/11/2009 CVE: CVE-2009-2484 BID: 35500 OSVDB: 55509 Background VLC media player is a media player supporting various audio and video formats for multiple platforms. Problem A stack-based buffer overflow vulnerability in the Win32AddConnection function may allow a remote attacker to execu...

9.3CVSS7.7AI score0.3511EPSS
Exploits7
Debian
Debian
added 2004/10/29 10:20 a.m.51 views

[SECURITY] [DSA 577-1] New postgresql packages fix symlink vulnerability

-------------------------------------------------------------------------- Debian Security Advisory DSA 577-1 [email protected] http://www.debian.org/security/ Martin Schulze October 29th, 2004 http://www.debian.org/security/faq -...

2.1CVSS5.8AI score0.00452EPSS
Exploits0
Debian
Debian
added 2003/03/19 2:10 p.m.21 views

[SECURITY] [DSA 264-1] New lxr packages fix information disclosure

-------------------------------------------------------------------------- Debian Security Advisory DSA 264-1 [email protected] http://www.debian.org/security/ Martin Schulze March 19th, 2003 http://www.debian.org/security/faq -...

6.8AI score
Exploits0
Rows per page
Query Builder