Lucene search
K

12 matches found

Japan Vulnerability Notes
Japan Vulnerability Notes
added 2025/10/16 8:17 a.m.5 views

Multiple vulnerabilities in ChatLuck

Overview ChatLuck provided by NEOJAPAN Inc. contains multiple vulnerabilities listed below. Cross-site scripting vulnerability in Chat Rooms CWE-79 - CVE-2025-53858 Insufficient granularity of access control vulnerability in Invitation of Guest Users CWE-1220 - CVE-2025-54461 Cross-site scripting...

6.9CVSS6.7AI score0.00296EPSS
Exploits0References8
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2017-14062

Malware in sbrugna...

5.5CVSS5.7AI score0.00435EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-31172

Malicious code in bioql PyPI...

4.8CVSS6.6AI score0.00633EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/02/14 3:31 a.m.18 views

CVE-2024-33433

Cross Site Scripting vulnerability in TOTOLINK X2000R before v1.0.0-B20231213.1013 allows a remote attacker to execute arbitrary code via the Guest Access Control parameter in the Wireless Page...

4.8CVSS7.3AI score0.00633EPSS
Exploits1References1
OSV
OSV
added 2024/05/14 3:37 p.m.2 views

CVE-2024-33433

Cross Site Scripting vulnerability in TOTOLINK X2000R before v1.0.0-B20231213.1013 allows a remote attacker to execute arbitrary code via the Guest Access Control parameter in the Wireless Page...

4.8CVSS6.1AI score0.00633EPSS
Exploits1References1
NVD
NVD
added 2024/05/14 3:37 p.m.29 views

CVE-2024-33433

Cross Site Scripting vulnerability in TOTOLINK X2000R before v1.0.0-B20231213.1013 allows a remote attacker to execute arbitrary code via the Guest Access Control parameter in the Wireless Page...

4.8CVSS7AI score0.00633EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/05/13 7:56 p.m.27 views

CVE-2024-33433

Cross Site Scripting vulnerability in TOTOLINK X2000R before v1.0.0-B20231213.1013 allows a remote attacker to execute arbitrary code via the Guest Access Control parameter in the Wireless Page...

7.2AI score0.00633EPSS
Exploits1References1
CVE
CVE
added 2024/05/13 7:56 p.m.69 views

CVE-2024-33433

The CVE-2024-33433 entry concerns TOTOLINK X2000R (pre v1.0.0-B20231213.1013) with a Cross Site Scripting vulnerability in the Wireless Page caused by insufficient filtering/escaping of the Guest Access Control parameter. An attacker could exploit this via a crafted request to execute arbitrary W...

4.8CVSS7.3AI score0.00633EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2024/05/13 12:0 a.m.4 views

PT-2024-25254 · Totolink · Totolink X2000R

Name of the Vulnerable Software and Affected Versions: TOTOLINK X2000R versions prior to v1.0.0-B20231213.1013 Description: The issue allows a remote attacker to execute arbitrary code via the Guest Access Control parameter in the "Wireless Page" API endpoint. This enables the attacker to perform...

4.8CVSS8.2AI score0.00633EPSS
Exploits1References2
NVD
NVD
added 2018/01/05 2:29 p.m.21 views

CVE-2017-4945

VMware Workstation 14.x and 12.x and Fusion 10.x and 8.x contain a guest access control vulnerability. This issue may allow program execution via Unity on locked Windows VMs. VMware Tools must be updated to 10.2.0 for each VM to resolve CVE-2017-4945. VMware Tools 10.2.0 is consumed by Workstatio...

5.5CVSS5.4AI score0.00435EPSS
Exploits0References4
Cvelist
Cvelist
added 2018/01/05 2:0 p.m.26 views

CVE-2017-4945

VMware Workstation 14.x and 12.x and Fusion 10.x and 8.x contain a guest access control vulnerability. This issue may allow program execution via Unity on locked Windows VMs. VMware Tools must be updated to 10.2.0 for each VM to resolve CVE-2017-4945. VMware Tools 10.2.0 is consumed by Workstatio...

5.7AI score0.00435EPSS
Exploits0References4
CVE
CVE
added 2018/01/05 2:0 p.m.128 views

CVE-2017-4945

CVE-2017-4945 affects VMware Workstation (14.x, 12.x), Fusion (10.x, 8.x) and VMware Tools. Root cause: guest access control weakness that may allow code execution via Unity on locked Windows VMs. Affected components/versions: VMware Tools prior to 10.2.0; Tools 10.2.0 fixes this issue and is pac...

5.5CVSS5.9AI score0.00435EPSS
Exploits0References4Affected Software1
Rows per page
Query Builder