16597 matches found
CVE-2023-37536
An integer overflow in xerces-c++ 3.2.3 in BigFix Platform allows remote attackers to cause out-of-bound access via HTTP request...
Integer overflow
An integer overflow in xerces-c++ 3.2.3 in BigFix Platform allows remote attackers to cause out-of-bound access via HTTP request...
CVE-2023-37536 HCL BigFix Platform is vulnerable to an integer overflow in xerces-c++ 3.2.3
An integer overflow in xerces-c++ 3.2.3 in BigFix Platform allows remote attackers to cause out-of-bound access via HTTP request...
CVE-2023-37536 HCL BigFix Platform is vulnerable to an integer overflow in xerces-c++ 3.2.3
An integer overflow in xerces-c++ 3.2.3 in BigFix Platform allows remote attackers to cause out-of-bound access via HTTP request...
CVE-2023-37536
An integer overflow in xerces-c++ 3.2.3 in BigFix Platform allows remote attackers to cause out-of-bound access via HTTP request...
Open5GS Access Control Error Vulnerability
Open5GS is an open source implementation in C of 5G Core and Epc, the core network of the Lte/Nr network. An Access Control Error vulnerability exists in Open5GS version 2.4.10 and earlier, which stems from a lack of authentication, and can be exploited by an attacker to send an HTTP request to a...
PT-2023-25191 · Peplink · Peplink Surf Soho
Name of the Vulnerable Software and Affected Versions: peplink Surf SOHO HW1 version 6.3.5 Description: An OS command injection issue exists in the api.cgi cmd.mvpn.x509.write functionality. A specially crafted HTTP request can lead to command execution. This is specifically related to the system...
peplink Surf SOHO HW1 admin.cgi USSD_send OS command injection vulnerability
Talos Vulnerability Report TALOS-2023-1780 peplink Surf SOHO HW1 admin.cgi USSDsend OS command injection vulnerability October 11, 2023 CVE Number CVE-2023-27380 SUMMARY An OS command injection vulnerability exists in the admin.cgi USSDsend functionality of peplink Surf SOHO HW1 v6.3.5 in QEMU. A...
CVE-2023-34986
A improper neutralization of special elements used in an os command 'os command injection' in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 allows attacker to execute unauthorized code or commands via specifically crafted HTTP get request parameters...
CVE-2023-34989
A improper neutralization of special elements used in an os command 'os command injection' in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 allows attacker to execute unauthorized code or commands via specifically crafted HTTP get request parameters...
Command injection
A improper neutralization of special elements used in an os command 'os command injection' in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 allows attacker to execute unauthorized code or commands via specifically crafted HTTP get request parameters...
Command injection
A improper neutralization of special elements used in an os command 'os command injection' in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 allows attacker to execute unauthorized code or commands via specifically crafted HTTP get request parameters...
Command injection
A improper neutralization of special elements used in an os command 'os command injection' in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 allows attacker to execute unauthorized code or commands via specifically crafted HTTP get request parameters...
Command injection
A improper neutralization of special elements used in an os command 'os command injection' in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 allows attacker to execute unauthorized code or commands via specifically crafted http get request parameters...
CVE-2023-36548
A improper neutralization of special elements used in an os command 'os command injection' in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 allows attacker to execute unauthorized code or commands via specifically crafted http get request parameters...
CVE-2023-36548
A improper neutralization of special elements used in an os command 'os command injection' in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 allows attacker to execute unauthorized code or commands via specifically crafted http get request parameters...
CVE-2023-36547
A improper neutralization of special elements used in an os command 'os command injection' in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 allows attacker to execute unauthorized code or commands via specifically crafted http get request parameters...
CVE-2023-34993
A improper neutralization of special elements used in an os command 'os command injection' in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 allows attacker to execute unauthorized code or commands via specifically crafted http get request parameters...
CVE-2023-36550
A improper neutralization of special elements used in an os command 'os command injection' in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 allows attacker to execute unauthorized code or commands via specifically crafted http get request parameters...
CVE-2023-34987
A improper neutralization of special elements used in an os command 'os command injection' in Fortinet FortiWLM version 8.6.0 through 8.6.5 and 8.5.0 through 8.5.4 allows attacker to execute unauthorized code or commands via specifically crafted HTTP get request parameters...