Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

884 matches found

0day.today
0day.todayadded 2024/04/02 12:0 a.m.236 views

GL.iNet MT6000 4.5.5 - Arbitrary File Download Exploit

Exploit Title: GL-iNet MT6000 4.5.5 - Arbitrary File Download CVE: CVE-2024-27356 Google Dork: intitle:"GL.iNet Admin Panel" Exploit Author: Bandar Alharbi aggressor Vendor Homepage: www.gl-inet.com Tested Software Link:...

7.5CVSS7.1AI score0.19291EPSS
Exploits3
OSV
OSVadded 2024/03/18 11:15 a.m.0 views

UBUNTU-CVE-2024-26641

In the Linux kernel, the following vulnerability has been resolved: ip6tunnel: make sure to pull inner header in ip6tnlrcv syzbot found ip6tnlrcv could access unitiliazed data 1. Call pskbinetmaypull to fix this, and initialize ipv6h variable after this call as it can change skb-head. 1 BUG: KMSA...

5.5CVSS6.1AI score0.00015EPSS
Exploits0References30
SUSE CVE
SUSE CVEadded 2024/03/07 4:24 a.m.1 views

SUSE CVE-2024-28084

p2putil.c in iNet wireless daemon IWD through 2.15 allows attackers to cause a denial of service daemon crash or possibly have unspecified other impact because of initialization issues in situations where parsing of advertised service information fails...

6.5CVSS7.4AI score0.00151EPSS
Exploits0References3
Tenable Nessus
Tenable Nessusadded 2024/03/07 12:0 a.m.25 views

Fedora 38 : iwd / libell (2024-38faa9a2a8)

The remote Fedora 38 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2024-38faa9a2a8 advisory. iwd 2.15: Fix issue with notice events for connection timeouts. Fix issue with reason code and deauthenticate event. Fix issue with handling basename...

7.5CVSS7.8AI score0.00954EPSS
Exploits0References2
CNNVD
CNNVDadded 2024/03/06 12:0 a.m.3 views

GL.iNet Router Security Vulnerability

GL.iNet Router is a series of routers from China's Guanglian Zhitong GL.iNet. A security vulnerability exists in the GL.iNet Router 4.x firmware version, which originated from a vulnerability that allows an attacker to bypass authentication and gain access to the router's web interface...

7AI score0.00026EPSS
Exploits3References1
OSV
OSVadded 2024/03/04 6:15 p.m.1 views

DEBIAN-CVE-2021-47103

In the Linux kernel, the following vulnerability has been resolved: inet: fully convert sk-skrxdst to RCU rules syzbot reported various issues around early demux, one being included in this changelog 1 sk-skrxdst is using RCU protection without clearly documenting it. And following sequences in...

7.8CVSS5.5AI score0.00036EPSS
Exploits1References1
Prion
Prionadded 2024/03/04 6:15 p.m.14 views

Spoofing

In the Linux kernel, the following vulnerability has been resolved: inet: fully convert sk-skrxdst to RCU rules syzbot reported various issues around early demux, one being included in this changelog 1 sk-skrxdst is using RCU protection without clearly documenting it. And following sequences in...

7.3AI score0.00036EPSS
Exploits1References7
CVE
CVEadded 2024/03/04 6:10 p.m.156 views

CVE-2021-47103

CVE-2021-47103 is a Linux kernel vulnerability in the inet path where sk->sk_rx_dst was protected by RCU without proper documentation and ordering of dst_release and pointer clearing. The issue arose in tcp_v4_do_rcv/tcp_v6_do_rcv and related demux logic, creating potential use-after-free scen...

7.8CVSS6.3AI score0.00036EPSS
Exploits1References7Affected Software1
Cvelist
Cvelistadded 2024/03/04 6:10 p.m.17 views

CVE-2021-47103 inet: fully convert sk->sk_rx_dst to RCU rules

In the Linux kernel, the following vulnerability has been resolved: inet: fully convert sk-skrxdst to RCU rules syzbot reported various issues around early demux, one being included in this changelog 1 sk-skrxdst is using RCU protection without clearly documenting it. And following sequences in...

7.5AI score0.00036EPSS
Exploits1References7
NVD
NVDadded 2024/03/03 9:15 p.m.4 views

CVE-2024-28084

p2putil.c in iNet wireless daemon IWD through 2.15 allows attackers to cause a denial of service daemon crash or possibly have unspecified other impact because of initialization issues in situations where parsing of advertised service information fails...

7.5CVSS8AI score0.00151EPSS
Exploits0References6
OSV
OSVadded 2024/03/03 9:15 p.m.1 views

UBUNTU-CVE-2024-28084

p2putil.c in iNet wireless daemon IWD through 2.15 allows attackers to cause a denial of service daemon crash or possibly have unspecified other impact because of initialization issues in situations where parsing of advertised service information fails...

7.5CVSS5.8AI score0.00151EPSS
Exploits0References4
Positive Technologies
Positive Technologiesadded 2024/03/03 12:0 a.m.1 views

PT-2024-2303 · Unknown +1 · Inet Wireless Daemon +1

Name of the Vulnerable Software and Affected Versions: iNet wireless daemon IWD versions 2.15 and earlier Description: The issue is related to initialization problems in the p2putil.c component of the iNet wireless daemon IWD, which can cause a denial of service daemon crash or possibly have othe...

7.8CVSS7.5AI score0.00151EPSS
Exploits0References26
Vulnrichment
Vulnrichmentadded 2024/03/03 12:0 a.m.8 views

CVE-2024-28084

p2putil.c in iNet wireless daemon IWD through 2.15 allows attackers to cause a denial of service daemon crash or possibly have unspecified other impact because of initialization issues in situations where parsing of advertised service information fails...

7.8AI score0.00151EPSS
Exploits0References4
CVE
CVEadded 2024/03/03 12:0 a.m.6954 views

CVE-2024-28084

CVE-2024-28084 affects iNet wireless daemon (IWD) p2putil.c up to version 2.15. The issue stems from initialization during parsing of advertised service information, enabling denial of service via daemon crash and possibly other unspecified impact. Fedora advisories indicate fixes in iwd 2.16 and...

7.5CVSS7.9AI score0.00151EPSS
Exploits0References6Affected Software1
CNNVD
CNNVDadded 2024/03/03 12:0 a.m.4 views

iNet wireless daemon security vulnerability

iNet wireless daemon iwd is a network management tool used to manage wireless network interfaces in the Linux operating system. A security vulnerability exists in iNet wireless daemon IWD version 2.15 and earlier, which stems from a denial of service DOS vulnerability in p2putil.c. The...

7.5CVSS6.5AI score0.00151EPSS
Exploits0References4
NVD
NVDadded 2024/02/27 1:15 a.m.9 views

CVE-2024-27356

An issue was discovered on certain GL-iNet devices. Attackers can download files such as logs via commands, potentially obtaining critical user information. This affects MT6000 4.5.5, XE3000 4.4.4, X3000 4.4.5, MT3000 4.5.0, MT2500 4.5.0, AXT1800 4.5.0, AX1800 4.5.0, A1300 4.5.0, S200 4.1.4-0300,...

7.5CVSS6.6AI score0.19291EPSS
Exploits3References2
Prion
Prionadded 2024/02/27 1:15 a.m.23 views

Code injection

An issue was discovered on certain GL-iNet devices. Attackers can download files such as logs via commands, potentially obtaining critical user information. This affects MT6000 4.5.5, XE3000 4.4.4, X3000 4.4.5, MT3000 4.5.0, MT2500 4.5.0, AXT1800 4.5.0, AX1800 4.5.0, A1300 4.5.0, S200 4.1.4-0300,...

6.9AI score0.19291EPSS
Exploits3References2
EUVD
EUVDadded 2024/02/27 12:0 a.m.1 views

EUVD-2024-24560

An issue was discovered on certain GL-iNet devices. Attackers can download files such as logs via commands, potentially obtaining critical user information. This affects MT6000 4.5.5, XE3000 4.4.4, X3000 4.4.5, MT3000 4.5.0, MT2500 4.5.0, AXT1800 4.5.0, AX1800 4.5.0, A1300 4.5.0, S200 4.1.4-0300,...

7.5CVSS7.5AI score0.19291EPSS
Exploits3References2
CVE
CVEadded 2024/02/27 12:0 a.m.3611 views

CVE-2024-27356

CVE-2024-27356 affects GL.iNet devices (examples include MT6000 4.5.5, XE3000 4.4.4, X3000 4.4.5, MT3000 4.5.0, MT2500 4.5.0, and others listed). The issue allows an attacker to trigger commands that download files (e.g., logread.tar) from the device, potentially exposing critical user informatio...

7.5CVSS6.8AI score0.19291EPSS
Exploits3References2Affected Software1
Vulnrichment
Vulnrichmentadded 2024/02/27 12:0 a.m.12 views

CVE-2024-27356

An issue was discovered on certain GL-iNet devices. Attackers can download files such as logs via commands, potentially obtaining critical user information. This affects MT6000 4.5.5, XE3000 4.4.4, X3000 4.4.5, MT3000 4.5.0, MT2500 4.5.0, AXT1800 4.5.0, AX1800 4.5.0, A1300 4.5.0, S200 4.1.4-0300,...

6.9AI score0.19291EPSS
Exploits3References2
Rows per page
Query Builder