CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The vulnerability of the /web_cste/cgi-bin/product.ini component of the Telnet service in TOTOLINK T8 microprogramming device allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the /webcste/cgi-bin/product.ini component of the Telnet service in TOTOLINK T8 microprogramming router software is related to the use of pre-installed user credentials. Exploiting this vulnerability could allow an attacker to compromise the confidentiality, integrity, and...

10CVSS7.7AI score0.0042EPSS

Exploits1References2Affected Software1

Positive Technologies•added 2022/07/25 12:0 a.m.•3 views

PT-2022-8895 · Unknown · Conf-Cfg-Ini

Name of the Vulnerable Software and Affected Versions: conf-cfg-ini versions prior to 1.2.2 Description: The issue arises when an attacker submits a malicious INI file to an application that parses it with decode, resulting in prototype pollution on the application. This can be exploited further...

9.8CVSS9.3AI score0.00737EPSS

Exploits1References9

OSV•added 2022/07/22 11:4 a.m.•3 views

OESA-2022-1769 nodejs security update

Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js uses an event-driven, non-blocking I/O model that makes it lightweight and efficient, perfect for data-intensive real-time applications that run across distributed devices...

9.8CVSS6.7AI score0.01798EPSS

Exploits4References6

vulnersOsv•added 2021/04/13 3:23 p.m.•1 views

@ubleipzig/autoconfig (>=2.1.0 <=2.3.1), cardinalkeeper (>=0.0.2 <=0.0.5) +11 more potentially affected by CVE-2020-28460 via multi-ini (>=0.4.1 <=2.1.0)

multi-ini NPM version =0.4.1, =2.1.0, =0.0.2, =2.7.0, =1.0.0, =2.24.6-telemetry-test.19, =2.12.64-telemetry-test.19, =0.1.54-telemetry-test.19, =1.3.21-telemetry-test.19, =0.0.0, =0.0.1, =0.0.1, =0.0.1, =1.0.0, =1.0.7 Source cves: CVE-2020-28460 Source advisory: OSV:GHSA-67MQ-H2R9-RH2M...

8.1CVSS7.2AI score0.0053EPSS

Exploits1

CNNVD•added 2020/12/11 12:0 a.m.•3 views

npm Ini Resource Management Error Vulnerability

npm Ini is a Javascript-based code library for parsing and serializing Ini format files from the US-based npm Inc. A resource management error vulnerability exists in npm Ini 1.3.6, which allows an attacker to exploit the vulnerability by submitting a malicious INI file to an application that wil...

9.8CVSS6.8AI score0.00291EPSS

Exploits1References21

vulnersOsv•added 2020/12/08 1:2 p.m.•1 views

37fis (>=1.0.0 <=1.0.2), 3loc (>=0.2.0 <=0.4.0) +1853 more potentially affected by CVE-2020-7788 via ini (>=1.0.0 <=1.3.5)

ini NPM version =1.0.0, =1.0.0, =0.2.0, =1.0.1, =0.13.31, =0.0.17, =1.0.0, =1.0.0, =6.1.3, =1.0.99, =0.0.1-beta.2, =0.0.1-beta.2, =0.0.1-beta.2, =6.2.9, =11.1.0-next.2 and more Source cves: CVE-2020-7788 Source advisory: SNYK:JS-INI-1048974...

9.8CVSS6.7AI score0.00291EPSS

Exploits1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by