CVE-2023-51739

This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Device Name parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the parameter at the web...

Changing TCBServiSign 安全漏洞

Changing TCBServiSign is a cross-platform security control component from Changing, China. A security vulnerability exists in Changing TCBServiSign versions prior to 1.0.24.0318, which stems from a specific API that does not correctly validate the length of server-side inputs, and allows an...

OpenJDK: JVM class file verifier flaw allows unverified bytecode execution (8314295)

Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. Successful attacks of this vulnerability can result in unauthorized creation, deletion or...

CVE-2023-51723

This vulnerability exist in Skyworth Router CM5100, version 4.1.1.24, due to insufficient validation of user supplied input for the Description parameter at its web interface. A remote attacker could exploit this vulnerability by supplying specially crafted input to the parameter at the web...

PT-2024-14261 · Skyworth · Skyworth Router Cm5100

Name of the Vulnerable Software and Affected Versions: Skyworth Router CM5100 version 4.1.1.24 Description: This issue exists due to insufficient validation of user-supplied input for the Time Server 3 parameter at the web interface. A remote attacker could exploit this by supplying specially...

Schweitzer Engineering Laboratories Real Time Automation Controller 跨站脚本漏洞

Schweitzer Engineering Laboratories Real Time Automation Controller SEL RTAC is a powerful and versatile automation platform from Schweitzer Engineering Laboratories. A security vulnerability exists in the Schweitzer Engineering Laboratories Real Time Automation Controller that originates from...

Cisco Small Business 命令注入漏洞

Cisco Small Business is a switch from Cisco USA. A security vulnerability exists in the Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325, which stems from insufficient validation of inputs to the web-based management interface...

Cisco Small Business 跨站脚本漏洞

Cisco Small Business is a switch from Cisco USA. A security vulnerability exists in the Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325, which stems from insufficient validation of inputs to the web-based management interface...

Cisco Small Business 220 Series Smart Switches 跨站脚本漏洞

Cisco Small Business 220 Series Smart Switches is a small smart switch device from Cisco. A cross-site scripting vulnerability exists in the Cisco Small Business 220 Series Smart Switches, which originates from a vulnerability in the web management interface of the Cisco Small Business 220 Series...

CVE-2020-36178

oaliptaddBridgeIsolationRules on TP-Link TL-WR840N 6EU0.9.14.16 devices allows OS command injection because a raw string entered from the web interface an IP address field is used directly for a call to the system library function for iptables. NOTE: oaliptaddBridgeIsolationRules is not the only...

PT-2020-5092 · Cisco · Cisco Firepower Management Center

Name of the Vulnerable Software and Affected Versions: Cisco Firepower Management Center affected versions not specified Description: The issue is related to insufficient validation of user-supplied input by the web-based management interface, allowing an authenticated, remote attacker to conduct...

PT-2020-2597

Name of the Vulnerable Software and Affected Versions Java SE versions 7u251, 8u241, 11.0.6, and 14 Java SE Embedded version 8u241 Description The issue is related to insufficient input validation in the Lightweight HTTP Server component of Oracle Java SE and Java SE Embedded. This can be exploit...

UBUNTU-CVE-2013-7106

Multiple stack-based buffer overflows in Icinga before 1.8.5, 1.9 before 1.9.4, and 1.10 before 1.10.2 allow remote authenticated users to cause a denial of service crash and possibly execute arbitrary code via a long string to the 1 displaynavtable, 2 pagelimitselector, 3 printexportlink, or 4...

CVE-2012-1350

Cisco IOS 12.3 and 12.4 on Aironet access points allows remote attackers to cause a denial of service radio-interface input-queue hang via IAPP 0x3281 packets, aka Bug ID CSCtc12426...