Lucene search
K

321 matches found

CVE
CVE
added 2025/11/13 12:0 a.m.15 views

CVE-2025-60673

CVE-2025-60673 describes an unauthenticated command-injection vulnerability in the D-Link DIR-878A1 router, firmware FW101B04.bin. The flaw exists in SetDMZSettings where the IPAddress parameter in prog.cgi is stored in NVRAM and later used by librcm.so to build iptables commands executed via tws...

6.5CVSS7.8AI score0.03565EPSS
Exploits1References4Affected Software1
CVE
CVE
added 2025/11/13 12:0 a.m.13 views

CVE-2025-60676

The CVE-2025-60676 entry concerns the D-Link DIR-878A1 router, firmware FW101B04.bin. Technical details across multiple connected sources confirm an unauthenticated command-injection in prog.cgi SetNetworkSettings, where IPAddress and SubnetMask are directly concatenated into shell commands execu...

6.5CVSS8AI score0.03531EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2025/11/13 12:0 a.m.8 views

CVE-2025-60673

An unauthenticated command injection vulnerability exists in the D-Link DIR-878A1 router firmware FW101B04.bin. The vulnerability occurs in the 'SetDMZSettings' functionality, where the 'IPAddress' parameter in prog.cgi is stored in NVRAM and later used by librcm.so to construct iptables commands...

0.03565EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2025/11/13 12:0 a.m.4 views

CVE-2025-60673

An unauthenticated command injection vulnerability exists in the D-Link DIR-878A1 router firmware FW101B04.bin. The vulnerability occurs in the 'SetDMZSettings' functionality, where the 'IPAddress' parameter in prog.cgi is stored in NVRAM and later used by librcm.so to construct iptables commands...

7.8AI score0.03565EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2025/11/13 12:0 a.m.6 views

Siemens SIMATIC S7-1500 Incorrect Calculation (CVE-2020-14422)

Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes, which might allow a remote attacker to cause a denial of service if an application is affected by the performance of a dictionary containing IPv4Interface or IPv6Interface...

5.9CVSS6.8AI score0.12826EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2025/11/05 12:0 a.m.2 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989444)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989444 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: iscsitcp: Fix UAF during login when accessing the shost ipaddress If during...

7.8CVSS6AI score0.00277EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.8 views

EUVD-2019-4369

Malware in sbrugna...

8.8CVSS6.8AI score0.02913EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2021-16395

Malware in sbrugna...

9.8CVSS7.7AI score0.06827EPSS
Exploits1References25
Tenable Nessus
Tenable Nessus
added 2025/10/07 12:0 a.m.1 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-986634)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-986634 advisory. In the Linux kernel, the following vulnerability has been resolved: scsi: iscsitcp: Fix UAF during login when accessing the shost ipaddress If during...

7.8CVSS6AI score0.00277EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-39262

Malicious code in bioql PyPI...

9.8CVSS9.1AI score0.01488EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/19 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2024-4032

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The ipaddress module contained incorrect information about whether certain IPv4 and IPv6 addresses were designated as globally reachable or private. This affect...

7.5CVSS6.5AI score0.01034EPSS
Exploits0References3
OSV
OSV
added 2025/08/11 1:52 p.m.4 views

BIT-LIBPYTHON-2024-4032 Incorrect IPv4 and IPv6 private ranges

The “ipaddress” module contained incorrect information about whether certain IPv4 and IPv6 addresses were designated as “globally reachable” or “private”. This affected the isprivate and isglobal properties of the ipaddress.IPv4Address, ipaddress.IPv4Network, ipaddress.IPv6Address, and...

7.5CVSS6.8AI score0.01034EPSS
Exploits0References15
OSV
OSV
added 2025/08/11 1:51 p.m.1 views

BIT-LIBPYTHON-2021-29921

In Python before 3,9,5, the ipaddress library mishandles leading zero characters in the octets of an IP address string. This in some situations allows attackers to bypass access control that is based on IP addresses...

9.8CVSS7.1AI score0.06827EPSS
Exploits1References18
OSV
OSV
added 2025/08/11 1:51 p.m.3 views

BIT-LIBPYTHON-2020-14422

Lib/ipaddress.py in Python through 3.8.3 improperly computes hash values in the IPv4Interface and IPv6Interface classes, which might allow a remote attacker to cause a denial of service if an application is affected by the performance of a dictionary containing IPv4Interface or IPv6Interface...

5.9CVSS6.8AI score0.12826EPSS
Exploits0References25
OSV
OSV
added 2025/08/01 10:21 a.m.5 views

SUSE-SU-2025:20539-1 Security update for python311

This update for python311 fixes the following issues: - CVE-2025-6069: Avoid worst case quadratic complexity when processing certain crafted malformed inputs with HTMLParser bsc1244705. Update to 3.11.13: - Security - gh-135034: Fixes multiple issues that allowed tarfile extraction filters...

9.4CVSS5.7AI score0.01184EPSS
Exploits14References16
SUSE Linux
SUSE Linux
added 2025/07/11 4:3 p.m.7 views

Security update for python36

This update for python36 fixes the following issues: CVE-2024-12718: Fixed extraction filter bypass that allowed file metadata modification outside extraction directory bsc1244056 CVE-2025-4138: Fixed issue that might allow symlink targets to point outside the destination directory, and the...

8.4CVSS7.7AI score0.01184EPSS
Exploits14References32
OSV
OSV
added 2025/07/11 4:3 p.m.13 views

SUSE-SU-2025:02297-1 Security update for python36

This update for python36 fixes the following issues: - CVE-2024-12718: Fixed extraction filter bypass that allowed file metadata modification outside extraction directory bsc1244056 - CVE-2025-4138: Fixed issue that might allow symlink targets to point outside the destination directory, and the...

9.4CVSS7.5AI score0.01184EPSS
Exploits14References17
SUSE Linux
SUSE Linux
added 2025/07/11 10:21 a.m.5 views

Security update for python311

This update for python311 fixes the following issues: CVE-2025-6069: Avoid worst case quadratic complexity when processing certain crafted malformed inputs with HTMLParser bsc1244705. Update to 3.11.13: Security gh-135034: Fixes multiple issues that allowed tarfile extraction filters filter="data...

8.4CVSS9.7AI score0.06304EPSS
Exploits15References44
OSV
OSV
added 2025/07/11 9:47 a.m.9 views

SUSE-SU-2025:20492-1 Security update for python311

This update for python311 fixes the following issues: - CVE-2025-6069: Avoid worst case quadratic complexity when processing certain crafted malformed inputs with HTMLParser bsc1244705. Update to 3.11.13: - Security - gh-135034: Fixes multiple issues that allowed tarfile extraction filters...

9.8CVSS6.6AI score0.06304EPSS
Exploits15References23
SUSE Linux
SUSE Linux
added 2025/06/21 9:4 a.m.4 views

Security update for python311

This update for python311 fixes the following issues: python311 was updated from version 3.11.10 to 3.11.13: Security issues fixed: CVE-2025-4516: Fixed blocking DecodeError handling vulnerability, which could lead to DoS bsc1243273. CVE-2024-12718, CVE-2025-4138, CVE-2025-4330, CVE-2025-4517:...

8.4CVSS6.1AI score0.01184EPSS
Exploits14References22
Rows per page
Query Builder