Lucene search
K

469 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 7:47 a.m.8 views

CVE-2018-17006

An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices. Authenticated attackers can crash router services e.g., inetd, HTTP, DNS, and UPnP via long JSON data for firewall lanmanage mac2...

6.5CVSS7.1AI score0.0104EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:47 a.m.6 views

CVE-2018-17011

An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices. Authenticated attackers can crash router services e.g., inetd, HTTP, DNS, and UPnP via long JSON data for hostsinfo para sun...

6.5CVSS7.1AI score0.0104EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:47 a.m.5 views

CVE-2018-17009

An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices. Authenticated attackers can crash router services e.g., inetd, HTTP, DNS, and UPnP via long JSON data for wireless wlanhost2g isolate...

6.5CVSS7.1AI score0.0104EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:47 a.m.10 views

CVE-2018-17015

An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices. Authenticated attackers can crash router services e.g., inetd, HTTP, DNS, and UPnP via long JSON data for ddns phddns username...

6.5CVSS7.1AI score0.0104EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:47 a.m.6 views

CVE-2018-17007

An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices. Authenticated attackers can crash router services e.g., inetd, HTTP, DNS, and UPnP via long JSON data for wireless wlanwds2g ssid...

6.5CVSS7.1AI score0.0104EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:47 a.m.8 views

CVE-2018-17018

An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices. Authenticated attackers can crash router services e.g., inetd, HTTP, DNS, and UPnP via long JSON data for timeswitch name...

6.5CVSS7.1AI score0.0104EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:47 a.m.7 views

CVE-2018-17014

An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices. Authenticated attackers can crash router services e.g., inetd, HTTP, DNS, and UPnP via long JSON data for ipmacbind name...

6.5CVSS7.1AI score0.0104EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:6 a.m.7 views

CVE-2012-3888

The login implementation in AirDroid 1.0.4 beta allows remote attackers to bypass a multiple-login protection mechanism by modifying a pass value within JSON data...

5CVSS7AI score0.01431EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 4:58 a.m.6 views

CVE-2018-17010

An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices. Authenticated attackers can crash router services e.g., inetd, HTTP, DNS, and UPnP via long JSON data for wireless wlanhost2g bandwidth...

6.5CVSS7.1AI score0.0104EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 3:13 a.m.7 views

CVE-2018-17013

An issue was discovered on TP-Link TL-WR886N 6.0 2.3.4 and TL-WR886N 7.0 1.1.0 devices. Authenticated attackers can crash router services e.g., inetd, HTTP, DNS, and UPnP via long JSON data for protocol wan wanrate...

6.5CVSS7.1AI score0.0104EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 12:29 a.m.8 views

CVE-2013-1646

Multiple cross-site scripting XSS vulnerabilities in Open-Xchange Server before 6.20.7 rev14, 6.22.0 before rev13, and 6.22.1 before rev14 allow remote attackers to inject arbitrary web script or HTML via 1 invalid JSON data in a mail-sending POST request, 2 an arbitrary parameter to...

4.3CVSS5.8AI score0.01383EPSS
Exploits5References1
Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.10 views

Linux Distros Unpatched Vulnerability : CVE-2014-3188

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Google Chrome before 38.0.2125.101 and Chrome OS before 38.0.2125.101 do not properly handle the interaction of IPC and Google V8, which allows remote attackers...

10CVSS8.7AI score0.0595EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/02/22 12:24 a.m.6 views

CVE-2024-37361

The application deserializes untrusted data without sufficiently verifying that the resulting data will be valid. CWE-502 Hitachi Vantara Pentaho Business Analytics Server versions before 10.2.0.0 and 9.3.0.9, including 8.3.x, deserialize untrusted JSON data without constraining the parser to...

9.9CVSS6.9AI score0.00482EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/02/20 11:26 a.m.27 views

CVE-2025-0868 Remote Code Execution in DocsGPT

A vulnerability, that could result in Remote Code Execution RCE, has been found in DocsGPT. Due to improper parsing of JSON data using eval an unauthorized attacker could send arbitrary Python code to be executed via /api/remote endpoint.. This issue affects DocsGPT: from 0.8.1 through 0.12.0...

9.3CVSS0.15099EPSS
Exploits3References3
NVD
NVD
added 2025/02/20 12:15 a.m.4 views

CVE-2024-37361

The application deserializes untrusted data without sufficiently verifying that the resulting data will be valid. CWE-502 Hitachi Vantara Pentaho Business Analytics Server versions before 10.2.0.0 and 9.3.0.9, including 8.3.x, deserialize untrusted JSON data without constraining the parser to...

9.9CVSS0.00482EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/02/19 11:25 p.m.3 views

CVE-2024-37361 Hitachi Vantara Pentaho Business Analytics Server - Deserialization of Untrusted Data

The application deserializes untrusted data without sufficiently verifying that the resulting data will be valid. CWE-502 Hitachi Vantara Pentaho Business Analytics Server versions before 10.2.0.0 and 9.3.0.9, including 8.3.x, deserialize untrusted JSON data without constraining the parser to...

9.9CVSS9.6AI score0.00482EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 8:14 p.m.8 views

CVE-2022-4815

Hitachi Vantara Pentaho Business Analytics Server versions before 9.4.0.1 and 9.3.0.3, including 8.3.x deserialize untrusted JSON data without constraining the parser to approved classes and methods...

8.8CVSS6.8AI score0.00628EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/02/05 12:13 a.m.13 views

CVE-2024-4287

In mintplex-labs/anything-llm, a vulnerability exists due to improper input validation in the workspace update process. Specifically, the application fails to validate or format JSON data sent in an HTTP POST request to /api/workspace/:workspace-slug/update, allowing it to be executed as part of ...

8.1CVSS7.9AI score0.0061EPSS
Exploits1
RedHat Linux
RedHat Linux
added 2025/01/20 9:11 p.m.7 views

iperf: Denial of Service in iperf Due to Improper JSON Handling

A flaw was found in iperf. This vulnerability allows a Denial of Service DoS via the injection of malformed JSON data, which can result in a segmentation fault when a NULL pointer is passed to strdup...

7.5CVSS5.7AI score0.00908EPSS
Exploits1References6
NVD
NVD
added 2025/01/17 7:15 a.m.9 views

CVE-2024-12637

The Moving Users plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.05 via the export functionality. The JSON files are stored in predictable locations with guessable file names when exporting user data. This could allow unauthenticated...

5.3CVSS0.00505EPSS
Exploits0References3
Rows per page
Query Builder